User Tools

Site Tools


projects:website

BLUG Website

This page lists the daily routines for stuffs who maintain the websites and servers of BLUG.

  • Fix known vulnerabilities.
  • Recover and prevent any services from crashing.
  • Regenerate certificates every 90 days.
  • Mitigate ongoing DoS attacks and spamming.
  • Harden the system with better configuration and use cryptography properly.
  • Improve performance.

TODOS

Website

  • Migrate old wiki data
  • Migrate old website data
  • Upload some old photos

Frontpage

  • Content-Security-Policy
  • The layout of the frontpage still looks crappy...
  • WordPress's performance was terrible, one reason is the low-powered server, another main factor is the plugin we use, as the whole framework of the mainpage, is really slow.
    • PHP 7 was tested to improve the performance, but soon discovered some incompatibilities with plugins, need to port them to PHP 7. PHP 7 has been stopped temporarily.
    • Partially fixed a performance issue that requests tinyURL every time loading the mainpage.
  • The frontpage contains unsafe JavaScript usage, and sometimes also mixed content.
  • A domain replacement is scheduled, part of the reasons is resolve the DoS attack.
  • FrontPage needs:
    • Light weight
    • Security and LibreJS compatible
    • Suite for event calender
    • Mobile-friendly
    • Beautiful
    • Easy configuring

Wiki

  • [Mitigated] Currently an ongoing DoS attack is still active. The attack source is a botnet that publishes large amount of spams to the wiki. As a countermeasure, active responses, such as IP-blacklist and URL-blacklist are used, public registration of the wiki is turned off.
    • We may use an anti-spam plugin to block bots from registering, and make the public registering open again.
  • Still lacks useful information, such as member lists, hardware recommendation, and event records and related introductions.
  • Monthly backup script
  • Promote wiki, let more people join.

XMPP

  • Set a public conference room
  • sync the conference room with IRC channel
  • Support OTR Encryption

Others

  • Sync IRC with other IM, such us Telegram, Tox, Matrix...
projects/website.txt · Last modified: 2017/08/10 11:13 by BLUG Admin