Stories
Slash Boxes
Comments

SoylentNews is people

posted by NCommander on Sunday June 07 2015, @01:06AM   Printer-friendly
from the huzzah dept.

Earlier tonight, I modified our varnish rules to redirect all traffic to https://soylentnews.org if they came in as plain HTTP. Unfortunately, due to dropping SSLv3 support to prevent POODLE attacks, IE6 clients will no longer be able to reach SoylentNews. If this seriously inconveniences a large number of users, we may go through the trouble of whitelisting IE6 to drop down to HTTP only.

In addition, I applied an experimental update to production to try and clear as many errors as possible from the Apache error logs, in an attempt to continue isolating any remaining bugs and slowdowns. I also ripped out more dead code related to FireHose, Achievements, and Tags. As such, site performance appears to roughly be back to where it should be, and I have yet to see any 500 errors post-upgrade (though I concede that said update has only been up for about 2 hours at this point).

Tor traffic is set to bypass HTTPS due to the fact there is no way to prevent a self-signed certificate warning, and by design, tor both encrypts and authenticates hosts when connecting to them. A few lingering issues with the tor proxy were fixed with most recent code push, and the onion site should be back to functioning normally

P.S. I'm aware that the site is generating warnings due to the fact we use a SHA-1 based certificate. We will be changing out the certificate as soon as reasonably possible.

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by Techwolf on Sunday June 07 2015, @02:25AM

    by Techwolf (87) on Sunday June 07 2015, @02:25AM (#193109)

    This error cause the screw on a couple posts earlier today. I did a quick post about f-droid. Then had time later to look up the website name, did a reply to that with the name of the site, hit post and got the error, hit the back button and tired again. It went through. HOWEVER, I found myself logged out and that post was done as AC.

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: 2) by NCommander on Sunday June 07 2015, @02:40AM

    by NCommander (2) Subscriber Badge <michael@casadevall.pro> on Sunday June 07 2015, @02:40AM (#193111) Homepage Journal

    Yeah, I've been having the same sort of issues. This patch fixes everything I could find, but the error log was spamming a lot of warnings and it was hard to isolate what was noise and what wasn't so I took a blowtorch and removed as much as I could. I'll get another changeset together to remove more warnings to find the actual error

    --
    Still always moving
    • (Score: 0) by Anonymous Coward on Sunday June 07 2015, @03:19AM

      by Anonymous Coward on Sunday June 07 2015, @03:19AM (#193125)

      It didn't happen before. So something changed to introduce it, and this happened recently.

      • (Score: 2) by NCommander on Sunday June 07 2015, @03:24AM

        by NCommander (2) Subscriber Badge <michael@casadevall.pro> on Sunday June 07 2015, @03:24AM (#193128) Homepage Journal

        Site upgrade to rehash is what broke it. These are issues that didn't show up in the development environment before deployment.

        --
        Still always moving
        • (Score: 0) by Anonymous Coward on Sunday June 07 2015, @03:41AM

          by Anonymous Coward on Sunday June 07 2015, @03:41AM (#193132)

          What the fuck is rehash? If the site worked without rehash, but doesn't work with rehash, and whatever rehash is it doesn't offer any obvious benefit, then rehash should be removed.

          • (Score: 1, Interesting) by Anonymous Coward on Sunday June 07 2015, @04:30AM

            by Anonymous Coward on Sunday June 07 2015, @04:30AM (#193142)

            Maybe you missed this Upgrade Plans: Slashcode 15.03/Rehash 15.04 [soylentnews.org] which was published to the site on March 13th. In part, it stated:

            Introducing Rehash

            One of the long-standing complaints is that we should finalize our break with The Other Site, by renaming slashcode. In what has been a running theme with SoylentNews since golive, naming stuff seems to be our Achilles heel. While calls for renaming to SoylentCode, or something similar have been long been made, the fact is this site, and the engine that powers it is something more. Rehash is our port of slashcode to MP2 (mod_perl version 2), and introduces the first set of upgrades to allow greater community building and interaction.

            The name came about due to paulej72 renaming my work folder on lithium to "rehash", and well, I liked it (before this, the Apache 2 port was 'imaginatively' called Slashcode 15.03a2)

            The code that runs the site is based on *old* versions of Apache and perl; they are so old that they are no longer supported (i.e. no longer receive security or bug fixes.) As I understand it, this leaves the site open to security vulnerabilities, among other things. Of course, there were incompatible changes made to those so things that used to work fine, no longer do so. Besides those changes, the DB engine, as I understand it, needed an upgrade, too.

            Car analogy: the car looked okay, but the engine and the frame were all rusted out. We've done a complete replacement of all that underneath stuff, and things need to get ironed out and tuned so that it all works together again. But, now, we have low-profile radial tires for better grip, a turbo on the engine for more power, and a completely new suspension system for better handling in the turns and a better ride. Everything didn't quite line up properly, so we're doing some adjustments to get it all working together properly.

            That is from my limited perspective and understanding; I'm sure Ncommander or one of the other devs will correct me if I'm too wide of the mark on that.

            Remember how the site used to regularly *crash* for the first few months are go-live? The site had become so stable that these current annoyances are causing such a stir suggests to me just how fine a job our devs have done. I, for one, commend them for all their hard work which they generously donated in their free time, and without pay.

            • (Score: 0) by Anonymous Coward on Sunday June 07 2015, @07:28AM

              by Anonymous Coward on Sunday June 07 2015, @07:28AM (#193167)

              You can't say that! You just can't!

              ACs only post AC because they don't want the blowback! Named accounts are the only way you can tell who someone really is! Nobody would ever use a pseudonym, that would just be dishonest...

        • (Score: 2, Interesting) by Anonymous Coward on Sunday June 07 2015, @04:29AM

          by Anonymous Coward on Sunday June 07 2015, @04:29AM (#193140)

          Could the errors be related to the mod_perl 2 conversion?

            There are know issues where it over aggressively caches old code and modules that have changed and will not de-cache then without a hard restart, even when tools used to hint or prompt it to refresh it's cache are used. This causes it to incorrectly try to call into the no longer current code resulting in server errors. The caching can be inconsistent across different apache child processes, which further ads to the mayhem.