cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Canon forum hacked?

TCampbell
Elite

I noticed that if you go to https://community.usa.canon.com you get a page with several links... one of which is the "Canon Forum".

 

But if you pick that link, it tries to go to: https://canon.us/YSGl 

 

(Note:  The REAL Canon forums are here:  https://community.usa.canon.com/t5/Canon-Forum/ct-p/Canon_Forum )

 

I'm pretty sure that's not a valid Canon USA url.  If I check it, my browser gives a security warning not to trust the site (becuase the certificate doesn't match the URL).  If I inspect the certificate, I get this:

 

Screen Shot 2018-08-07 at 7.44.15 PM.png

 

I'm reasonably confident that Canon USA isn't running any part of their website using that certificate, nor under the domain name of "canon.us".

 

You may want to have your webmaster check that and do some security scans on your web servers.

 

 

Tim Campbell
5D III, 5D IV, 60Da
13 REPLIES 13

TCampbell
Elite

BTW, looks like the URL's have been updated to go to the correct locations without giving the certificate warnings.

 

I've been checking this for a few days (just in case it was a matter random probability that could send me to a working vs. non-working server).  It has been behaving correctly each time I check ... so hopefully that means the issue has been resolved.

 

 

Tim Campbell
5D III, 5D IV, 60Da


@johnsmith101 wrote:
It's possible you run more than one real server at "canon.us" (most sites run *at least* two servers to provide high availability ... but may run more). To create a highly available site, a "load balancer" is used to balance traffic between the servers. There are two major categories of load balancers... one is a "geographic load balancer" which is really a special kind of DNS server (e.g. when I request the IP address of "canon.us" it gives ME an IP address of a server ... when YOU requests the IP address of "canon.us" it may give YOU an IP address of a DIFFERENT server.) The other type is a "local" load balancer. These behave a little more like a network switch in that when I connect to an IP address (which it calls a "virtual IP" or "VIP") it actually knows there are a number of real servers (which it calls "real IP" or "RIP") behind the the load balancer.

I almost certain that they use at least two hosting servers.  One hosts the full UI version for PCs, and another hosts a mobile UI version for mobile devices.  Of course, those two hosts would have to access to a shared database.

--------------------------------------------------------
"The right mouse button is your friend."

This is a really old thread, but the long and short of what happened is budURL, the vendor we use to shorten our URLs using the vanity site canon.us, changed their name to bl.ink. That most likely caused a certificate mismatch. We chose the vanity site "canon.us" because we're Canon USA. In the rest of the world, the Canon localities usually use their two letter country identifier somewhere in their URL, like canon.ca, or canon.co.uk. Here in the USA, we do ours kind of backward - usa.canon.com, but it allows us to have the vanity site canon.us as our shortened URLs for social media: canon.us/support for example. The top-level site canon.us only very recently started redirecting to usa.canon.com. As a matter of fact, I only found out about it while writing this reply! 

 

It might not be super technical, but it's what happened. I hope that helps! 

onegold88
Apprentice

Nope! It's working fine here.

Announcements
01/18/2023: New firmware version 1.1.1 is available for EOS R6 Mark II
01/09/2023: Help ensure your autofocus is properly aligned with a Canon Precision Alignment
01/03/2023: Welcome to CES 2023!
12/08/2022: New firmware version 1.0.5.1 is available for EOS C70
12/07/2022: New firmware version 1.7.0 is available for EOS R5
12/07/2022: New firmware version 1.7.0 is available for EOS R6
11/22/2022: New firmware available for EOS R3, EOS R7 and EOS R10
11/16/2022: We're thrilled to be ranked among the Best Employers for Veterans in 2022 by Forbes.
08/31/2022: New firmware version 1.1.1 is available for RF 70-200mm L IS USM
08/09/2022: New firmware version 1.2.0 is available for CR-N 300
08/09/2022: New firmware version 1.2.0 is available for CR-N 500
07/14/2022: New firmware version 1.0.1 is available for CR-X300
06/10/2022: Service Notice:UPDATE: Canon Inkjet Printer continuous reboot loop or powering down
06/07/2022: New firmware version 1.3.2 is available for PowerShot G7 X Mark III
05/31/2022: Did someone SAY Badges?
05/26/2022: New firmware version 1.0.5.1 is available for EOS-C500 Mark II
05/26/2022: New firmware version 1.0.3.1 is available for EOS-C300 Mark III
05/10/2022: Keep your Canon gear in optimal condition with a Canon Maintenance Service
05/05/2022: We are excited to announce that we have refreshed the ranking scale within the community!
04/26/2022: New firmware version 1.0.1.1 is available for EOS R5 C
03/23/2022: New firmware version 1.0.3.1 is available for EOS-C70
02/09/2022: Share Your Photos is back!
02/07/2022: New firmware version 1.6.1 is available for EOS-1DX Mark III
01/19/2022: READY FOR ANYTHING EOS-R5 C
01/13/2022: Community Update. We will be retiring the legacy profile avatars on 01/20/2022. Click this link to read more.