Stories
Slash Boxes
Comments

SoylentNews is people

posted by NCommander on Friday March 14 2014, @06:44AM   Printer-friendly
from the timebombs-are-exciting dept.
We had an hour or so or downtime today. After debugging, the root cause came from the SSL certificates we use to establish a database connection from the webserver to the actual DB. As a prelude GoLive, we migrated from unencrypted connections to encrypted connections as we have to cross the Linode internal LAN. In an attempt to improve data security, we generated a set of SSL certificates and used those to encrypt the MySQL connections. In the flurry of golive, no one thought to check the expiry date on said certificates. Out of the box, OpenSSL generates certificates with a one month expiry unless manually changed.

As you might expect, one month later, the certificates expired, and the database stopped accepting remote connections. New certificates were generated with a ten year expiration, and we continue to work towards better documenting our internal processes on the wiki to prevent this sort of thing from happening again. Apache, and slashd are running again, and we appear to be back to status-quo in terms of site operation.

A full incident report will be written up and posted to the wiki in the next few days.
 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 1, Interesting) by Anonymous Coward on Friday March 14 2014, @01:01PM

    by Anonymous Coward on Friday March 14 2014, @01:01PM (#16321)

    Three questions:

    1. I was forced to log out or switch browser in order to post anonymously. Could you add back a checkbox 'post anonymously'? It would be a very handy feature.

    2. My very first post to this site was modded down once (flamebait), so my karma is at -1 now. My other posts received no moderation. Is it really a good idea to punish me for that one downmod I received? All my posts now start at score 0, which means that the odds of them getting noticed and modded up are a lot smaller. So it would be difficult to improve my karma again. Could you lower the setting for the punishing to something less than -1 please? Now anyone who has an unlucky bad start like me is going to have a difficult time crawling out of that 'bad karma' hole again. (I had excellent karma on that other site, btw.) And the other way around also requires karma to be a lot higher than just 1 to have new posts start at score 2.

    3. Now that we are talking about feature requests... It would be nice to force all posts to be visible to someone who has modpoints. I remember seeing the text "browse at -1 to watch for abuse" from the other site. So I would like the visibility/collapsing thresholds to be applicable only to someone who does not have modpoints at the time of viewing the page. Or you could provide a separate configurable threshold setting for use in modpoints mode. It's not very logical for someone with modpoints to browse at +3 or something. Unless he doesn't intend to use the modpoints at all, of course.

    Thanks!

    Starting Score:    0  points
    Moderation   +1  
       Interesting=1, Total=1
    Extra 'Interesting' Modifier   0  

    Total Score:   1  
  • (Score: 4, Interesting) by Open4D on Friday March 14 2014, @02:14PM

    by Open4D (371) on Friday March 14 2014, @02:14PM (#16384) Journal

    ... log out or switch browser in order to post anonymously.

    Or in Firefox, do Ctrl-Shift-P

     

    Could you add back a checkbox 'post anonymously'?

    As I type this, I can see the "Post Anonymously" box just below, just to the right of the "No Karma Bonus" box. I tested that it works here [soylentnews.org].

     

    It would be nice to force all posts to be visible to someone who has modpoints.

    Interesting idea. Not just having mod points, but using them on a given set of comments. I suppose there could be a special "moderation view" of a story, in which the reply buttons are removed, the threshold is set to -1, and you could envisage other optimizations as well. (e.g. Rename all commenters, "Commenter0001", "Commenter0002", etc. so that the moderators aren't tempted to go by reputation?)

    • (Score: 2) by Reziac on Saturday March 15 2014, @05:08AM

      by Reziac (2489) on Saturday March 15 2014, @05:08AM (#16753) Homepage

      I tend to use known uIDs as a clue that a thread is worth diving into for modding, and once I get there, I read other replies too, just in case. I can see having an anonymizing 'mod view' as optional, but I think I'd find it quite annoying myself (and I take moderating seriously).

      --
      And there is no Alkibiades to come back and save us from ourselves.