Search the Community
Showing results for tags 'security'.
-
Blocking IP Address from Ashburn VA which is a AWS site
Yvo posted a question in Coding and Customization
Site URL: https://theyvonne.com Hi Everyone, Thank you so much for any assistance you can provide. I believe I have a bot visiting my site. The IP is always from Ashburn Virginia and an IP lookup indicates the IP is an AWS site. One IP did indicate it was from a site in China. It use to be just once a month. Now. it 3 times a month and because I have low traffic these visits indicate my peak volume. I can get up to 40+ at a time. It is not a big deal but I want to start promoting, some of my work, and these visits will mess. up the analytics. Question: How do I block or remove them from my counts. Every instance is a different IP address but typically each instance is the same for 20-40. views. I am seeing that the view/visit number is getting higher each month. The view always starts on my privacy policy page. ps... I accidentally posted before finishing writing and then did an edit that got interrupted by a phone call. If this caused any issue please forgive me. All my best and many thanks Yvonne -
Hi all. I have a client who is obsessed with whether their Squarespace commerce site will somehow hold onto any of their customers financial information when they've placed an order. Their payments will be completed via Stripe. Support have told me "We will only capture the information that shows in the sites Orders panel." Can anyone give me a bit more info on this please or a line of text that I can suggest my client includes in their terms and conditions to put his mind at rest? TIA
-
I just setup an account this morning and am very new to the SEO/website building world. Below is a screenshot of what my current account looks like with SquarSpace. I would think that my website address would not be something totally unrelated to my business. Also when I click on the website link I get a big warning that I am entering a dangerous website. Is this a phishing address? If so, how do I change it? -
I'm done with my previous provider of services and their use of cloudflare and all the calisthenics to make a secure site, I'd like to confirm . . . 1) are pages created in squarespace automatically secure and display "https?" 2) I believe, having leafed through the tools, can I "drag and drop" elements, create forms, and modify components at will? ( I have ZERO java or html experience and need idiot proof) 3) how reliable is squarespace e-mail hosting? Should I use gmail in some fashion? 4) the web designers for hire, how expensive is that? My site isn't many pages, and it is really very cobby, looking like an engineer made it. I'd like to change to squarespace after reviewing the hosting / e-mail / domain maintenance charges. We don't get too much e-mail, about 50 per day. https://www.weathering-direct.com Thanks for any input and making me comfortable with such a commitment. stevieJ -
Remove downloadable pictures for website data and right click
Jeyycie posted a question in Coding and Customization
Site URL: https://www.cesardumayhouard.com/ Good evening, I've just launched my website, and since it is my portfolio I want to protect my images. And surprisingly any person can right click on any of my pictures and download them. So I want to know if it is possible to disable that for my website ? I also noticed that, (even for some other website), you could just right click and then select "inspect element", which then shows you the HTLM and CSS code of that page, and you can clearly see the specific private address of the pictures an videos, and download them that way. But I know that you can hide that data, and prevent a download, which something I've noted on some other website. So If you can help me insure some picture security I will be grateful, thank you. -
Site URL: https://probackup.io/ Hi Squarespace community, My company probackup.io has built a safe & easy-to-use backup app for popular cloud apps such as Asana, Airtable and Monday.com. It offers daily, automated backups, advanced restore capabilities and a daily sync to Google Sheets. We have had some customers request to roll-out our backup solution for Squarespace as well. Before proceeding on integrating with Squarespace, we are looking to get as much validation as to whether any use cases pertaining to backup, restore or undo functionality are commonly requested by customers, to help inform our business case and prioritize our roadmap. For sure Squarespace does its own backups for redundancy, and offers basic export capabilities, but here are the use cases we have identified from our own customers where we are thinking to add value beyond what the platform already does: - Extra level of disaster recovery - Advanced rollback & restoration capabilities - Continuous access to business-critical data during service outages Curious to hear what the community thinks of a potential dedicated backup for Squarespace? Your feedback would be greatly appreciated.
-
Site URL: https://www.tummyrescue.com.au Hi my website is redirecting to other websites. I don't know how this has happened. I've just turned on ClickJack protection in advanced settings, but the redirect is still happening. The redirect just seems to happen on smartphiones. But on my windows pc i get an AVG error popup as shown below. Do you know how I can remove this malware ? I've done some googling and some people say it could be an invisible iframe but i don't know how to remove what might be causing the issue. Any help would be greatly appreciated. Thank.
-
Site URL: https://gohsh.com Hi! Can someone help? We're getting ready for our launch and feedback has been that people are unable to access our site. They're getting malware or cautioned about security. Squarespace told me it could be an SSL certificate issue. People are able to open our site via gohsh.squarespace.com but if it's through our direct domain, they're warned or blocked. It's happening mostly happening on optimum online customers, people using their work computers and also overseas globally. Does this mean I have to just move over to Shopify?? 😞 -
Site URL: https://www.ausliebezumhaustier.de Hi, i think a lot of people have the same challenge here with implementing GDPR or CCPA. Anybody with a good, working and cost-effective (or free) tool? I've tried Google https://fundingchoices.google.com/p/d2c40879b32a7b93/ (Free) Quantcast Choice https://www.quantcast.com/ (Free) Cookie First http://www.cookiefirst.com (Paid) Nothing is working for me (f.e. Outbrain is firing without consent on all three) Any suggestions? Any experience with Cookie Consent Cookie Control OneTrust Cookiebot Cookie Consent Kit Thanks Jan
-
Site URL: http://www.stevedaytonart.com/ My browser, Chrome, says my site is not secure. I don't understand why that is. What can I do about it if anything?
-
Hi there I'm working on a website and need to find out if you can do "secure mail/secure message" via Squarespace? It is a lifestyle consultant who would like customers to be able to send the person in question a message via the page - more personal things can be written in. The company has a decidedly secure e-mail - where tunnel-encrypted messages can be sent from another secure e-mail. But I don't think that is the solution. The solution is more of a box model on the page. Anyone have examples of sites in operation that have such a solution? Best regards Morten
-
I keep getting this message of late: Error Saving: Your changes conflict with a newer version of this document. Your changes here will not be saved. According to Squarespace, it's due to multi-contributors or the same page opened elsewhere. But I don't have co-contributors and I don't have another page open. Is this pointing to a security hack? Or is this a wonky Squarespace thing?
-
Site URL: https://securityheaders.com/ Hi, Square Space Support has directed me to the forum. Just wondering if anyone has been successful in adding in security headers to a square space site. If you scan with the above url you will see the missing headers. Support recommended injecting html but that is a client side solution to a server side requirement. After looking into this one in more detail it looks like none of those techniques will work as they are client-side rather than server-side. Chrome, for example, will ignore x-frame-options when it's in a meta tag and so we would expect that a bad actor or script would do the same thing. Here is a summary of the problem with fixes: https://security.stackexchange.com/questions/167081/how-to-add-x-frame-options-header-to-a-simple-html-file It seems the only way to set these headers as to affect security is to apply at the server level. On apache/wordpress we just use the functions file to hook in before page load and set the headers. Does squarespace have a way to do something similar? is there anything that you recommend we try aside form the client side links provided? Happy to help troubleshoot or explain in more detail.
-
squarespace HSTS is broken -- can someone please fix?
charles_h posted a question in Coding and Customization
Site URL: https://www.havenconnect.com currently squarespace does not allow adding HSTS directives like `includeSubDomains` or `preload`, and they don't allow modifying the `max-age` directive to a year or more. based on my understanding of HSTS, this prevents domains using squarespace from being eligible for preloading. more info here: https://scotthelme.co.uk/hsts-preloading/ i'm not a security expert so my first question is this: am i correct in understanding squarespace's HSTS implementation does not force all users to HTTPS? second question: if my understanding is correct, does squarespace plan to address this security flaw/vulnerability? and if so, when? thanks! -
Site URL: https://www.petsitterconfessional.com/episodes/222 I received an alert from Google Search Console about a particular page. One that was published a while ago. I cannot find anything that's new/different about this page to get this alert. Any thoughts? "Google has detected harmful content on some of your site’s pages. We recommend that you remove it as soon as possible. Until then, browsers such as Google Chrome will display a warning when users visit or download certain files from your site. These pages attempt to trick users into doing something dangerous, such as installing unwanted software or revealing personal information." -
Did you ever figure this out? I'm facing a similar problem. My client's insurance company are asking for this or they will deny coverage on their site.
-
I have a question regarding broken images. While on my workplace's network, my squarespace site (along with other sites built with squarespace) won't load images properly (shows broken image icons). I believe this is due to some firewall or security feature of the network. This occurs on few other sites, but happens pretty much globally on any squarespace sites (including squarespace.com). Although it is clearly due to the network, I'm a little concerned that other networks that users may be on will also not load images properly if these networks contain some security feature. With that said, is there any way to format images or add something to the CSS code to maximize the changes of images loading properly even on security-heavy networks?
-
I'd really like to allow interns at my company to draft blog posts on the site. However, I don't want them to have access to editing the rest of the website. Is this possible yet on Squarespace?
-
Hello - We are trying to come up with a way to have a hidden page that only tenant of our building have access to. We would like them to enter their email address and if it matches one in a database that we provide - it will give them access. We don’t really want to require a password. Is this something that is possible? It is not possible with SquareSpace members only area
-
Hello - We are trying to come up with a way to have a hidden page that only tenant of our building have access to. We would like them to enter their email address and if it matches one in a database that we provide - it will give them access. We don’t really want to require a password. Is this something that is possible? It is not possible with SquareSpace members only area -
Some images on a website that has an SSL certificate are still displaying as http instead of https, thus causing those webpages to display as 'not secure' by Google. Is there an easy way to switch over all images on a site like this so that they are https instead?
-
In February, I asked about the ability to add security headers to a Squarespace site (e.g. XSS protection). I was told this was not currently supported and would need to be requested as a new feature. Support chat = https://support.squarespace.com/hc/en-us/requests/new?ticket_form_id=360000388052 Subsequently, I've seen a reference to the ability to add headers in Settings | Advanced | Header (linked below). Please could you confirm whether this function will support the use of security headers on the infrastructure managed by Squarespace. Many thanks
-
Site URL: http://www.cellerantconsulting.com Hello, I am getting at the top of our website URL - "Not secure - cellerantconsulting.com". How do I fix that? Thank you, Stephanie
-
Hey whats going on ya'll I'm running a content site dedicated to fitness and nutrition science I sell a product by monthly suscription - Essentially I release 5 new workouts every month to suscribers for different purposes. While squarespace does let you sell digital products with a secure link, you can't do it with suscriptions What would be the best way for me to go about doing this in a way that keeps my digital product secure? Thank you
-
Site URL: http://coryzankerphotography.com All of my images appear broken when editing in the configuration view. As soon as I noticed this error, I also noticed a privacy error when attempting to load my web page on both Chrome and Safari (attached). Both issues only occurs on one device (2016 Macbook). Images are not broken, nor do I receive the security warning on my phone or other computer. Any input or suggestions would be greatly appreciated!
- 5 replies
-
- 1
-
-
- images
- certificate
- (and 2 more)
