Louise Helen asked:
I co-own a charity forum that gives support to people in crisis (mental health, self harm, suicidal thoughts etc) Our webmaster left in a bit of a snit a month and a half ago and I have been struggling since. This morning suddenly some of my members (not even most, just a portion) are getting an error on the site.
Some IPs are getting the message:
“Your connection is not private
Attackers might be trying to steal your information from suicideforum.com (for example, passwords, messages, or credit cards). NET::ERR_CERT_AUTHORITY_INVALID”
And depending on the browser also getting a “403 Forbidden You don’t have permission to access / on this server.” error.
When those members access the site via a proxy, everything is good. Most people are accessing the site just fine.
I have checked the SSL certificate and all is supposedly good with that (though it is bought/owned by the errant webmaster and we need to buy a new one probably anyway).
Any ideas why some people are getting this error/what it is? And where I even start to find someone to help fix it.
The nature of the site is that we have around 2500 people a month who come to us for support with mental health and suicidal urges and if even a small portion of them are being blocked by something, that is a big concern to me that they won’t get helped – and I have already had panic emails from some that they can’t reach the site.
Any help or ideas would be massively appreciated.
Your web site is not accessible to users who have IPv6, (about a quarter of the US and close to 10% worldwide, and growing) because your DNS records point to an IPv6 address which does not correspond to your server.
suicideforum.com has address 126.96.36.199 suicideforum.com has IPv6 address 2604:4300:b:6::20:2
When testing via IPv4, I can reach your site and get the correct certificate. On IPv6, I reach a completely different site whose SSL certificate claims to be corvuise.me and which serves the Forbidden error you noted.
To resolve the problem, correct your DNS AAAA record so that it has the correct IPv6 address of your server (or remove it, if your server doesn’t yet have IPv6).
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.