Textpattern CMS support forum
You are not logged in. Register | Login | Help
- Topics: Active | Unanswered
Re: Server migration - status, discussion
The forum isn’t actually moving until the week after next now – we are going to spend a few days before that tweaking the .org site so it’s working better.
Offline
Re: Server migration - status, discussion
uli wrote #313584:
I could not make it work, alas, but currently something is annoying much much more (and I hope I’m not going to be locked out completely very soon):
[…]
When I call the same URL on my smartphone I even get a 404.
This is actually a good sign. I’ve been thinking about why you can’t connect, and if you’re getting a 404 on forum.textpattern.com from the phone that’s a good sign – that’s as it should be, at least for a short term while we sort some things out.
I am confused as to why you’re having SSL errors. It’s almost like you have stale SSL entries in your browsers. Is it feasible to clear your browser history for the Textpattern sites to check if that helps?
The cipher list I’m using is the Mozilla recommended list, which excludes broken crypto and has support for modern browsers. That said, if we’re missing something that makes it fail that’s clearly not good and I will address it.
uli: can you tell me your operating system, I’ll see if I can reproduce your situation at this end.
Offline
Re: Server migration - status, discussion
This period of transition is taking some time because of legacy & custom code in a number of Textpattern sites. There’s a bunch of work to do to get things running on modern code, and keep the flagship sites up-to-date.
I am very, very mindful of having nothing break or disappearing, and untangling some of the older sites (which run on old server technology) is turning out to be quite challenging.
And it’s also summer in the north hemisphere, so people’s availability is more scattered. We’re moving things, tidying as we go, and the focus is on high availability at the moment. When things are moved to the new servers, there will be a period of consolidating where some properties will be merged into fewer domains overall. As an example, the forum right now lives on forum.textpattern.io but in time will move to (or, “return to”) forum.textpattern.com – all the content will remain, of course, existing logins will still work, and no doubt spammers will be keen to push their SEO services – it’ll also be running a newer codebase with better performance and other benefits.
Thanks for your continued patience. I’ll update the original post to reflect the current situation.
Offline
Re: Server migration - status, discussion
uli: are you running security software on your computer? Have a look at this thread, see if it helps:
Offline
Re: Server migration - status, discussion
Doesn’t Uli run a fairly old Firefox ESR version, if my memory serves me correct?
Offline
Re: Server migration - status, discussion
philwareham wrote #313597:
Doesn’t Uli run a fairly old Firefox ESR version, if my memory serves me correct?
Yep. Edit: actually, April 2017 according to https://ftp.mozilla.org/pub/firefox/releases/45.9.0esr/
There’s an about:config
tweak that could be made, might be an SSL 3.0 issue. Server is running TLS 1.3 with a 1.2 fallback, so if FF is looking for TLS 1.0 (not safe) then it may complain.
Last edited by gaekwad (2018-08-23 14:34:40)
Offline
Re: Server migration - status, discussion
uli: more follow up, what do you get if you visit www.howsmyssl.com ?
Offline
#32 2018-08-23 22:26:36
- uli
- Moderator
- From: Cologne
- Registered: 2006-08-15
- Posts: 4,311
Re: Server migration - status, discussion
gaekwad wrote #313578:
Something to try – reset Chrome SSL state
I’ve tried this but to no avail. I’ve also tried the about:config method for TLS.VER you’ve recommended later on. My values were all default, so I couldn’t improve a thing.
From this test here www.howsmyssl.com I got six times a green “good”. In case it tells you something, here’s the cipher suits my FF supports:
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA
- TLS_RSA_WITH_AES_128_CBC_SHA
- TLS_RSA_WITH_AES_256_CBC_SHA
- TLS_RSA_WITH_3DES_EDE_CBC_SHA
The forum profile links I found didn’t work (forum links to the .com forum) came from a post where I handcoded links to spammer profiles in the moderation forum. There may be more such links with .com hardcoded in them in the forum archives, in case someone copied and pasted manually. But the forum script builds the User X wrote links to posts in a different manner (e.g. ./viewtopic.php?pid=313578#p313578
), so there’s no tld involved, at least in recent times.
Is it feasible to clear your browser history for the Textpattern sites to check if that helps?
I’ve set up a whole new FF profile for that reason, and I get the same results here, too, SSL_ERROR_NO_CYPHER_OVERLAP
on the first screen, and then SSL_ERROR_PROTOCOL_VERSION_ALERT
on the second.
Pete, I appreciate all your tips and hints to get my browser back on the tracks. Thank you very much!!
(Have I forgotten to answer something? Sorry if so, it’s late here. Ah yes, my OS is Mountain Lion, 10.8.)
In bad weather I never leave home without wet_plugout, smd_where_used and adi_form_links
Offline
Re: Server migration - status, discussion
uli: please try now, I’ve changed the cipher suite at the server.
Offline
#34 2018-08-24 11:04:32
- uli
- Moderator
- From: Cologne
- Registered: 2006-08-15
- Posts: 4,311
Re: Server migration - status, discussion
Yay, it’s back for me! Thank you, Pete!! :)
In bad weather I never leave home without wet_plugout, smd_where_used and adi_form_links
Offline
Re: Server migration - status, discussion
uli wrote #313613:
Yay, it’s back for me! Thank you, Pete!! :)
Great news! I may end up calling on you again as we fine-tune the settings. The selection of ciphers used has been increased, and should cover modern browsers. It’s a balancing act, but it’s a fun one!
Offline
#36 2018-08-24 11:30:51
- uli
- Moderator
- From: Cologne
- Registered: 2006-08-15
- Posts: 4,311
Re: Server migration - status, discussion
gaekwad wrote #313614:
I may end up calling on you again as we fine-tune the settings.
Don’t hesitate, I’m glad to give anything back.
In bad weather I never leave home without wet_plugout, smd_where_used and adi_form_links
Offline