Sat, Nov 30, 10:13 PM CST

Renderosity Forums / Poser - OFFICIAL



Welcome to the Poser - OFFICIAL Forum

Forum Coordinators: RedPhantom

Poser - OFFICIAL F.A.Q (Last Updated: 2024 Nov 29 7:57 am)



Subject: DAZ store unsecure!!!!


idolitry ( ) posted Sun, 01 September 2002 at 4:57 AM · edited Thu, 21 November 2024 at 12:25 PM

Has anyone else tried the new DAZ store system yet? I went to buy the Milenniun Dragon, but when I got to the checkout and was about to enter my credit card details I was not warned about changing from an unsecure to a secure site, there was no padlock at the bottom of my browser and the web address started "http://", NOT "https://" (i.e. the web page is not encrypted as it should be for online purchases). I really don't want to miss out on the Dragon sale, but I don't want to make a free gift of my card details to any hacker trawling for them. I'll wait until DAZ fixes the problem, or assures me their site is actually secure it just doesn't tell you at any stage.


sparrowheart ( ) posted Sun, 01 September 2002 at 5:12 AM

I have the same problem, idolitry. I wrote to them yesterday about the problem, but have heard nothing back. I wonder if we are the only two, or are others too excited about getting their models to notice the fact that the site might possibly be unsecure?


idolitry ( ) posted Sun, 01 September 2002 at 5:28 AM

Thanks for that sparrowheart. I was excited about getting the Dragon at such a low price & would have just paid. If I didn't have my browser set up to warn me about secure/unsecure sites I'd never have noticed, you just assume that if you're giving card details the site is secure. Glad I'm not the only one though, given windowz propensity for breaking I was worried it was just me, hence the post to get others to check.


sparrowheart ( ) posted Sun, 01 September 2002 at 5:40 AM

I had the same feeling about Windows, idolitry. I switched to Netscape to see if I would have better luck with that...but by that time, the DAZ Store was so overloaded with connections that I could not get to checkout at all. I guess this is just a case of needing to wait and see. sigh, grumble and wink I'm sure DAZ will clear this up as soon as they have a minute to breathe. Have a good rest of the weekend. :-)


toashzadel ( ) posted Sun, 01 September 2002 at 5:40 AM

Have you tried changing the url manually to https? That seemed to work for me, but I couldn't get all the way to the checkout because the site is too busy!


idolitry ( ) posted Sun, 01 September 2002 at 5:52 AM

Thanks sparrowheart, you too :-) I didn't think of that toashzadel, but I'd still be concerned about the safety of my card details if I had to manually switch to the secure part of the site. Given DAZ have just overhauled their site I'm sure it's just teething troubles & as sparrowheart says, when DAZ have a minute to breath they'll fix it. It would have been nice for them to make sure it worked properly before implimenting the new system though, especially given all the great offers they now have.


toashzadel ( ) posted Sun, 01 September 2002 at 6:07 AM

Attached Link: http://www.renderosity.com/messages.ez?ForumID=12356&Form.ShowMessage=850117

I can understand your concerns idolitry; I guess I am just more tolerant becuase I am a web designer myself and understand what a pain in the *everything* that launching a new site is! ;o) Having said that I have started a thread to try and get DAZ to extend their sale, because I can hardly view the site!


idolitry ( ) posted Sun, 01 September 2002 at 8:34 AM

I can appreciate that toashzadel, I'm helping to design a website at work and it's a pain!!! & I'm only supplying some of the content, I'm not designing the site itself. Getting DAZ to extend the sale is a good idea, perhaps the problems we are having viewing the site are related to the new site design?


FyreSpiryt ( ) posted Sun, 01 September 2002 at 10:11 AM

I suspect the problem is actually in the frames. I ran into this on another site that I had purposely framed inside an external coupon offer. The checkout itself was secure, but the browser didn't realize it because the frame was not. I assumed DAZ's checkout was the same situation; perhaps foolish of me. But, if someone had no problem when changing the http to https, I imagine that's it.


RHaseltine ( ) posted Sun, 01 September 2002 at 10:15 AM

You can check by right-clicking (control-click on Mac?) in the frame and picking properties from the menu and then the Connection entry will tell you if the the frame is secure or not encypted.


RHaseltine ( ) posted Sun, 01 September 2002 at 10:16 AM

Just did it and the account management page definitely is secure.


Puntomaus ( ) posted Sun, 01 September 2002 at 11:34 AM

I purchased the dragon yesterday, browsing with Netscape 7, and a window appeared, telling me that I was asking (or how this is called) for a secure site - so I think everything is ok with the Daz store?

Every organisation rests upon a mountain of secrets ~ Julian Assange


idolitry ( ) posted Sun, 01 September 2002 at 2:45 PM

I think I'll still wait until DAZ officially fix it


unclebob ( ) posted Sun, 01 September 2002 at 5:12 PM

errrrg... I didn't notice the lack of the "security icon" until AFTER I had done the credit card stuff. I made a quick call to the CC company to have them put the card on hold for a week. (the DAZ order showed) JUST IN CASE. After reading the above, it prolly was secure. But I'm anal about such things.


toashzadel ( ) posted Sun, 01 September 2002 at 5:19 PM

uncle bob; if you are so anal about it have you considered credit card insurance? I am a big leave-wallet-in-taxi risk, so I have it ;) But, unless you have pissed off some hackers, the chances of somebody intercepting your credit card transaction are very very small; if you went down the bookies and bet on it happening, and then it did, you'd probably be too rich to care ;o)


yggdrasil ( ) posted Sun, 01 September 2002 at 5:23 PM

I just placed an order at DAZ. As mentioned above the reason the lock isn't showing or https is the frames. I checked the properties of the frame page that was asking for my credit card number and it was HTTPS as it should be. Nothing to worry about. -- Mark

Mark


Jaqui ( ) posted Sun, 01 September 2002 at 7:25 PM

of course the store is not secure, .asp, iis and ms os all major security risks. daz has never been secure, since the above list is thier site data.


Lyne ( ) posted Sun, 01 September 2002 at 9:08 PM

Well, we have till the 19th, for the sale price, right?? I have no what the site is doing, because when it balked, yesterday, I came here to check... saw all the problems and decided to wait till Tuesday.. I gotta have that beautiful creature... so I HOPE they fix it!! OR EXPLAIN IT'S SECURITY TO US MORE CLEARLY?? May have to wait till waaay after Tuesday.. sob! Wouldn't a "secure page" tell you it is? Whaaaat, Jaqui?? Lyne

Life Requires Assembly and we all know how THAT goes!


CrystalDragon ( ) posted Sun, 01 September 2002 at 9:25 PM

ummm, it looks to be only to the 9th, Lynne, but here's hoping I'm wrong... ~DM


sparrowheart ( ) posted Mon, 02 September 2002 at 3:36 AM

I just tried with both IE and Netscape, and STILL I am being told that the page is not secure. I have to say that I am of the same mind as Lyne. I am going to wait. It may well be that the frames really are the problem, but I would feel a lot more comfortable if that nice, reassuring little padlock would appear in the bottom righthand corner of my screen again!!! And yes, sadly the sale only extends until the 9th as of now. I am hoping it will be extended, since you cannot proceed all the way through checkout even if you want to now. "Too many connections" and I have been getting this error message for nearly 24 hours. At least the dragon keeps looking better and better to me, the longer I cannot succeed in getting him!! sobs right along with Lyne


yggdrasil ( ) posted Mon, 02 September 2002 at 9:34 AM

file_22150.jpg

Here is a screen grab I just made from the DAZ store showing the details of the HTTPS certificate. There is a slight quirk in that the certificate is registered to secure.daz.com but is being used on store.daz.com, but that doesn't affect the encryption of any information you send them. You just have to trust that both servers belong to DAZ.

Note: I pulled the frame out into a separate window to display.

Jacqui: They're not using ASP on the checkout pages at the moment. It's PHP.

Mark


sparrowheart ( ) posted Mon, 02 September 2002 at 11:39 AM

Thanks, Yggdrasil. You have been a lot more helpful than DAZ has been this weekend. Now if only we could get through Checkout....


Lyne ( ) posted Mon, 02 September 2002 at 2:45 PM

Oh thanks from me too!! and the 9th only? Okay.. I might try back on Wed or Thrus.. after the rush of dragon rider's stampede on Tuesday??!! And of course check "here" to see how things are going.. I wrote to DAZ sales and asked if nothing else that they post HERE and tell us all what's what... sigh... Meanwhile.. good old Renderosity is here.. and I am giving in to my wish list stuff here now! :)) Lyne

Life Requires Assembly and we all know how THAT goes!


Jaqui ( ) posted Mon, 02 September 2002 at 6:49 PM

Lyne, .asp, m$ active server pages, iis, m$ internet information server, and all m$ windows have huge security holes in them. yggdrasil, still doesn't help me, the .asp screws my browser and I can't access anything but the index page of daz. the main part of the store is .asp, only the checkout is php.


Lyne ( ) posted Tue, 03 September 2002 at 8:33 PM

I had wondered if the system DAZ is using now is an older one.. sigh.. it comes down to "either I do it or not".. (have not ordered yet) but it is not reasuring that DAZ has not answered my e mail... Lyne

Life Requires Assembly and we all know how THAT goes!


RaVan ( ) posted Wed, 04 September 2002 at 11:36 AM

file_22151.jpg

Hi everybody, The site is actually still secure, the problem arises because our site is built in frames. The portion of the page that receives and processes your personal and billing information is secure, but the entire frames pages that loads the secure portion in addition to the category bar and navigation bar is not secure. You can check the link by right clicking in a blank area in the largest frame on the screen and selecting "Properties". The Address line will read https://store.daz3d.com indicating that the site is secure. Hopefully soon you will oncee again see the reassuring padlock in the corner of your browser as well. As for replying to emails, Reba and I are working up the list and I hope that I'll have replied to you in a timely matter, thanks for your patience. Ryan tech@daz3d.com


Privacy Notice

This site uses cookies to deliver the best experience. Our own cookies make user accounts and other features possible. Third-party cookies are used to display relevant ads and to analyze how Renderosity is used. By using our site, you acknowledge that you have read and understood our Terms of Service, including our Cookie Policy and our Privacy Policy.