Forum Replies Created
-
Posts
-
Thanks erowley2802! This was the only board that I hadn't subscribed to so I didn't get notified about your post, sorry about that!
The first typo was fixed some time ago, and I just fixed the second typo you found (but haven't uploaded it yet). I'll probably update the document online once it reflects recent criticism of Certificate Transparency.
Thanks again!
Finally got confirmation of their full fingerprint:
FBAE 0323 821C 7706 A5CA 151B DCF5 13FA 7EED 19F3
Looks like this particular attack might've be fixed in PowerDNS 3.6RC1, not completely sure yet though (still trying to find their blasted GPG key as 3.6 hasn't been released yet but is available as a .deb via their site):
http://blog.powerdns.com/2014/04/03/further-dos-guidance-packages-and-patches-available/
Yes, I agree about Dreamhost. I very much can't wait to move off of them, it's just that I'm going to need like an entire week to dedicate to that project.
I'm not using ZFS unfortunately… I am using LVM though, along with periodic tarsnap backups, and the VPS host (RamNode) does their own backups as well. They're also in charge of the drive configuration, so I'm not sure how much leeway I have there.
Wow! O_O
badon you are amazing!
Thank you so much for those mod suggestions and sharing your overall wisdom on the topic. Clearly you know your stuff. 🙂
I generally try to install as few mods as I feel are necessary because problems tend to crop up with the more mods you install (had to deal with a conflict today actually).
Especially annoying is if you install a new language in the board after installing the mods. I did that today when I installed en-UTF8 here (don't know why that's not the default). If you do, you should click “uninstall” on all the mods you have and see if they show that they can be successfully installed. For those that fail because they weren't able to modify the language when they were installed, force uninstall and re-install them.
I'll give the “Stop Spammer” one a shot if I notice any spam on the boards. I haven't needed it yet for a much larger board.
I tried the Google translate mod but it was quite finicky and didn't show any languages:
Here are the mods that I'm using (and recommend):
- Simple Youtube Video Embedder/BBC (SMF seems to be having some problems with their mod site atm, as it's not showing up)
- Global Headers Footers
- Bad Behavior mod
- Board Notification Mod
- ENotify (this one's really cool)
I also wish there was a mod that let you write posts in Markdown…
Another thing I always do to the forums is edit code to remove PM content from email notifications about new PM's. The most obvious reason why is because it confuses people into replying via email, which doesn't work with a forum. The devs of SMF still seem to be burdened by throwbacks to the old mailing list days when replying to a message typically worked, before forums replaced mailing lists for almost all online communication. In fact, the decline of IRC usage (and other group chat technologies) coincided with the release of high quality free forum software, mostly the predecessors of PHPBB.
The biggest reason to not put PM content in email notifications is because it creates a privacy and security hole if the forum site is HTTPS. The most private kind of forum usage suddenly becomes public when the messages are blasted out onto the internet in cleartext. All sites I operate are forced to be 100% HTTPS, and I see this one supports it too.
Ah, I would very much like that actually. Do you think you could turn that into a mod? So many others would benefit from it too. 🙂
You might want to dump WordPress. I have, and I use SMF exclusively as the backend for blogging activities. I just create a forum for the blog, and allow people permissions to only reply posts from the blogger, and not be able to make their own new posts. You can easily present those forums in a manner that looks more like the list of blog posts that you typically see, but it's not necessary to bother with that. If you want help setting that up, I can point you in the right direction.
Thanks! If I ever grow tired of it I might explore that path. So far it's working nicely though.
Changing the time for showing users online from 15 minutes to 90 minutes.
Done!
Please put a forum link to the main okTurtles site.
Done!
Thanks very much for your help! You've made these boards much better. 😀
Looks like the forums are a clear winner! 🙂
6 votes for the forums, 1 for the mailing list, and 1 for both. Closing the poll for now.
Strangely enough, I was able to fix it from my end. The problem was quite odd because:
– It worked before (at least I was getting notifications on a non-okturtles email)
– DH's mail server was responding with an “OK” message, indicating it received the email.Twiddling with PHP's sendmail parameter fixed it though. 🙂
Excellent choice to use BSD-licensed SMF as the okTurtles forum software. I use it on all the forums I admin. The leadership in the SMF community has a fair amount of drama, but nonetheless, SMF has always come out of it as the best choice for open source forum software. I've tried several of the best commercial forum softwares out there, and although they were good, they were not so easy to use and admin as SMF, which was a surprise for me.
The focus on simplicity is why SMF has the edge over all other options. It's so simple that it can be used as the backend for a blog or other CMS-style web thingy. I also use it as a bug tracker and collaboration software too. It's really polished and bug-free, which makes it a good choice if you want to “go simple” and get back to the basics of what more specialized software doesn't do nearly as well. WordPress out, SMF in!
I agree wholeheartedly (except I do use WordPress for the blog :P). I switched to it after dealing with phpBB for several years and haven't looked back.
Do you have the requisite anti-spam tools installed?
Umm, I'm not sure, but the following combination has been working extremely well for me: Email activation + Written questions + Default captcha. Ironically, I'm guessing that the captcha does nothing, so it's mostly the first two.
I prefer the web forum for easier navigation and accessibility of topic threads, although I do find email lists valuable for features such as distributed archiving and ability to participate with via smartphone email for example.
Is there any web forum software that does a decent job of integrating both?
Ironically, Google Groups is the best I've seen for doing that.
It might be possible to do something with these forums though to get near that. For example, you can set your settings to have topic reply notification emails to contain the full text of the reply in them. And if you want distributed archiving, you could have those emails sent to one of the mailing list archivers out there.
Ah, there actually is an interesting SMF mod for doing that here:
Actually, I just recently discovered that I could get a free SSL cert for these forums from StartSSL, so I've installed it and that should address all of your concerns.
Still, I'd like to know: do you prefer we use these forums for the community or a mailing list?
Hi,
Why are you using a self signed cert for these forums?
Because paying for a cert would look and be hypocritical to the work that we're doing.
Not good.. Most users will NOT click past the security warnings; if the user's browser notifies the user at all.
On first page load of the forums, the forums load, but looked all screwed up and was wondering what was happen so I looked at Chrome log and noticed:
GET https://forums.okturtles.com/Themes/default/css/index.css?fin20 net::ERR_INSECURE_RESPONSE forums.okturtles.com/:4
GET https://forums.okturtles.com/Themes/default/css/webkit.css net::ERR_INSECURE_RESPONSE forums.okturtles.com/:5
GET https://forums.okturtles.com/Themes/default/css/jquery.jgrowl.css net::ERR_INSECURE_RESPONSE forums.okturtles.com/:58
GET https://forums.okturtles.com/Themes/default/scripts/script.js?fin20 net::ERR_INSECURE_RESPONSE forums.okturtles.com/:10
GET https://forums.okturtles.com/Themes/default/scripts/theme.js?fin20 net::ERR_INSECURE_RESPONSE forums.okturtles.com/:11
GET https://forums.okturtles.com/Themes/default/scripts/enotify.js net::ERR_INSECURE_RESPONSE (index):59
Uncaught ReferenceError: jQuery is not defined (index):61
GET https://forums.okturtles.com/Themes/default/scripts/sha1.js net::ERR_INSECURE_RESPONSE (index):102
Uncaught ReferenceError: smc_Toggle is not defined (index):130
Uncaught ReferenceError: smc_Toggle is not defined (index):352
GET http://piwik.okturtles.com/piwik.js net::ERR_BLOCKED_BY_CLIENT (index):388
GET https://forums.okturtles.com/Themes/default/images/upshrink.png net::ERR_INSECURE_RESPONSE (index):97
GET https://forums.okturtles.com/Themes/default/images/smflogo.png net::ERR_INSECURE_RESPONSE (index):98
GET https://forums.okturtles.com/Themes/default/images/off.png net::ERR_INSECURE_RESPONSE (index):214
GET https://forums.okturtles.com/Themes/default/images/new_none.png net::ERR_INSECURE_RESPONSE (index):304
GET https://forums.okturtles.com/Themes/default/images/new_redirect.png net::ERR_INSECURE_RESPONSE (index):305
GET https://forums.okturtles.com/Themes/default/images/collapse.gif net::ERR_INSECURE_RESPONSE (index):312
GET https://forums.okturtles.com/Themes/default/images/icons/info.gif net::ERR_INSECURE_RESPONSE (index):320
GET https://forums.okturtles.com/Themes/default/images/icons/online.gif net::ERR_INSECURE_RESPONSE (index):334
GET https://forums.okturtles.com/index.php?scheduled=task;ts=1400925480 net::ERR_INSECURE_RESPONSE (index):85So then I “forced” SSL via “https everywhere” which then caused the page to display chrome's security warning about an invalid cert.
Of course I then see that you have self signed the forums.
No one besides me probally will do this much work. And I see these forums are not even being used anyways.
But this is 1 good reason they are NOT being read…
Thanks,
Will
Yes, you're absolutely right about all of that, except I think that the process didn't have to be as complicated (using HTTPS everywhere) as you had it.
To address those errors you saw: I think what may have happened is that you probably visited the HTTP version of the site, and possibly you had visited (prior to that) some HTTPS version of this site or another subdomain, sometime within the past 24 hours. Last night I enabled HSTS on this site, but had includeSubDomains enabled and didn't have redirection done yet on this subdomain (from HTTP to HTTPS). So… I think I've fixed all that now.
Still, I agree that having to get past the regular browser warning is too much of a barrier for this forum to be of much use (and incidentally why both the main site and the blog are served over HTTP).
Therefore, until we release the okTurtles browser extension that's able to modify browsers to not show the warning if the site verifies OK over DNSChain, I've removed most of the links to these forums, and edited this blog post to note that we may be using a mailing list software in the meantime instead of the forums.
For now, the community is on Freenode IRC's #dnschain channel. Keep an eye on the blog and @okTurtles/@DNSChain twitter accounts for news about the mailing list.
Thanks for going through all that trouble though to point out this issue! 🙂
