Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

How to Remove aes.js file

edited June 13 in Other Discussions

Hi!
Dear All!

Today when I try to do something with my site an error occurs which is caused by an JS file located at
http://ranakhas.rf.gd/aes.js
while I've no such a file then after little bit searching I found this file on every IF site!
Some questions which I need answers

Is this file secure?
Why on every site?
The file I found is on
https://www.pctips.gq/aes.js of @ChrisPAR
https://mrjunior.cf/aes.js of @MrJunior
http://ranakhas.rf.gd/aes.js of @Ranakhas
http://url.rf.gd/aes.js just as random site
http://rf.gd/aes.js of @Admin
Why this file is necessary?
Why there is no such a file on infinityfree.net **
**Any way to remove it?

Is it related to ?i=1
The only problem I ever had while obtaining SSL is this file!
Is it possible to remove it?
where did @Admin host IF?
What is your site URL @UnknownLolz ?

I want Answer from @AlanTiller and @Admin .

Best Regards,
Rana Khashif Sarfraz
(CEO at YS Gloves)

«1

Comments

  • edited June 13

    I have multiple sites,
    Maybe you only need one:
    https://amourshipping.gq

  • @UnknownLolz said:
    I have multiple sites,
    Maybe you only need one:
    https://amourshipping.gq

    I don't need site with SSL Error
    Error 526 Ray ID: 42a3ef432b9c3c65 • 2018-06-13 10:39:40 UTC
    Invalid SSL certificate https://amourshipping.gq/

  • @Ranakhas said:

    @UnknownLolz said:
    I have multiple sites,
    Maybe you only need one:
    https://amourshipping.gq

    I don't need site with SSL Error
    Error 526 Ray ID: 42a3ef432b9c3c65 • 2018-06-13 10:39:40 UTC
    Invalid SSL certificate https://amourshipping.gq/

    I'm really aware of the issue.
    I'll be fixing it!

  • This question was asked a lot of times...

  • @UnknownLolz said:

    @Ranakhas said:

    @UnknownLolz said:
    I have multiple sites,
    Maybe you only need one:
    https://amourshipping.gq

    I don't need site with SSL Error
    Error 526 Ray ID: 42a3ef432b9c3c65 • 2018-06-13 10:39:40 UTC
    Invalid SSL certificate https://amourshipping.gq/

    I'm really aware of the issue.
    I'll be fixing it!

    Switching to Flexible SSL may solve it.
    There is Also https://amourshipping.gq/aes.js

  • edited June 13

    Fixed it!

    Yes @Ranakhas I also noticed this too when I use tools.pingdom.com for checking my performance on my website.

    And I actually see an aes.js file that I didn't actually add this kind of file or anything.
    And it's also a cookieless file which lower my performance.

    Edit:
    It looks Like iFastNet just put this file for security reasons I think.
    I'm going to search if there is anything related to this file.

  • @MrJunior said:
    This question was asked a lot of times...

    Which question? AES.JS File question?

  • @UnknownLolz said:
    Fixed it!

    Yes @Ranakhas I also noticed this too when I use tools.pingdom.com for checking my performance on my website.

    And I actually see an aes.js file that I didn't actually add this kind of file or anything.
    And it's also a cookieless file which lower my performance.

    It's not mentioned in TERMS that IF will add aes.js file to your site.

  • @MrJunior said:
    Yes

    Kindly, prove where did anyone asked? So, I can find solution.

  • @Admin said:
    It's a bot/hotlink protection system which you can't turn off.

  • It looks like this is really meant to be put for security reasons.

  • @MrJunior said:

    @Admin said:
    It's a bot/hotlink protection system which you can't turn off.

    If this file
    aes.js
    Remains on our site then it's not Possible to get SSL cert from Let's Encrypt

  • Some Details

    Implementations of AES in pure scripting languages (currently !Javascript, Python, Ruby, >and PHP, but, in addition to further contributions in those languages, submissions in >other scripting languages are also entirely welcome!).

    Such implementations will be slow (hence the project name) but still useful when faster >ones are not available (for example, for JavaScript clients in browsers, and Python >servers on Google App Engine).

    This code was originally developed by Josh Davis in 2007 and consisted of a mostly >working JavaScript implementation (given the name ecmaScrypt) and a quite broken >Python implementation. While working on a Google App Engine project Alex Martelli >needed a Python AES implementation to do MS Live authentication and stumbled upon >Josh's code. Together they decided to start this project, and other committers joined >later to supply implementations in other scripting languages.

    It slow down the site!

  • @Ranakhas said:

    @MrJunior said:

    @Admin said:
    It's a bot/hotlink protection system which you can't turn off.

    If this file
    aes.js
    Remains on our site then it's not Possible to get SSL cert from Let's Encrypt

    As we know, Let's encrypt using bots to verify the domain. The aes.js is part of bot blocking system. What's wrong? I am wrong?

  • @MrJunior said:

    @Ranakhas said:

    @MrJunior said:

    @Admin said:
    It's a bot/hotlink protection system which you can't turn off.

    If this file
    aes.js
    Remains on our site then it's not Possible to get SSL cert from Let's Encrypt

    As we know, Let's encrypt using bots to verify the domain. The aes.js is part of bot blocking system. What's wrong? I am wrong?

    AES.JS is hurdle b/w getting a SSL Cert.

  • Uh, I don't have any idea what hurdle mean, sorry for English.

    Haven't I answered m? Or you have more questions about that?

  • edited June 13

    @Ranakhas said:
    Is this file secure?

    Yes, absolutely. It's completely harmless. It's just a script to do AES encryption in the browser.

    @Ranakhas said:
    Why on every site?

    It's part of this security system: https://infinityfree.net/support/javascript-error-using-api-or-mobile-android-app/

    @Ranakhas said:
    Why this file is necessary?

    The security system relies on AES encryption in the client browser to work. I don't know how it works exactly, but the file is necessary.

    @Ranakhas said:
    **Why there is no such a file on infinityfree.net **

    infinityfree.net is not hosted on a free hosting account. The site gets way too much traffic for that.

    @Ranakhas said:
    Any way to remove it?

    No. Doing so would make your website inaccessible.

    @Ranakhas said:
    Is it related to ?i=1

    Yes: https://infinityfree.net/support/what-is-the-i-1-suffix/

    @Ranakhas said:
    The only problem I ever had while obtaining SSL is this file!

    More or less. The security system prevents all automated access to websites, including Let's Encrypt HTTP challenges. The aes.js file is more of a symptom than a cause.

    @Ranakhas said:
    Is it possible to remove it?

    Still no.

    @Ranakhas said:
    where did @Admin host IF?

    Google Cloud Platform, mostly.

  • edited June 13

    @Ranakhas
    My website is hosted with iFastnet and it shouldn't have it!
    EDIT: From now on it isn't...

    @Admin said:

    @Ranakhas said:
    where did @Admin host IF?

    Google Cloud Platform, mostly.

    Mostly? So it is hosted in other servers as well?

  • edited June 13

    @ChrisPAR said:
    @Ranakhas
    My website is hosted with iFastnet and it shouldn't have it!
    EDIT: From now on it isn't...

    @Admin said:

    @Ranakhas said:
    where did @Admin host IF?

    Google Cloud Platform, mostly.

    Mostly? So it is hosted in other servers as well?

    What Admin means in what I understand him is that the client area and the community forums is mostly hosted on Google Cloud Platform but the vPanel is purely not since it needs the name servers of Byet to work.
    And our website is still hosted on iFastNet servers.

    So when IF host it's own website on G Cloud Platform then our accounts will not be affected in any way and since also we configured our domain's ns to Byet.

    Edit: Updated Par. 1
    Add "mostly" on the lines.

  • @ChrisPAR said:
    @Ranakhas
    My website is hosted with iFastnet and it shouldn't have it!
    EDIT: From now on it isn't...

    @Admin said:

    @Ranakhas said:
    where did @Admin host IF?

    Google Cloud Platform, mostly.

    Mostly? So it is hosted in other servers as well?

    Yes, there are servers at other providers for specific purposes, beyond iFastNet's infrastructure.

  • I get the feeling it's not required here but I would like to ask the most obvious question. Has your problem been resolved and if not what is the problem @Ranakhas.

    Best Regards,

    Alan T.

  • @AlanTiller said:
    I get the feeling it's not required here but I would like to ask the most obvious question. Has your problem been resolved and if not what is the problem @Ranakhas.

    Best Regards,

    Alan T.

    My problem is unsolved as I can't remove aes.js file to get LE SSL.

  • @AlanTiller said:
    I get the feeling it's not required here but I would like to ask the most obvious question. Has your problem been resolved and if not what is the problem @Ranakhas.

    Best Regards,

    Alan T.

    My problem is unsolved as I can't remove aes.js file to get LE SSL.

  • @Ranakhas said:

    @AlanTiller said:
    I get the feeling it's not required here but I would like to ask the most obvious question. Has your problem been resolved and if not what is the problem @Ranakhas.

    Best Regards,

    Alan T.

    My problem is unsolved as I can't remove aes.js file to get LE SSL.

    Just use CloudFlare. After you start using it and the DNS propagate you will be able to get an LE certificate.
    See that: https://forum.infinityfree.net/discussion/4005/disabling-the-i-1-problem-solved
    And also please don't doublepost.

  • @ChrisPAR said:

    @Ranakhas said:

    @AlanTiller said:
    I get the feeling it's not required here but I would like to ask the most obvious question. Has your problem been resolved and if not what is the problem @Ranakhas.

    Best Regards,

    Alan T.

    My problem is unsolved as I can't remove aes.js file to get LE SSL.

    Just use CloudFlare. After you start using it and the DNS propagate you will be able to get an LE certificate.
    See that: https://forum.infinityfree.net/discussion/4005/disabling-the-i-1-problem-solved
    And also please don't doublepost.

    I'm taking about rf.gd Subdomain not domain.tld

  • edited June 14

    @Ranakhas said:

    @AlanTiller said:
    I get the feeling it's not required here but I would like to ask the most obvious question. Has your problem been resolved and if not what is the problem @Ranakhas.

    Best Regards,

    Alan T.

    My problem is unsolved as I can't remove aes.js file to get LE SSL.

    Did you actually read my reply? You specifically asked for my answer, but it doesn't look like you actually read and understood them.

    You cannot remove aes.js and it's not the cause of not being able to use Let's Encrypt here. The file is merely a part of a mandatory security system, which blocks all automated access. Let's Encrypt does not support this system, so they cannot complete the challenge.

  • @Admin said:

    @Ranakhas said:

    @AlanTiller said:
    I get the feeling it's not required here but I would like to ask the most obvious question. Has your problem been resolved and if not what is the problem @Ranakhas.

    Best Regards,

    Alan T.

    My problem is unsolved as I can't remove aes.js file to get LE SSL.

    Did you actually read my reply? You specifically asked for my answer, but it doesn't look like you actually read and understood them.

    You cannot remove aes.js and it's not the cause of not being able to use Let's Encrypt here. The file is merely a part of a mandatory security system, which blocks all automated access. Let's Encrypt does not support this system, so they cannot complete the challenge.

    I read it and it was most finest answer I just replied to @AlanTiller as he asked did the problem resolved which isn't because aes.js can't be removed.
    Thanks @Admin for reply.

This discussion has been closed.