Stories
Slash Boxes
Comments

SoylentNews is people

posted by NCommander on Friday March 14 2014, @06:44AM   Printer-friendly
from the timebombs-are-exciting dept.
We had an hour or so or downtime today. After debugging, the root cause came from the SSL certificates we use to establish a database connection from the webserver to the actual DB. As a prelude GoLive, we migrated from unencrypted connections to encrypted connections as we have to cross the Linode internal LAN. In an attempt to improve data security, we generated a set of SSL certificates and used those to encrypt the MySQL connections. In the flurry of golive, no one thought to check the expiry date on said certificates. Out of the box, OpenSSL generates certificates with a one month expiry unless manually changed.

As you might expect, one month later, the certificates expired, and the database stopped accepting remote connections. New certificates were generated with a ten year expiration, and we continue to work towards better documenting our internal processes on the wiki to prevent this sort of thing from happening again. Apache, and slashd are running again, and we appear to be back to status-quo in terms of site operation.

A full incident report will be written up and posted to the wiki in the next few days.
 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 4, Interesting) by Open4D on Friday March 14 2014, @02:14PM

    by Open4D (371) on Friday March 14 2014, @02:14PM (#16384) Journal

    ... log out or switch browser in order to post anonymously.

    Or in Firefox, do Ctrl-Shift-P

     

    Could you add back a checkbox 'post anonymously'?

    As I type this, I can see the "Post Anonymously" box just below, just to the right of the "No Karma Bonus" box. I tested that it works here [soylentnews.org].

     

    It would be nice to force all posts to be visible to someone who has modpoints.

    Interesting idea. Not just having mod points, but using them on a given set of comments. I suppose there could be a special "moderation view" of a story, in which the reply buttons are removed, the threshold is set to -1, and you could envisage other optimizations as well. (e.g. Rename all commenters, "Commenter0001", "Commenter0002", etc. so that the moderators aren't tempted to go by reputation?)

    Starting Score:    1  point
    Moderation   +2  
       Interesting=1, Informative=1, Total=2
    Extra 'Interesting' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   4  
  • (Score: 2) by Reziac on Saturday March 15 2014, @05:08AM

    by Reziac (2489) on Saturday March 15 2014, @05:08AM (#16753) Homepage

    I tend to use known uIDs as a clue that a thread is worth diving into for modding, and once I get there, I read other replies too, just in case. I can see having an anonymizing 'mod view' as optional, but I think I'd find it quite annoying myself (and I take moderating seriously).

    --
    And there is no Alkibiades to come back and save us from ourselves.