When creating a new account, forum.step-project.com is sending the following validation link:
where it should be:
Similarly, the auto validation link is broken:
but it should be:
Finally, the https interface is open with a bad certificate and an admin management access. Even if you don't care about secure access, you should at least close down that interface since it's a separate running instance. Alternatively if you're using it for admin operations you should assign a non-default port so it won't get accessed by mistake.