# Forum > News > Help & Support > Report Bugs >  Enabling SSL breaks the page

## blamani

With the new firefox that blocks active mixed-content the WYSISYG Editor for posts breaks when you enable ssl for this page.

I had the following warnings:



```
[
"http://www.ownedcore.com/forums/mobiquo/smartbanner/appbanner.css" was blocked. @ https://www.ownedcore.com/forums/newthread.php?do=newthread&f=166
"http://www.ownedcore.com/forums/mobiquo/smartbanner/appbanner.js" was blocked. @ https://www.ownedcore.com/forums/newthread.php?do=newthread&f=166
"http://www.adpeepshosted.com/adpeeps.php?bf=showad&uid=101861&bmode=off&gpos=center&bzone=default&bsize=728x90&btype=3&bpos=default&btotal=1&btarget=_blank&bborder=0" was blocked. @ https://www.ownedcore.com/forums/newthread.php?do=newthread&f=166
"http://www.ownedcore.com/forums/clientscript/vbulletin_facebook.js?v=420" was blocked. @ https://www.ownedcore.com/forums/newthread.php?do=newthread&f=166
"http://www.ownedcore.com/forums/clientscript/ckeditor_config.js?v=420&t=B8DJ5M3" was blocked. @ https://www.ownedcore.com/forums/clientscript/ckeditor/ckeditor.js?t=A7HG4HT&v=420:16
```

You should update SSL , because the current version doesn't seem to mitigate the BEAST attack.
Finally, since RC4 is declared broken officially, you might want to disable it and allow TLS1.2 with some more secure Methods, including Forward Secrecy

----------


## Ket

It should be fixed now.

----------


## blamani

looks better now indeed, but there are still 2 warnings:




> http://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js" @ new...eaks-page.html
> http://www.adpeepshosted.com/adpeeps.php?bf=showad&uid=101861&bmode=off&gpos=center&bzone=default&bsize=728x9 0&btype=3&bpos=default&btotal=1&btarget=_blank&bborder=0" @ https://www.ownedcore.com/forums/new...eaks-page.html


both websites answer ssl-requests without cert-problems

----------


## Ket

That should be fixed now as well.

Thanks!

----------


## blamani

How about the following things:

SSl2 is enabled (nobody should use that any more)

there are algorithms enabled that shouldnt:
TLS_ECDH_anon_WITH_AES_128_CBC_SHA (0xc01 :Cool:  INSECURE
TLS_ECDH_anon_WITH_RC4_128_SHA (0xc016) INSECURE
TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA (0xc017) INSECURE
TLS_ECDH_anon_WITH_AES_256_CBC_SHA (0xc019) INSECURE

According to Bruce Schneier and a few others, RC4 should also be disabled.
Last:
BEAST attack Not mitigated server-side (more info) SSL 3: 0x7, TLS 1.0: 0x7 , depending on the operating system and webserver you might want to do an update there as well.

----------


## blamani

I would also like to see TLS enabled for Tapatalk

----------


## blamani

The certificate on this page is no longer valid

----------


## Cnypher

> The certificate on this page is no longer valid


same here  :Smile:

----------


## Ket

Should be all fixed now. Please let me know if any issues.

Thanks!

----------


## blamani

Is there a reason why Ownedcore no longer supports TLS?

----------


## Ket

> Is there a reason why Ownedcore no longer supports TLS?


Actually we are moving towards that very soon.

----------

