philips 2 Posted ... Hi everyone, I have 2 remarks about the .onion website of Airivpn: - First of all, I can't access to the .onion Airvpn website (https://airvpn.org/). I got a warning message which says that Tor has detected a potential security threat and will not continue to this website. It is also written that the websites's administrator should be contacted. - A new feature has been introduced in Tor Browser 9.5: the Onion location. With it, the website publishers can now advertise their onion service to Tor users by adding an HTTP header. This feature looks to be not yet in use in the clearnet Airvpn website. For more info, you can read the Blog Post from Tor Project: https://blog.torproject.org/new-release-tor-browser-95 Best regards Quote Share this post Link to post
OpenSourcerer 1435 Posted ... 20 hours ago, philips said: - First of all, I can't access to the .onion Airvpn website (https://airvpn.org/). I got a warning message which says that Tor has detected a potential security threat and will not continue to this website. It is also written that the websites's administrator should be contacted. Can confirm. The certificate is only valid for airvpn.org, not for the .onion domain. 20 hours ago, philips said: - A new feature has been introduced in Tor Browser 9.5: the Onion location. With it, the website publishers can now advertise their onion service to Tor users by adding an HTTP header. This feature looks to be not yet in use in the clearnet Airvpn website. For more info, you can read the Blog Post from Tor Project: https://blog.torproject.org/new-release-tor-browser-95 I find the Onion Names a bit more interesting. One can actually use Tor just like one would browse the web now, without these cruel heaps of random alphanumeric characters comprising a domain name. Quote Hide OpenSourcerer's signature Hide all signatures NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT. LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too! Want to contact me directly? All relevant methods are on my About me page. Share this post Link to post
Guest Posted ... On 6/3/2020 at 10:05 PM, philips said: - First of all, I can't access to the .onion Airvpn website (https://airvpn.org/). I got a warning message which says that Tor has detected a potential security threat and will not continue to this website. It is also written that the websites's administrator should be contacted. 9 hours ago, giganerd said: Can confirm. The certificate is only valid for airvpn.org, not for the .onion domain. You can ignore the warning in this case as the HTTPS certificate is valid for the clearnet domain only but allowing HTTP (.onion traffic) creates issues with some of Air´s settings. Your connection is still end-to-end encrypted though. I hope that they will try to fix this. Receiving security warnings in tor browser does not really encourage users to use the .onion domain. Quote Share this post Link to post
Staff 9973 Posted ... @HannaForest@philips@giganerd Hello! We made a Onion v3 address. The hidden service is provided by a dedicated server through http (no certificate warning), and we added HTTP-header "onion-location" that recommends the .onion version. Kind regards 1 1 OpenSourcerer and nexsteppe reacted to this Quote Share this post Link to post
OpenSourcerer 1435 Posted ... (edited) Can confirm it working. Can also confirm that the certificate thing is fixed, but not for the .onion domain linked in the footer. I think Tor even stops loading the website and explicitly asks if one wants to use .onion before any "serious" content is transferred. Unfortunately, or so I think because it happens very fast, the anti-DDoS thwarts this and one is directed to airvpn.org, after which a button is shown in the URL bar that will direct the user to the advertised .onion website. Edited ... by giganerd Link was converted to airvpn.org automatically; removed Quote Hide OpenSourcerer's signature Hide all signatures NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT. LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too! Want to contact me directly? All relevant methods are on my About me page. Share this post Link to post
Guest Posted ... @giganerd@Staff Awesome, thanks for the effort! The v3 works and is being recommended. Don´t forget to add this address to the footer However, I still received a SSL CERT security warning after I logged in, clicked on notifications, and on a notification I received. Can you reproduce this? Quote Share this post Link to post
Staff 9973 Posted ... Hello! We updated right now the footer and specs page with the new address. There are some points where our CMS still redirects to SSL version, we are working to fix all of them, please be patient. Kind regards 2 nexsteppe and OpenSourcerer reacted to this Quote Share this post Link to post
Guest Posted ... 1 minute ago, Staff said: Hello! We updated right now the footer and specs page with the new address. There are some points where our CMS still redirects to SSL version, we are working to fix all of them, please be patient. Kind regards Great! Thank you very much! Quote Share this post Link to post
OpenSourcerer 1435 Posted ... Tested and working correctly. Nice. Quote Hide OpenSourcerer's signature Hide all signatures NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT. LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too! Want to contact me directly? All relevant methods are on my About me page. Share this post Link to post
philips 2 Posted ... Also tested and works fine! Thanks for this great job! :) Quote Share this post Link to post