It is currently Tue Dec 12, 2017 1:11 pm

All times are UTC - 7 hours





Post new topic Reply to topic  [ 28 posts ]  Go to page 1, 2  Next
Author Message
PostPosted: Tue Aug 30, 2016 1:01 pm 
Offline

Joined: Sat Oct 02, 2004 12:07 pm
Posts: 163
With 2/3rds of the server being on my desk at work and the other third arriving tomorrow (Wednesday), I figure it is a good time to let everyone know what will be happening


08/31 - Hardware testing / burn-in
09/01 - initial configuration
09/02 - install server in rack alongside current server. forums and wiki will stay up and running on current server but hosted sites (such as Blargg's Home) may be down at times during the weekend
09/03-04 - the forums and wiki will be cloned over and tested. once tested, the old server will be locked and traffic transferred to the new server
09/05 - old server will be powered down and removed from the ISP

I will try and keep everyone updated during migration over the weekend

_________________
i dont have much to say


Top
 Profile  
 
PostPosted: Fri Sep 02, 2016 7:25 am 
Offline

Joined: Sat Oct 02, 2004 12:07 pm
Posts: 163
one of the server's two IP addresses have been disable in preparation for the new server going in the rack. I am heading to the ISP in a few minutes :)

_________________
i dont have much to say


Top
 Profile  
 
PostPosted: Fri Sep 02, 2016 10:47 am 
Offline

Joined: Sat Oct 02, 2004 12:07 pm
Posts: 163
server migration has been delayed until Wednesday... the ISP has been moving their support staff to a different location and the network admin is on vacation until then. :|

it was nice of them to update us on these changes... oi

_________________
i dont have much to say


Top
 Profile  
 
PostPosted: Thu Sep 08, 2016 12:17 pm 
Offline

Joined: Sat Oct 02, 2004 12:07 pm
Posts: 163
We were able to get the new server in the rack :) migration to soon follow

_________________
i dont have much to say


Top
 Profile  
 
PostPosted: Mon Sep 12, 2016 11:38 am 
Offline

Joined: Sat Oct 02, 2004 12:07 pm
Posts: 163
Nesdev.com will be down for a while tonight starting around midnight MST for server migration.

_________________
i dont have much to say


Top
 Profile  
 
PostPosted: Mon Sep 12, 2016 11:32 pm 
Offline

Joined: Sat Oct 02, 2004 12:07 pm
Posts: 163
forums are now back up, as is the nesdev.com index. currently working on the wiki

_________________
i dont have much to say


Top
 Profile  
 
PostPosted: Mon Sep 12, 2016 11:42 pm 
Offline

Joined: Sat Oct 02, 2004 12:07 pm
Posts: 163
the wiki should now be good to go as well

_________________
i dont have much to say


Top
 Profile  
 
PostPosted: Tue Sep 13, 2016 1:28 am 
Offline
User avatar

Joined: Sun Sep 19, 2004 9:28 pm
Posts: 3192
Location: Mountain View, CA, USA
The speed difference, even with HTTPS/SSL negotiation, is tremendous (on both forum and wiki). Woot.

However, the DH params for SSL need to be regenerated and higher security applied:

https://www.ssllabs.com/ssltest/analyze ... Results=on

"This server supports weak Diffie-Hellman (DH) key exchange parameters. Grade capped to B." Details:

* https://weakdh.org/
* https://weakdh.org/sysadmin.html

Assuming nginx (I checked the Server HTTP header):

Code:
This can take a while on some systems (depends on CPU, etc.) so be patient:

openssl dhparam -out /etc/nginx/dhparam.pem 2048

nginx.conf (or whatever):

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/nginx/dhparam.pem;

The ciphers list I provided here differs from what you might see on the weakdh.org site. The list I provided comes directly from https://raymii.org/s/tutorials/Strong_S ... nginx.html for present-day nginx (I don't know what version you're using).

Hope this helps!


Top
 Profile  
 
PostPosted: Tue Sep 13, 2016 2:45 am 
Offline
User avatar

Joined: Tue Jun 24, 2008 8:38 pm
Posts: 1519
Location: Fukuoka, Japan
Since the migration I have to enter a captcha on every login. I like nes trivia but is there a reason behind it? Ssl migration? Cookie leftover?


Top
 Profile  
 
PostPosted: Tue Sep 13, 2016 5:27 am 
Offline

Joined: Thu Oct 05, 2006 6:29 am
Posts: 911
Quote:
Since the migration I have to enter a captcha on every login

Same here. It doesn't help that the answers seem to be case sensitive, or that it isn't apparent how one should formulate the answer even if one knows the answer (is our princess "in another castle", or in "another castle"?).


Top
 Profile  
 
PostPosted: Tue Sep 13, 2016 7:05 am 
Offline

Joined: Sun Sep 19, 2004 11:12 pm
Posts: 19335
Location: NE Indiana, USA (NTSC)
I disagree with requiring a CAPTCHA on the first login attempt, not just sign-up or after multiple failures. This also means that the number of computers through which I participate will dwindle as their persistent cookies expire.

I can't even see whether I have the power to turn it off because when I try to log in to the Administration Control Panel on my first attempt to log in in the past 20 hours, I get "You exceeded the maximum allowed number of login attempts. In addition to your username and password you now also have to solve the CAPTCHA below." I will treat this failure as a demotion of my privileges here from administrator to global moderator for the period starting now and presumably ending when WhoaMan explains the reason for this policy change.


Top
 Profile  
 
PostPosted: Tue Sep 13, 2016 7:56 am 
Offline

Joined: Sat Oct 02, 2004 12:07 pm
Posts: 163
tepples wrote:
I can't even see whether I have the power to turn it off because when I try to log in to the Administration Control Panel on my first attempt to log in in the past 20 hours, I get "You exceeded the maximum allowed number of login attempts. In addition to your username and password you now also have to solve the CAPTCHA below." I will treat this failure as a demotion of my privileges here from administrator to global moderator for the period starting now and presumably ending when WhoaMan explains the reason for this policy change.


None of the privileges have changed, seems to be a bug with the migration. I will look in to it and try to figure out what is happening.

_________________
i dont have much to say


Top
 Profile  
 
PostPosted: Tue Sep 13, 2016 8:49 am 
Offline
User avatar

Joined: Tue Jun 24, 2008 8:38 pm
Posts: 1519
Location: Fukuoka, Japan
WhoaMan wrote:
None of the privileges have changed, seems to be a bug with the migration. I will look in to it and try to figure out what is happening.


Well good to know that it's know some kind of nes trivia bullying :lol:


Top
 Profile  
 
PostPosted: Tue Sep 13, 2016 9:36 am 
Offline

Joined: Sat Oct 02, 2004 12:07 pm
Posts: 163
it has to do with the proxy using the server's IP address so it appears as all users are logging in with the same IP

_________________
i dont have much to say


Top
 Profile  
 
PostPosted: Tue Sep 13, 2016 9:41 am 
Offline
User avatar

Joined: Mon Feb 07, 2011 12:46 pm
Posts: 941
I disagree with HTTPS-only

_________________
.


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 28 posts ]  Go to page 1, 2  Next

All times are UTC - 7 hours


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group