Security Questions and Concerns

I am new to HTML, CSS and started trying to learn how to code html to consolidate my internet present all in one place. This is also my first attempt to make a publicly accessible website, however,

I have been having the worst internet security problems imaginable, from hordes of psychotic stalkers, to violent thieves. At this point the entire city I live in is hijacked to some degree. This could be consolidated to = My attempts at internet fame went imminently to the pits.

To the point:
I am using the employment centers computers running windows 10.

  1. Using google chrome, i have to “clear browsing data” in order to view every bit of code i change on my webpages. In internet explorer 11 it does not update at all. (or at least it hasn’t since i logged on today. (i just started infinity free yesterday.)
  • could this be the “preload page” setting?
  • the offline version works perfectly in internet explorer 11.
  1. There are times when i click the login button and the browser will automatically log me in without a login/pass pop up or notification of any kind. This browser is set to erase browser history/cookies when all the tabs close.

  2. ReCaptcha has only popped up twice in the past two days, and is either not preforming its function or is also hijacked. I personally do not like recapcha as i feel they are hijack-y code thieves, honestly you can make a better bot check your self with a few hours of Bashing a keyboard. :stuck_out_tongue:

  3. the spell checker either works … or dose not. i really don’t know what else to say about it.

  • unrelated note -
    so far i like infinityfree, it seems new and has a lot of development ahead of it.
    but it will do everything i need it to, like, post txt files and link arrays and from what i understand i can use Google Drive or Degoo Cloud for a file host to save storage space on infinity free which is super awesome!

ill post more about glitch’s and stuff as i find them.

Thanks
http://christophertm.great-site.net/

Hello

I only see one question in your post, and that pertains to IE11. Please note that Internet Explorer is at it’s end of life, and has officially been ‘killed’ by Microsoft. Please upgrade to the current Microsoft browner, Microsoft Edge.

6 Likes

You know, I personally just can’t accept that Microsoft would kill Internet Explorer due to the endless battles they fought for it and Office in the 90’s. but more to point i am using the employment centers computers, so i have no control of this pc at all and also for reverse compatibility reason i try to using all the browsers and currently i am using ie 11 and google chrome.

I am overjoyed they finally killed it. It was bug-ridden, required old CSS, and illegal HTML tricks to get things to work. New websites don’t work, and look horrible, all modern CSS and HTML does not work, there were vulnerabilities. It was horrible, so glad its gone.

Use Google Chrome then, and make sure its updated.

3 Likes
  • unrelated to post -

I have had a lot of crazy DNS related problems in the recent years, i wonder if these errors are even related to the infinityfree platform or if maybe a subsidiary (like recaptcha) is planting some unwanted code or being targeted by a bigger malicious script of some kind as there has been a lot of “cyberwar” related goings on in the past 10 years and i personally have had crazy bots targeting my email addresses and my models on Facebook and Twitch without any sort of deterrence or legal response.

it is really note worth that everyday police do not necessarily understand the endless nonsense of computer hackers and are more often then not a target of it rather than a solution to it, so it may help to collect information yourself if needed.

I have noticed that ipv4 and ipv6 addresses get mixed up a lot (somehow) or change unintendedly or get used inappropriately. it looks to me like a big spoofer script with some people infiltrating the internet registry and internet provider buildings. which is why the DNS errors are becoming more and more relevant.

When trying to trace these sorts of things in the past i kept ending up with DNS servers on the rogers network here in canada located in toronto, however they never reply to the registered domains contact information on the American registry of internet numbers (https://www.arin.net/).

Also, when trying to trace my twitch bot stalkers I ended up at a German VPN user who was using a Russian VPN proxy and posing as an American trying to “sell viewers” to twitch users. (or something of that sort) The German company Hetzner (https://www.hetzner.com/) where the only people to take any interest at all but ultimately lead to nothing useful.

i would personally like to know more about the security aspects of the “cookie” errors many of the users here seem to be experiencing as it could potentially be a small piece of a big cyber-weapon of some sort and given the malevolence of such individual’s and there usual quest for notoriety it makes sense that they would try undermine freedom of information to middleman attack random people and cause disorder to steal money (probably)?

maby this is a good subject for a dedicated forum Mr Admin?
thanks

try incognito/private mode

but in general, as GR9 told you
I can repeat myself “The title of this topic is automatically in conflict with the use of IE”

This option sometimes helps if chrome has it (this is from firefox)

remember to remove the checkmark when you’re done

3 Likes

Um, DNS has nothing to code with the code on your website…

Because devices can have both IPv4 and IPv6 address. Some devices have only IPv4, and some only have IPv6. This is normal, and 99% of humans don’t ever need to know the IP of anything, that’s why host names/domain names exist.

Cookies are just small text files a website stores on your device. They are used to authenticate you, and keep you signed into your account.

3 Likes

OP said at the top that it is unrelated to the post.

I know, read the OPs latest post though. I was correcting the incorrect information that they stated.

Our hosting enforces quite strong browser caching by default. This is great when your website is done because it improves performance and saves bandwidth, but not so great while you’re still working on it.

Viewing the site in Incognito Mode bypasses all caches. And opening the Developer Tools menu, go to the Network tab, and there is a “Disable cache” option there too. So if you need to do development on the live site, these options may be useful.

The regular login session is handled with a regular “session” cookie and the “Remember me” functionality is handled by another cookie that’s set to be long lasting. If your cookies are cleared, you’re logged out. There is very little magic here.

So if you’re not logged out, I think it’s most likely that your cookies were not cleared. Maybe the browser window wasn’t closed, or maybe the cookie deletion system has a wait timer. Web proxies, malware and other things affecting normal browsing behavior could also cause cookies to behave abnormally.

We make use of Invisible ReCaptcha in most places. The code is always there, but for most people it’s completely transparent because ReCaptcha’s analysis already determined they are human. It only popping up rarely is normal, and it is most definitely doing what it’s supposed to do.

IMO ReCaptcha is relatively clean, and it mainly just injects a widget in the location of a HTML tag you define. Ad codes are 100 times worse, they load in a ton more stuff and add tags and files everywhere (assuming that’s what you’re referring to with “hijacking”).

And maybe you’re some kind of miracle programmer, but I wouldn’t be able to build a better CAPTCHA system in few hours. Sure, you can cook up something rudimentary in a few hours, but it wouldn’t be anywhere near as visitor friendly or effective as ReCAPTCHA. I prefer to leave all the complex user interaction tracking and analysis to the AI wizards at Google.

What spell checker? As far as I know, we don’t have a spell checker.

They were king in the late 90s and early 2000s. Then other browsers came up and especially Google Chrome ate all their cake, because they were faster, more secure, etc.

When IE got the axe, it was pretty universally hated, which is why when they rebuilt the browser from the ground up, they gave it a new name: Edge. But people did not forget, which is why Edge flopped and they rebuilt it again as just a different skin on top of the Google Chrome core and had to force it down the throats of Windows users.

In my experience, receiving spam is not caused by malicious scripts. You don’t need malicious scripts to send spam, you only need to have contact information to send the spam to. Spam is usually just caused by either data being leaked from services you’re subscribed to or just spammers trying random addresses to see what sticks.

Spam and bots are deterred, but “deterrence” doesn’t mean “stopped entirely”. These protections rely on automated detection, which is never perfect. And legal response is not feasible because it’s often very hard to find out who is behind a bot, and even if you know who it is, they may be located somewhere where it’s not possible to take effective legal action.

This sounds like some combination of NAT, DHCP and firewalling. Many networks are dual-stack (having both IPv4 and IPv6), reallocate IP addresses semi-frequently, and filter or rewrite network traffic for security. This is all very common and a completely normal way to operate a network.

For this point and many others: just because you don’t understand with doesn’t mean it’s malicious.

Have you tried doing some research about what a browser cookie is?

It’s just a bit of information that’s sent by websites to your browser and your browser then sends it back to the website. This is how things like login systems and shopping carts can work.

Cookies are sometimes scary to the less technically inclined because they have heard about tracking cookies used to follow people around the web and build profiles on them (which are used for ad targeting for example).

But a cookie is just a technology standard. It can be used to do good and it can be used to do bad. Cookies are not evil.

6 Likes

Cloudflare has recently created a new service that is free for all

5 Likes

This may be the answer i am looking for ! thanks

I understand your point, on this pc i am currently using there are two cmd windows that pop up as the computer is started, they seem to key log everything and inject data into cash files. I have run into this virus a lot using government computers here.

Good point! there is much i personally do not understand about computing…

Good points! I will fiddle around with the advice you have given and repost!

thanks

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.