Page 1 of 1
My login doesn't last, and site is still unsafe.
Posted: Wed Jul 01, 2026 11:26 am
by Gambit37
Things are still weird here regarding logins and security:
- Recently, I've had to login again every day. It seems like the login cookie is not persisting.
- Chrome frequently blocks me from entering the site with its standard "Site is unsafe" warning page. I have to click through the Advanced button on that page to get to the site.
I think there's something wrong with the site's certificate and/or the way the secure and unsecure web addresses are linked. This stuff was always confusing to me when I used to admin the site, but I don't recall such problems on the host we used years ago. I wonder if there's something misconfigured with the current host? Anything I can do to help with that?
Re: My login doesn't last, and site is still unsafe.
Posted: Wed Jul 01, 2026 3:35 pm
by Ameena
For the record, I'm not having any issues here - it keeps me logged in and I get no error messages? Maybe it's a browser thing? I use Firefox.
Re: My login doesn't last, and site is still unsafe.
Posted: Wed Jul 01, 2026 6:42 pm
by Gambit37
I'll try another browser for a while and see if that makes a difference. Chrome is normally pretty reliable, but I think its security filters black marked the site a long time ago. Maybe. Who knows!
Re: My login doesn't last, and site is still unsafe.
Posted: Wed Jul 01, 2026 6:54 pm
by ChristopheF
I don't have any issue either. I mostly use Edge (though I have Chrome, Brave & Firefox).
I just quickly checked in Chrome, I don't have any warning message.
The site uses apache2 configured to listen on both http 80 & https 443. There is an automatic redirection from http to https for any URL configured in .htaccess at the root of the site with these 2 rules:
Code: Select all
# Redirection http://dungeon-master.com or http://www.dungeon-master.com -> https://www.dungeon-master.com
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteCond %{HTTP_HOST} ^(?:www\.)?dungeon-master\.com(?:.*)$ [nc]
RewriteRule ^(.*)$ https://www.dungeon-master.com%{REQUEST_URI} [redirect=301,L]
# Redirection http://dungeon-master.com or https://dungeon-master.com -> https://www.dungeon-master.com
RewriteEngine On
RewriteCond %{HTTP_HOST} ^dungeon-master\.com(?:.*)$ [nc]
RewriteRule ^(.*)$ https://www.dungeon-master.com%{REQUEST_URI} [redirect=301,L]
I use certbot to automatically enroll & renew the SSL certificate from Let's Encrypt.
Can you try with "private browsing" mode of Chrome?
Can you try to deleting all cookies for both dungeon-master.com &
www.dungeon-master.com, and try again?
Can you try other browsers?
Maybe you have one extension in Chrome that would interfere? Like any antivirus or security/filtering/parental control tools. You can try disabling all your extensions to check if it works better.
Can you post screenshots of the error messages that you get ?