Re: [Qgis-developer] Certificate update QGIS servers
On 07-08-15 10:26, Richard Duivenvoorde wrote: Let's see what the which verdict is given by Google-UberMaster after their review ... (rest of discussion on SAC list as some osgeo sites have some problem) [0] Ok, fully removed qgis website yesterday, and clean rebuild it after removing references to raw.githusercontent.com... Asked for a review.. This morning: www.qgis.org should be ok now (but As a result, we're removing the malware warning from your site. This may take some time to happen. www.qgis.org/pyqgis-cookbook 'still infected' :-( (again NO hints, do not know where to look for...) Thanks Google... NOT Richard [0] https://lists.osgeo.org/pipermail/sac/2015-August/005746.html ___ Qgis-developer mailing list Qgis-developer@lists.osgeo.org http://lists.osgeo.org/mailman/listinfo/qgis-developer
Re: [Qgis-developer] Certificate update QGIS servers
On 06-08-15 21:44, Nyall Dawson wrote: Dash is showing this too: http://dash.orfeo-toolbox.org/index.php?project=QGIS That's not even hosted by us... Nope, and has nothing to do with us either... https://dash.orfeo-toolbox.org/index.php (not only when you try to visit via httpS) shows this sign too I've sent an email to kitware the makers of dash Regards, Richard ___ Qgis-developer mailing list Qgis-developer@lists.osgeo.org http://lists.osgeo.org/mailman/listinfo/qgis-developer
Re: [Qgis-developer] Certificate update QGIS servers
On 06-08-15 22:45, Andreas Neumann wrote: So Richard - could you try to follow the Webmaster Tools link and see if we can get more information? Did that. Does NOT give any information... It seems to have something to do with using httpS when visiting https://www.qgis.org because visiting https://qgis.org is ok... My quess is/was that we had/have spam links in our wiki, but as said, Google gives you the possibility to list the tainted url's... but that list is emtpy :-( I've asked for a new 'review' now from Google. Which can take up 24 hours they say... The other thing to check is if the very recent certificate updates maybe trigger this warning? mmm, should not be the case, I think it is a coincident that Matthias check/found this. But I even reverted the certificate now (you should see that it is still valid until 18-10-15), but according to Google we are still tainted... Let's see what the which verdict is given by Google-UberMaster after their review ... Regards, Richard Duivenvoorde ___ Qgis-developer mailing list Qgis-developer@lists.osgeo.org http://lists.osgeo.org/mailman/listinfo/qgis-developer
Re: [Qgis-developer] Certificate update QGIS servers
Hi Richard, Thank you for dealing with this very annoying issue. It is easy to ruin a good reputation, but not so easy to gain one. And it is especially annoying if such warnings to not provide enough meaningful information to fix such warnings. Andreas On 2015-08-07 10:26, Richard Duivenvoorde wrote: On 06-08-15 22:45, Andreas Neumann wrote: So Richard - could you try to follow the Webmaster Tools link and see if we can get more information? Did that. Does NOT give any information... It seems to have something to do with using httpS when visiting https://www.qgis.org [1] because visiting https://qgis.org [2] is ok... My quess is/was that we had/have spam links in our wiki, but as said, Google gives you the possibility to list the tainted url's... but that list is emtpy :-( I've asked for a new 'review' now from Google. Which can take up 24 hours they say... The other thing to check is if the very recent certificate updates maybe trigger this warning? mmm, should not be the case, I think it is a coincident that Matthias check/found this. But I even reverted the certificate now (you should see that it is still valid until 18-10-15), but according to Google we are still tainted... Let's see what the which verdict is given by Google-UberMaster after their review ... Regards, Richard Duivenvoorde ___ Qgis-developer mailing list Qgis-developer@lists.osgeo.org http://lists.osgeo.org/mailman/listinfo/qgis-developer [3] Links: -- [1] https://www.qgis.org [2] https://qgis.org [3] http://lists.osgeo.org/mailman/listinfo/qgis-developer ___ Qgis-developer mailing list Qgis-developer@lists.osgeo.org http://lists.osgeo.org/mailman/listinfo/qgis-developer
Re: [Qgis-developer] Certificate update QGIS servers
Hi, I don't know what the problem is At https://www.google.com/safebrowsing/diagnostic?site=http%3A%2F%2Fwww.qgis.org%2Fpyqgis-cookbook%2Fclient=googlechromehl=en-US it says: * If you are the owner of this web site, you can request a review of your site using GoogleWebmaster Tools http://www.google.com/webmasters/tools/. More information about the review process is available in Google'sWebmaster Help Center http://www.google.com/support/webmasters/bin/answer.py?answer=45432. So Richard - could you try to follow the Webmaster Tools link and see if we can get more information? The other thing to check is if the very recent certificate updates maybe trigger this warning? Andreas On 06.08.2015 19:28, Richard Duivenvoorde wrote: Mmm, looking into the links from google one points to: https://www.google.com/safebrowsing/diagnostic?site=AS:15169client=googlechromehl=en-US the only thing I can think of is that we have spam links in our wiki pages (well, I'm pretty sure we had/have those)... can that be the problem? anybody else an idea? Regards, Richard On 06-08-15 16:43, Matthias Kuhn wrote: Navigating to: http://www.qgis.org/pyqgis-cookbook/ in Google Chrome gives me The site ahead contains harmful programs Attackers on *www.qgis.org* might attempt to trick you into installing programs that harm your browsing experience (for example, by changing your homepage or showing extra ads on sites you visit). Clicking on the info link gives the following: https://www.google.com/safebrowsing/diagnostic?site=http%3A%2F%2Fwww.qgis.org%2Fpyqgis-cookbook%2Fclient=googlechromehl=en-US It sounds scary. Does anybody have an idea what's happening? Cheers, Matthias On 08/06/2015 12:29 PM, Richard Duivenvoorde wrote: Hi, FYI we updated the certificates for hub.qgis.org plugins.qgis.org While I was pretty sure we scored an A on https://www.ssllabs.com/ssltest/index.html Now hub (on osgeo) scores a C, while plugins (qgis2) still scores an A... both apache servers share the same config (but different versions of Apache) I think we need to make a plan for migrating to a newer Debian/Trac version... Regards, Richard Duivenvoorde ___ Qgis-developer mailing list Qgis-developer@lists.osgeo.org http://lists.osgeo.org/mailman/listinfo/qgis-developer ___ Qgis-developer mailing list Qgis-developer@lists.osgeo.org http://lists.osgeo.org/mailman/listinfo/qgis-developer ___ Qgis-developer mailing list Qgis-developer@lists.osgeo.org http://lists.osgeo.org/mailman/listinfo/qgis-developer
Re: [Qgis-developer] Certificate update QGIS servers
On 7 Aug 2015 12:43 am, Matthias Kuhn matth...@opengis.ch wrote: Navigating to: http://www.qgis.org/pyqgis-cookbook/ in Google Chrome gives me The site ahead contains harmful programs Attackers on www.qgis.org might attempt to trick you into installing programs that harm your browsing experience (for example, by changing your homepage or showing extra ads on sites you visit). Dash is showing this too: http://dash.orfeo-toolbox.org/index.php?project=QGIS That's not even hosted by us... Nyall Clicking on the info link gives the following: https://www.google.com/safebrowsing/diagnostic?site=http%3A%2F%2Fwww.qgis.org%2Fpyqgis-cookbook%2Fclient=googlechromehl=en-US It sounds scary. Does anybody have an idea what's happening? Cheers, Matthias On 08/06/2015 12:29 PM, Richard Duivenvoorde wrote: Hi, FYI we updated the certificates for hub.qgis.org plugins.qgis.org While I was pretty sure we scored an A on https://www.ssllabs.com/ssltest/index.html Now hub (on osgeo) scores a C, while plugins (qgis2) still scores an A... both apache servers share the same config (but different versions of Apache) I think we need to make a plan for migrating to a newer Debian/Trac version... Regards, Richard Duivenvoorde ___ Qgis-developer mailing list Qgis-developer@lists.osgeo.org http://lists.osgeo.org/mailman/listinfo/qgis-developer ___ Qgis-developer mailing list Qgis-developer@lists.osgeo.org http://lists.osgeo.org/mailman/listinfo/qgis-developer ___ Qgis-developer mailing list Qgis-developer@lists.osgeo.org http://lists.osgeo.org/mailman/listinfo/qgis-developer
Re: [Qgis-developer] Certificate update QGIS servers
FYI Our users are already reporting the warning too https://twitter.com/mjfoster83/status/629300593987833856 On Thu, Aug 6, 2015 at 7:28 PM, Richard Duivenvoorde rdmaili...@duif.net wrote: Mmm, looking into the links from google one points to: https://www.google.com/safebrowsing/diagnostic?site=AS:15169client=googlechromehl=en-US the only thing I can think of is that we have spam links in our wiki pages (well, I'm pretty sure we had/have those)... can that be the problem? anybody else an idea? Regards, Richard On 06-08-15 16:43, Matthias Kuhn wrote: Navigating to: http://www.qgis.org/pyqgis-cookbook/ in Google Chrome gives me The site ahead contains harmful programs Attackers on *www.qgis.org* might attempt to trick you into installing programs that harm your browsing experience (for example, by changing your homepage or showing extra ads on sites you visit). Clicking on the info link gives the following: https://www.google.com/safebrowsing/diagnostic?site=http%3A%2F%2Fwww.qgis.org%2Fpyqgis-cookbook%2Fclient=googlechromehl=en-US It sounds scary. Does anybody have an idea what's happening? Cheers, Matthias On 08/06/2015 12:29 PM, Richard Duivenvoorde wrote: Hi, FYI we updated the certificates for hub.qgis.org plugins.qgis.org While I was pretty sure we scored an A on https://www.ssllabs.com/ssltest/index.html Now hub (on osgeo) scores a C, while plugins (qgis2) still scores an A... both apache servers share the same config (but different versions of Apache) I think we need to make a plan for migrating to a newer Debian/Trac version... Regards, Richard Duivenvoorde ___ Qgis-developer mailing list Qgis-developer@lists.osgeo.org http://lists.osgeo.org/mailman/listinfo/qgis-developer ___ Qgis-developer mailing list Qgis-developer@lists.osgeo.org http://lists.osgeo.org/mailman/listinfo/qgis-developer ___ Qgis-developer mailing list Qgis-developer@lists.osgeo.org http://lists.osgeo.org/mailman/listinfo/qgis-developer
Re: [Qgis-developer] Certificate update QGIS servers
Mmm, looking into the links from google one points to: https://www.google.com/safebrowsing/diagnostic?site=AS:15169client=googlechromehl=en-US the only thing I can think of is that we have spam links in our wiki pages (well, I'm pretty sure we had/have those)... can that be the problem? anybody else an idea? Regards, Richard On 06-08-15 16:43, Matthias Kuhn wrote: Navigating to: http://www.qgis.org/pyqgis-cookbook/ in Google Chrome gives me The site ahead contains harmful programs Attackers on *www.qgis.org* might attempt to trick you into installing programs that harm your browsing experience (for example, by changing your homepage or showing extra ads on sites you visit). Clicking on the info link gives the following: https://www.google.com/safebrowsing/diagnostic?site=http%3A%2F%2Fwww.qgis.org%2Fpyqgis-cookbook%2Fclient=googlechromehl=en-US It sounds scary. Does anybody have an idea what's happening? Cheers, Matthias On 08/06/2015 12:29 PM, Richard Duivenvoorde wrote: Hi, FYI we updated the certificates for hub.qgis.org plugins.qgis.org While I was pretty sure we scored an A on https://www.ssllabs.com/ssltest/index.html Now hub (on osgeo) scores a C, while plugins (qgis2) still scores an A... both apache servers share the same config (but different versions of Apache) I think we need to make a plan for migrating to a newer Debian/Trac version... Regards, Richard Duivenvoorde ___ Qgis-developer mailing list Qgis-developer@lists.osgeo.org http://lists.osgeo.org/mailman/listinfo/qgis-developer 0xE038343E.asc Description: application/pgp-keys ___ Qgis-developer mailing list Qgis-developer@lists.osgeo.org http://lists.osgeo.org/mailman/listinfo/qgis-developer
Re: [Qgis-developer] Certificate update QGIS servers
Navigating to: http://www.qgis.org/pyqgis-cookbook/ in Google Chrome gives me The site ahead contains harmful programs Attackers on *www.qgis.org* might attempt to trick you into installing programs that harm your browsing experience (for example, by changing your homepage or showing extra ads on sites you visit). Clicking on the info link gives the following: https://www.google.com/safebrowsing/diagnostic?site=http%3A%2F%2Fwww.qgis.org%2Fpyqgis-cookbook%2Fclient=googlechromehl=en-US It sounds scary. Does anybody have an idea what's happening? Cheers, Matthias On 08/06/2015 12:29 PM, Richard Duivenvoorde wrote: Hi, FYI we updated the certificates for hub.qgis.org plugins.qgis.org While I was pretty sure we scored an A on https://www.ssllabs.com/ssltest/index.html Now hub (on osgeo) scores a C, while plugins (qgis2) still scores an A... both apache servers share the same config (but different versions of Apache) I think we need to make a plan for migrating to a newer Debian/Trac version... Regards, Richard Duivenvoorde ___ Qgis-developer mailing list Qgis-developer@lists.osgeo.org http://lists.osgeo.org/mailman/listinfo/qgis-developer ___ Qgis-developer mailing list Qgis-developer@lists.osgeo.org http://lists.osgeo.org/mailman/listinfo/qgis-developer