New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Dude either you are retarded or you are lost with WHT gurus (?).
That was something different, please do not mix irrelevant stuffs together.
And by saying you understand my points, you are actually contradicting yourself with your response.
It is the whole point. SSL, is nothing more than a saftey blanket when you are not collecting credit card numbers. As Name, Address and Phone number are not considered protected (private) information.
SSL doesn't protect sensitive data. It only protects the connection at the time you make the connection. We don't allow the reseting of your vps and such via our control panel. That is a big security hole. Place such as turnkeyinternet.net even allow you to reboot, turn off and login to your vps control panel. We believe that to be a big security hole as if someone does get your login information for the billing system, the only thing they should be able to do is pay your bill.
Why do you keep saying that passwords are not sensitive data?
You don't understand at all you keep going back to passwords.
First you shouldn't use the same password here as you do somewhere else.
Second, passwords used on our billing portal only allow 1 thing to pay you bill or order service again which is done through paypal.
So what good would getting your password do as, you are not an administrator? They can't change your email in our system. We can't protect against people using the same password everywhere. We are working on having dual authentication added to our whmcs install which again requires more pieces of information to login. Again your so worried about the ssl on my billing site for login, but what about your login here at leb? Not ssl, but you still sign in here. So your whole argument is a crock. Only an argument when you want to look past you sign in at forums and such.
You don't understand how SSL works. Period.
Or to be more precise, I doubt you understand how TCP/IP works.
...
@gsrdgrdghd
I am out with this. There is no need to lose our time with this guy
Me too. No point talking to someone who doesn't understand how Internet works.
Problem is I do understand how it works. As I have gone to college for this. I am not some 15 year old kid. I got a few years under my belt. Problem is your not understanding that since we don't hold data that is considered private data, other than passwords, which again are encrypted in the database. There is nothing protected using ssl other than your login name and password, which through our billing system would only allow the person to pay your bill for you!
@24khost even though my Spanish is worst than my English skill,
callate la boca
People's here are smarter than your wht gurus. I am out of your BS.
Ok believe what you want ninjahawk bring your thoughts to wht! Let's see how you fair there with people who been in the business 4-5 times longer than you. You may have these people here fooled. Some of us have college education, and life experience. Some of us have worked for companies that are large. And some of us might just be pretending to be a big boy.
tldr this thread is dumb
And I know of some idiot people working at Google...
You are not a big boy. Jeesus get the facts right. You are not even a registered business. We have been hosting clients since 2006, offered online hosting service at around 08, Before you even knew what hosting was. The only reason I hate wht is cause they have a few people out of their crap pile of users who actually even know what they are doing. The rest are self claimed guru who doesn't even know the difference between ECC and non ECC ram. Those who consider whm clicking experience as level3 administration skill, those who doesn't know the difference between ovz, xen and kvm a week ago and the next week, they have a vps compnay, those who offers sysadmin service while there own server gets hacked. Please. If you get atleast 1 corporate memeber agree with your comment from wht, I will pay for my corporate membership.
Why not open a thread over wht and link this thread as reference? Lets see what they can come up with?
Already done sir
http://www.webhostingtalk.com/showthread.php?t=1180562
Can you please link this thread to your forum post for reference like I have linked wht above?
http://www.webhostingtalk.com/showthread.php?t=1180562
wht does not allow posting of links to other forums.
I doubt your comment.
Could you verify who is right.
I knew about anagement but when that management gets boozed up and take a live node down, you become speechless. O btw, that was a RHEL kernel bug
Edit: Shoutout to @Jarland for helping me out with that issue!
I am not saying that it is not an extra security precaution, but that technically it is not required, due to no cc data being stored on file, I have posted links directly from paypal, godaddy and other companies that sell them that state exactly what I stated.
I have an SSL just had not been reinstalled since we moved the billing to a different server. It made the data stored there no less secure than if there had been and ssl installed. That is my point.
@ZEN My question was that,
Will that free up (As it was supposed to). The only reason I had to ask like that was becuase, well it was not freeing up, I got either dumbfucdged or mindfucdged. But ya wth.
@24khost, since when webdesign became webhosting related course?
I guess it really depends on the school you go to. A lot of them now days teach php coding and such other languages and security. These things all apply to webhosting.
@24khost We can't protect against people using the same password everywhere
If you really believed that, then you wouldn't bother salting and hashing their password before saving it to the DB. So obviously you can, and it's just a question of how far do you want to go.
So here's what you want to hear: You're right, if you have no private information on your billing panel, you don't NEED to use SSL.
But why the hell wouldn't you, if for no other reason than because it helps protect stupid users?
I have ssl, we just hadn't reinstalled it since we moved it a month or 2 ago cause again it is technically not needed.
Correct with the part that we do believe the database should be hased and particularly harder than whmcs is now with sha256 with salt.
Lol @24kHost even at wht, they are saying you are wrong and keep on arguing.
Some of them are, but again what is considered private information.
tldr bad thread why is it still alive after i tldr'd it earlier