Hello,
A few weeks ago I received an email stating that I'm sending requests to http://download.maxmind.com/app/geoip_download rather than https://download.maxmind.com/app/geoip_download for MaxMind database downloads and that in the coming months http is going to be removed.
I believe CSF is doing the http requests to Maxmind as I just checked and found the following:
[/usr/local/csf/lib/ConfigServer]# grep -r download.maxmind.com/app/geoip_download *
Config.pm: $config{cc_country} = "http://download.maxmind.com/app/geoip_d ... ICENSE_KEY}";
Config.pm: $config{cc_city} = "[url removed due to max url count per post error]";
Config.pm: $config{cc_asn} = "[url removed due to max url count per post error]";
CountryCodes.pm:my $cccountry = "[url removed due to max url count per post error]";
CountryCodes.pm:my $cccity = "[url removed due to max url count per post error]";
CountryCodes.pm:my $ccasn = "[url removed due to max url count per post error]";
In cPanel I checked and it shows I have the latest version of CSF at v14.19
I of course could edit the files myself to https but obviously don't want to do that and possibly create issues down the road for updates.
Just wanting to confirm there are plans to update the URL's in the next version to https as that seems to be a requirement fairly soon for MaxMind.
Thanks,
Serge.
Maxmind - Action Required: Use HTTPS for GeoIP database downloads
Re: Maxmind - Action Required: Use HTTPS for GeoIP database downloads
See this thread https://forum.configserver.com/viewtopic.php?t=12914 .
You can make these changes manually today or wait for the developer to publish an update to CSF.
You can make these changes manually today or wait for the developer to publish an update to CSF.