Pic hosting not working???

Discussion in 'Feedback | Site Announcements' started by 73k5blazer, Jun 14, 2020.

  1. 73k5blazer

    73k5blazer End the H1B Program! Premium Member

    Joined:
    Dec 28, 2001
    Posts:
    5,325
    Likes Received:
    490
    Location:
    The Rustbelt
    Build(s):
    1
    I post pics from my own website (https://snyderworld.org) on here for years (15+ years?). Now my pics show red x's. (example : https://ck5.com/forums/threads/june-14th-1987.340428/#post-4087300 )
    I have a redirect to https so all my old posts pic urls which have never changed work. Since about 3-4 years ago i use https nativly when I post. I switched years ago to SSL certs and it worked I know at least up until a month or two ago my pics used to show here.

    All the SSL website checkers show my site as trusted and good.
    --------
    Results for https://snyderworld.org:
    Trusted Yes
    Mozilla Apple Android Java Windows CentOS AIX Solaris openSUSE Fedora
    --------

    So why on CK5 are my pics from my website that I insert show as red x's all of a sudden when nothing on my end has changed for at least a year???
     
    Last edited: Jun 14, 2020
  2. CK5

    CK5 In my underwear Administrator Premium Member GMOTM Winner Author

    Joined:
    May 19, 1999
    Posts:
    22,979
    Likes Received:
    3,095
    Location:
    CO
    Build(s):
    1
    You should be able to simply use your image URL.
    [​IMG]
     
  3. CK5

    CK5 In my underwear Administrator Premium Member GMOTM Winner Author

    Joined:
    May 19, 1999
    Posts:
    22,979
    Likes Received:
    3,095
    Location:
    CO
    Build(s):
    1
    Hmmm, everything is correct on this side so I don't know, maybe ask your host?
     
  4. 73k5blazer

    73k5blazer End the H1B Program! Premium Member

    Joined:
    Dec 28, 2001
    Posts:
    5,325
    Likes Received:
    490
    Location:
    The Rustbelt
    Build(s):
    1
    I'm my own host, servers in my basement! Always have been. I've been posting pics here for years from my website in this manner and they've always worked up until well I can only say about a month ago for sure. . I'm using the pic url or image insert and put in url as always. I can paste those urls to my browser and they show up just fine. They continue to work on other sites, just not here at ck5.
    Usually it's a result of your proxying engine not trusting the website or thinking the website from where the pic is coming from is not trusted, but all the ssl checker places show my cert's as good and website as trusted no issues. Definitely something here on this site blocking.
     
  5. CK5

    CK5 In my underwear Administrator Premium Member GMOTM Winner Author

    Joined:
    May 19, 1999
    Posts:
    22,979
    Likes Received:
    3,095
    Location:
    CO
    Build(s):
    1
    Hmm, haven't touched that in a few years.
     
  6. 73k5blazer

    73k5blazer End the H1B Program! Premium Member

    Joined:
    Dec 28, 2001
    Posts:
    5,325
    Likes Received:
    490
    Location:
    The Rustbelt
    Build(s):
    1
    So I figured out what this is.
    Your forum software requires the pic hosting site to have HTTP Strict Transport Security (HSTS) enabled.
    I serve my own pics and have for years (since 2001), at some point SSL became a requirement, that's fine. I turned that on years ago. But recently pics stopped dispaying on ck5, until I turned on HSTS and pics I host in posts on ck5 re-appeared again, thankfully.

    HSTS however seems a rather extreme requirement and must be required by default in some upgrade to your forum at some point.
    SSL tls1.2+ should be sufficient, hsts is a directive on other (hosting) web servers to say I only accept https, which is already a requirement of your forum software,your forum won't serve pics from any http url any more and hasn't for a long while, which is fine. Basically it's saying I require https, which is great, but if you host things to anyone else via http I won't accept pics from your website even via https...which...seems a little extreme. Anyway, just an FYI. Probably nobody else cares because most people don't host their own pics. My old posts show pics again!!!
    Thanks!
     
    Last edited: Nov 16, 2020
  7. 73k5blazer

    73k5blazer End the H1B Program! Premium Member

    Joined:
    Dec 28, 2001
    Posts:
    5,325
    Likes Received:
    490
    Location:
    The Rustbelt
    Build(s):
    1
    Incidentally, your own website ck5.com does not have hsts turned on! Which is probably good as you might block people with older browsers if you did, which is why I say HSTS seems a rather extreme requirement for pics to show up on ck5 from other websites. (you can test your own server at https://www.ssllabs.com/ssltest/index.html)
     
    Last edited: Nov 16, 2020

Share This Page