====== BLUG Website ======

This page lists the daily routines for stuffs who maintain the websites and servers of BLUG.

  * Fix known vulnerabilities.
  * Recover and prevent any services from crashing.
  * Regenerate certificates every 90 days.
  * Mitigate ongoing DoS attacks and spamming.
  * Harden the system with better configuration and use cryptography properly.
  * Improve performance.

===== TODOS =====

==== Website ====

  * <todo>Migrate old wiki data</todo>
  * <todo>Migrate old website data</todo>
  * <todo>Upload some old photos</todo>

=== Frontpage ===

  * <todo>Content-Security-Policy</todo>
  * <todo #tonghuix:2017-01-22>The layout of the frontpage still looks crappy...</todo>
  * <todo #shenmedouxing:2016-10-26>WordPress's performance was terrible, one reason is the low-powered server, another main factor is the plugin we use, as the whole framework of the mainpage, is really slow.</todo>
    * <todo #shenmedouxing:2016-10-26>PHP 7 was tested to improve the performance, but soon discovered some incompatibilities with plugins, need to port them to PHP 7. PHP 7 has been stopped temporarily.</todo>
    * <todo #shenmedouxing:2016-10-26>Partially fixed a performance issue that requests tinyURL every time loading the mainpage.</todo>
  * <todo #tonghuix:2017-01-22>The frontpage contains unsafe JavaScript usage, and sometimes also mixed content.</todo>
  * <todo #shenmedouxing:2016-10-27>A domain replacement is scheduled, part of the reasons is resolve the DoS attack.</todo>
  * **FrontPage needs:**
    * <todo #tonghuix:2017-01-22>Light weight</todo>
    * <todo #tonghuix:2017-01-22>Security and LibreJS compatible</todo>
    * <todo #tonghuix:2017-01-22>Suite for event calender</todo>
    * <todo #tonghuix:2017-01-22>Mobile-friendly</todo>
    * <todo #tonghuix:2017-01-22>Beautiful</todo> 
    * <todo #tonghuix:2017-01-22>Easy configuring</todo> 

==== Wiki ====

  * **[Mitigated]** <todo #shenmedouxing:2016-10-26>Currently an ongoing DoS attack is still active. The attack source is a botnet that publishes large amount of spams to the wiki. As a countermeasure, active responses, such as IP-blacklist and URL-blacklist are used, public registration of the wiki is turned off.</todo>
    * <todo #shenmedouxing:2016-10-26>We may use an anti-spam plugin to block bots from registering, and make the public registering open again.</todo>
  * <todo #tonghuix:2017-04-19>Still lacks useful information, such as member lists, hardware recommendation, and event records and related introductions.</todo>
  * <todo>Monthly backup script</todo>
  * <todo>Promote wiki, let more people join.</todo>


==== XMPP ====

  * <todo #shenmedouxing:2016-10-26>Set a public conference room</todo>
  * <todo #shenmedouxing:2016-10-26>sync the conference room with IRC channel</todo>
  * <todo #tonghuix:2017-01-22>Support OTR Encryption</todo>

==== Others ====

  * <todo>Sync IRC with other IM, such us Telegram, Tox, Matrix...</todo>