Yet another upgrade
- Thread starter Mike
- Start date
Yes it is great. Mike does a fantastic job.
Mike
Well-Known Member
fluidfloyd
Active Member
Well in that case...Mike you are the Baddest Computer Manipulator I have ever seen bar none! My hat's off to you Sir! Now if you could just teach me how to run a cell phone with a touch screen I'd be complete in my life. I'll probably just go back to my flip phone before it's all said and done. Or maybe smoke signals or signal mirrors. Morse code would work too!
George
George
Mike
Well-Known Member
Smart phones are not so bad, but I will have to say they work better with nimble fingers, than they do with these old paws. I noticed at some point, likely whilst I was asleep, someone took my hands and exhchanged them for these old man's hands.
Just a heads up to everyone - I happen to have, in these paws of mine, yet another upgrade package. This one will take us to Beta 3, which likely means we are within a couple weeks of a Release Candidate. After that, I'm betting one more week to 1.4.0 Stable. So, be prepared, as I will likely be running an upgrade within the next 24 hours. But you know the drill. If you arrive here to find the site closed, wait 15 minutes and try again.
Just a heads up to everyone - I happen to have, in these paws of mine, yet another upgrade package. This one will take us to Beta 3, which likely means we are within a couple weeks of a Release Candidate. After that, I'm betting one more week to 1.4.0 Stable. So, be prepared, as I will likely be running an upgrade within the next 24 hours. But you know the drill. If you arrive here to find the site closed, wait 15 minutes and try again.
cptn60
Member
I gotta admit when I first joined and started posting I thought I "knew" better. I mean tune it(this forum), and drive it like your average car. Maintain it don't jack with it. I was absolutely wrong about all that. This is more like a fuel dragster; maintainence between every round(often) and with hopes you don't smoke the tires. Hat's off to all the guys but especially Mike. Gotta be a thankless job.
Mike
Well-Known Member
Heh, there is always something needing work. Whether is is upgrades on the server software, upgrades on the forum software, upgrades to the forum add-ons software, massaging the database configuration files, massaging the firewall configuration, trying to help members understand how to use forum functions and features, trying to help potential members sort out how to register, paying this bill or that bill, etc. It is a-l-w-a-y-s one thing or another. Such is the nature of the beast, but there are days when I admit it tends to wear me down a bit. Nothing to be done, other than to keep plugging.
Mike
Well-Known Member
And that's all been handled, we''re now running on the Stable release. Apologies for all the downtime, over the last few weeks, but I always like to make sure all the software is as up-to-date as possible. Old software usually presents security threats, and I don't need any more problems than I already have.
Mike
Well-Known Member
Apologies for the downtime, but there was a cross site forgery request vulnerability in the software, which needed to be patched. As most of you will know, I take matters of site security very seriously, so when something like this crops up, I want to get it handled as quickly as possible.
Much appreciated Mike!
Mike
Well-Known Member
We were down for a few minutes, for yet another upgrade. I hate putting people off with the shut-downs, but if you knew the additional layers of security we're adding with these upgrades, you would understand why I do it.
We've changed bases on our human verification. Again.
Hopefully, we're now only two steps behind the bloody registration bots, instead of three. But this new system should prove to work fairly well, at least for a day or two.
There is a look at our current registration page. (Look at that notice in a pretty, red font, yet I still manage to get a handful of e-mails each week, from prospective new members, wondering why their e-mail is banned. I reckon stupid is as stupid does.)
Anyway, the arrow is indication our new verification module. First off, it requires a prospective new member to tick the checkbox, so that will trick the bots for a while.
Once the checkbox has been ticked, a jQuery verification window opens up, asking that the text in the displayed image be typed in. In this case, I typed 5000 and clicked the Verify button.
And you can see in the above image that the answer I typed in was correct, proving that I am not a registration bot.
There will be all manner of text images, some with numbers, come with text, and some with both. If an image shows up with text, that text must be entered exactly as displayed. But that is about the only issue that will catch people up. They will want to enter capitalized letters in lower-case and vice-versa.
Once the bots start catching onto this new reCAPTCHA scheme, we'll move to something else. I hate flippin' spammers, with every fiber of my being, so we're always doing our best to punt them into touch, afore they get in here.
We've changed bases on our human verification. Again.
Hopefully, we're now only two steps behind the bloody registration bots, instead of three. But this new system should prove to work fairly well, at least for a day or two.
There is a look at our current registration page. (Look at that notice in a pretty, red font, yet I still manage to get a handful of e-mails each week, from prospective new members, wondering why their e-mail is banned.
I reckon stupid is as stupid does.)Anyway, the arrow is indication our new verification module. First off, it requires a prospective new member to tick the checkbox, so that will trick the bots for a while.
Once the checkbox has been ticked, a jQuery verification window opens up, asking that the text in the displayed image be typed in. In this case, I typed 5000 and clicked the Verify button.
And you can see in the above image that the answer I typed in was correct, proving that I am not a registration bot.
There will be all manner of text images, some with numbers, come with text, and some with both. If an image shows up with text, that text must be entered exactly as displayed. But that is about the only issue that will catch people up. They will want to enter capitalized letters in lower-case and vice-versa.
Once the bots start catching onto this new reCAPTCHA scheme, we'll move to something else. I hate flippin' spammers, with every fiber of my being, so we're always doing our best to punt them into touch, afore they get in here.
Mike
Well-Known Member
I'm going to be making some changes in the back room over the next several minutes. And, to be perfectly honest, I'm unsure of what the results might be like. You may seem some unusual things happening, particularly with images, but I hope to keep anomalies to a bare minimum. This is only a test, so try to bear with me for the next few minutes.
Mike
Well-Known Member
Hehe, the only question to be asked now is who's your daddy? (Or in my case, Hoosier Daddy )
The site has been running on SSL (Secure Sockets Layer) for several months. It is just one more step I have taken to ensure site security for everyone. But there has always been a problem that had been bothering me. Whilst data in a message was all stored on this SSL secured server, if someone happened to post an image that was being hosted on another, non-SSL site, then some browsers are known to balk a bit. A secure site should be serving secured data, right?
Here is an example. Look up in the address bar of your browser and you will see the site is running securely by not only the https in the URL, but also by the small padlock preceding the address. But look at this image -
The screenshot shows a post I had submitted, where I was pulling in an image from one of my other servers, which is not running SSL. And whilst Firefox is rather passive in its protest, you can still see the secure padlock has been replaced with an exclamation point, warning icon.
But, I just activated a feature on the forums that takes all of these third-party images and pulls them into a cached proxy server, running on the same server as the forums.
And now, when you look at the address bar, the padlock is back, and you can see the image is no longer being pulled in from the external server, but from our own, cached, proxy server.
It's just another tool in our efforts to provide you with a safe and secure site.
)The site has been running on SSL (Secure Sockets Layer) for several months. It is just one more step I have taken to ensure site security for everyone. But there has always been a problem that had been bothering me. Whilst data in a message was all stored on this SSL secured server, if someone happened to post an image that was being hosted on another, non-SSL site, then some browsers are known to balk a bit. A secure site should be serving secured data, right?
Here is an example. Look up in the address bar of your browser and you will see the site is running securely by not only the https in the URL, but also by the small padlock preceding the address. But look at this image -
The screenshot shows a post I had submitted, where I was pulling in an image from one of my other servers, which is not running SSL. And whilst Firefox is rather passive in its protest, you can still see the secure padlock has been replaced with an exclamation point, warning icon.
But, I just activated a feature on the forums that takes all of these third-party images and pulls them into a cached proxy server, running on the same server as the forums.
And now, when you look at the address bar, the padlock is back, and you can see the image is no longer being pulled in from the external server, but from our own, cached, proxy server.
It's just another tool in our efforts to provide you with a safe and secure site.
