How to fix error “Your connection is not private” in Chrome

from: How to fix error “Your connection is not private” in Chrome

“Your connection is not private. Attackers might be trying to steal your information from ….. (for example, password, messages, or credit cards)”

If you are repeatedly facing “Your connection is not private” error in Google Chrome Browser then I can truly understand your pain because I have also faced this error a week ago while browsing the Web.

Since, the Internet fraud and cybercrimeare some of the most common things these days. So, we all care about our privacy too much and always want to protect our personal information from the envy eyes. That’s why, whenever we see the error message like “Your connection is not private” then we feel bad and want to fix it as soon as possible. Last week, whenever I tried to log into my Fiverr account using Google Chrome, I get an error message that says:

 

Your connection is not private

Attackers might be trying to steal your information from www.fiverr.com (for example, passwords, messages, or credit cards).

NET::ER_CERT_COMMON_NAME_INVALID

After few basic searches on the web, I got the reason behind “Your connection is not private” error in chrome and how to fix it. Here’s the detail information:

You might also like to see: How to Fix “Your connection is not private” Error on Android

What is “Your connection is not private” Error in Google Chrome?

Basically, “Your connection is not private” or “Net::ERR_CERT_DATE_INVALID” error appears on screen due to the SSL error. SSL (secure sockets layer) is used by the Websites to keep all the information you enter on their pages private and secure. If you are getting the SSL error Net::ERR_CERT_DATE_INVALID in Google chrome, it means your Internet connection or your computer is preventing Chrome from loading the page securely and privately.

how to fix error "your connection is not private" in chrome

I hope, now you are well familiar with – what is an SSL connection error? Now, let’s know Why SSL error or “Your connection is not private” error occur in Google Chrome?

Why SSL errors occur?

There is various reason of SSL errors occurrence, but some of the most important reasons why SSL warnings occur are:

  • The certificate is not issued by a recognized third part: Certificate creation is not a tough job, anyone can easily create SSL certificate. That’s why, Google Chrome examines to see whether a site’s certificate came from a trusted organization or not. If the site’s certificate is not detected from a trusted organization then Google Chrome can’t provide the access.
  • The site’s certificate is not up-to-date: In case, the site’s certificate is from a trusted organization but not up-to-date from a long time then Google Chrome cannot verify that the site is still secure and private.
  • The connection between the browser and the website might not be secure:Sometimes, it happens due to the unsecure combination of the Internet connection between the browser and the website.

Now, if you are quite clear with the terms – what is an SSL connection error? And Why SSL error or “Your connection is not private” error occurs in Google Chrome? then let’s know the methods to fix your connection is not private error in chrome.

How to Fix “Your connection is not private” Error

You haven’t to perform any complex settings in order to fix “Your connection is not private” in chrome. Only you have to check and fix the issue due to which your Internet connection or your computer is stopping Google Chrome from loading the page privately and securely. Here’s how:

Method 1: Check the Date and Time

In most of the cases, computer’s inaccurate date and time are the biggest cause of an SSL error or “Your connection is not private” error message. If you want to get rid of Google Chrome “Your connection is not private” error message then update your device’s clock. Once you corrected the date and time on your PC, you will not face this error again.

Method 2: Check the Antivirus Software

If your computer’s date and time are up to date, but still you are facing the privacy error “your connection is not private” then you need to check the antivirus software installed on your computer. Sometimes antivirus programs block the website’s security certificate and in result you face “your connection is not private” error on Web browsers. Here’s what to do:

  • If you have installed the Avast Free Antivirus to protect your PC then you will have to turn off HTTPS scanning in Avast. To do so, go to Settings → Active Protection → Web Shield → Customize, and finally uncheck the “Enable HTTPS scanning” box.
  • If you are using Bitdefender antivirus software to get the best real-time security for your PC then you need to turn off SSL scan. To do this, firstly open the main interface of Bitdefender and then go to Settings (which is located at upper right corner). Now from there, click on Privacy Control → Antiphishing tab → turn OFF the Scan SSL.

Method 3: Clean Google Chrome Browser

If above-mentioned methods don’t work for you then somehow cleaning the junk fromGoogle Chrome Browser can help you. To delete the cache, history, and other browser data from Google Chrome browser:

  • First of all, go to Settings → Show advanced settings → Clear browsing data under Privacy options.

If clearing browsing data doesn’t help then you can reset chrome browser settings to the default browser settings too. To reset your Chrome browser settings:

  • Firstly, click on the Chrome menu → Settings → Show advanced settings → Reset settings → Reset.

Clearing chrome cache and removing unwanted Google Chrome extensions also helps you a lot in such situation. Here’s how:

Method 4: Proceed to the Site

If you’re sure that the site you attempting to login is secured then you should proceed to the site. Because, if Google Chrome says that the security certificate is from the same domain you are attempting to login, it means there is nothing to worry about when the error appears.

  • To proceed, firstly click on the “Advanced” link.

your connection is not private

  • After that select “Proceed to <website link> (unsafe)“.

your connection is not private fix

You may also be interested in checking out:

Method 5: Prevent Warning

Addition to all these things, if you want to prevent the warning then you can easily set to prevent warning for a particular period. To prevent warning in Chrome:

  • First of all, type chrome://flags” in the address bar and then press Enter.
  • Now scroll down towards the bottom and find “Remember decisions to proceed through SSL errors for a specified length of time.” option.
  • Once you find it, now from the drop-down menu select the desired setting according to your wish.

how to fix ssl error

  • After selecting, whenever next time you receive the “Your connection is not private” error in chrome then select Advanced → “Proceed to <website link> (unsafe)“.
  • Once you completed these steps successfully, you won’t be interrupted with the Google Chrome your connection is not private error message again for selected time period (the preventing time you selected from the drop-down menu).

Important Note: Apply this method (Method 5: Prevent Warning) only if you’re sure that the websites you are attempting to login is secured and will not make any disturbance of the Internet connection between the browser and the website.

How to Fix “Your connection is not private” Error on Android

If you have successfully solved Your connection is not private Google chrome error on your desktop computer or laptop but you don’t have any idea that how to fix Google chrome Your connection is not private error on Android devices then you might feel a little worried.

how to fix your connection is not private error on android

But don’t worry, the methods to bypass Your connection is not private net::err_cert_authority_invalid chrome error in Android are not too much different from the methods for computer. Follow this step by step guide and make your connection private on Google chrome very easily:

Lots of Android users find this SSL connection error solving guide helpful for them and perfectly solved Your connection is not private error on Android phone and tablet.Try out and let us know your point of view.

Conclusion

Thus, you can see how simple is to fix “Your connection is not private” error in Google Chrome. Apply these methods one by one on your Computer and let us know which method worked extremely well for you. Let us know – if have another appropriate way to fix error “Your connection is not private” in Chrome.

 

 

ubuntu下VPN客户端安装

ubuntu类系统,

sudo apt-get install openconnect
sudo apt-get install network-manager-openconnect
sudo apt-get install network-manager-openconnect-gnome

然后打开 network-manager, 添加对应协议的vpn即可。

linux下批量屏蔽ip

昨晚,当我再次打开自己博客时,居然我的博客再次出现了502错误,就像wordpress xmlrpc攻击解决 中的一样,我想,这次难道又和上次一样遭到了xmlrpc攻击?

1.从访问日志确认是否遭受攻击
想到这里,赶快ssh登录到我的博客服务器,执行命令,

tail -f /var/log/nginx/access.log

好啊,果然又是刷屏日志,

185.106.92.160 - - [10/Apr/2016:06:42:31 +0000] "POST /xmlrpc.php HTTP/1.0" 499 0 "-" "Mozilla/4.0 (co
mpatible: MSIE 7.0; Windows NT 6.0)"
185.130.5.195 - - [10/Apr/2016:06:42:41 +0000] "POST /xmlrpc.php HTTP/1.0" 499 0 "-" "Mozilla/4.0 (com
patible: MSIE 7.0; Windows NT 6.0)"
185.130.5.195 - - [10/Apr/2016:06:43:05 +0000] "POST /xmlrpc.php HTTP/1.0" 499 0 "-" "Mozilla/4.0 (com
patible: MSIE 7.0; Windows NT 6.0)"
54.169.13.73 - - [10/Apr/2016:06:43:06 +0000] "POST /wp-cron.php?doing_wp_cron=1460270585.476536035537
7197265625 HTTP/1.0" 499 0 "-" "WordPress/4.4.2; http://idocbox.com"
185.106.92.160 - - [10/Apr/2016:06:43:12 +0000] "POST /xmlrpc.php HTTP/1.0" 499 0 "-" "Mozilla/4.0 (co
mpatible: MSIE 7.0; Windows NT 6.0)"
185.130.5.195 - - [10/Apr/2016:06:43:36 +0000] "POST /xmlrpc.php HTTP/1.0" 499 0 "-" "Mozilla/4.0 (com
patible: MSIE 7.0; Windows NT 6.0)"

2.确认iptables规则
如此频繁的访问造成了服务器响应超时,从而无法正常对外服务。记得上次,我明明添加了类似这样的规则,

sudo iptables -A INPUT -s 185.130.5.0/16 -j DROP

应该可以堵住来自185.130.5.*的ip的请求的,为何这次还是出现了185.130.5.195 这个呢? 难道我上次添加的规则丢失了,此时执行,

sudo iptables --list

里面应该没有那条添加的规则了。可能这条规则在服务器重启时没有加载或者不小心执行过,

sudo iptables --flush

而导致规则被清空。

好了,这样发现一个ip添加一个的方式有些让人疲惫和被动,我得找找更好的方案!

3. 批量屏蔽ip访问
google 了下,找到一篇很好的文章 如何在 Linux 下大量屏蔽恶意 IP 地址,打开照着进行操作,发现里面部分命令有些错误,部分内容描述不清,另外也没用解决重启后iptables规则丢失问题。那我就不断参考他们来实践,并整理出正确的操作步骤。

3.1 安装ipset
为了使用iptables批量屏蔽ip,我们需要借助一个叫做ipset的工具。为此,首先请安装ipset,

 sudo apt-get install ipset

3.2获取一个已有的ip黑名单列表
在网络的世界里,总有一些不为人知的黑色产业链进行着各种可恶攻击,它们试图破坏别人的服务器、攻破并窃取他人信息,而也有些人总不断的发现这些攻击者的ip,并将它们公布出来,供大家参考,屏蔽这些ip访问。比如 iblocklist.com就是一个ip黑名单分享网站。我将一步步教大家如何从这个网站获取ip黑名单。
1) 安装python-pip
python-pip时python的包管理工具,通过下面命令安装,

sudo apt-get install python-pip

2) 安装iblocklist2ipset包

 sudo pip install iblocklist2ipset

3) 通过iblocklist2ipset将ip黑名单转换为ipset

iblocklist2ipset generate --ipset banthis "http://list.iblocklist.com/?list=ydxerpxkpcfqjaybcssw&fileformat=p2p&archiveformat=" > banthis.txt

注意:参考的文章里面使用的链接是,

http://list.iblocklist.com/?list=ydxerpxkpcfqjaybcssw&fileformat=p2p&archiveformat=gz

需要去掉后面的gz。如果带上gz会导致parse时出现编码错误。
这时,我们可以通过more命令查看得到的文件banthis.txt,

more banthis.txt

可以看到类似这样的内容,

create banthis hash:net family inet hashsize 131072 maxelem 237302
add banthis 1.2.4.0/24
add banthis 1.2.8.0/24
add banthis 1.9.75.8/32
add banthis 1.9.96.105/32
add banthis 1.9.102.251/32
add banthis 1.9.189.65/32
add banthis 1.16.0.0/14

4)修改banthis,添加要增加屏蔽的ip
因为我希望在刚才得到的这个文件里面添加一些新的ip地址,那么这个ipset的长度就需要扩展下,我的做法比较简单,直接将它的size扩大了10倍,

sudo vi banthis.txt

修改第一行内容为如下,并添加攻击我的ip

create banthis hash:net family inet hashsize 1310720 maxelem 2363090
add banthis 46.0.0.0/8
add banthis 54.0.0.0/8
add banthis 185.0.0.0/8
add banthis 1.2.4.0/24
add banthis 1.2.8.0/24
add banthis 1.9.96.105/32

保存该文件。

3.3 配置启动时自动配置iptabls脚本
1) 保存iptables规则
为了服务器重启时仍然可以加载先前配置,我们将iptables规则保存到一个单独文件中,

sudo iptables-save > /home/ubuntu/iptables-rules.conf

2) 配置网络激活后的执行脚本
在linux下(debian, ubuntu),当网络激活后,linux会自动执行,

/etc/network/if-up.d

目录下面的脚本。
我们就是要借助这个机制,在这个目录下面添加一个脚本来执行这样iptables相关规则,

cd /etc/network/if-up.d
sudo vi idocboxiptables

输入如下内容,

#!/bin/sh
iptables-restore < /home/ubuntu/iptables-rules.conf
ipset restore -f /home/ubuntu/banthis.txt
iptables -I INPUT -m set --match-set banthis src -p tcp --destination-port 80 -j DROP

注意:我的iptables-rules 和 banthis.txt文件在/home/ubuntu/目录下,你配置的时候应该使用这两个文件在你自己服务器上的位置。

然后保存上面的文件。
将文件标记为可执行文件,执行,

sudo chmod +x idocboxiptables

这样就配置完成了,接下来我们重启服务器,看看我们的配置是否生效。

4. 重启服务器,验证
1) 重启服务器,

sudo reboot

等待若干秒,
2) 登录到服务器后台, 查看iptables

sudo iptables --list

应该显示的内容里面包含如下一条信息,

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
DROP       tcp  --  anywhere             anywhere             match-set banthis src tcp dpt:http

这说明我们的规则在服务器启动后已经正确加载。

3) 查看是否还有攻击ip

tail -f /var/log/nginx/access.log

如果没有刷屏日志,也没用刚才屏蔽的那几个ip的访问日志了,则说明已经屏蔽成功。

恩,是的啊!这时我的博客确实速度很快了,已经不出现502错误了!

操作环境信息:
ubuntu 14.04 server

参考文章:
1)如何在 Linux 下大量屏蔽恶意 IP 地址 http://blog.jobbole.com/84478/
2)How to run iptables automatically after reboot on Debian https://ip-news.net/2016/03/22/how-to-run-iptables-automatically-after-reboot-on-debian/
3)iptables and ipsets http://blather.michaelwlucas.com/archives/1679
4)ipset http://ipset.netfilter.org/ipset.man.html