|
Forum Crashing
As has been noted on an increasing frequency of late, the forum database seems to fail on an almost daily basis, which isn't sustainable.
We are running on an older version of vbulletin and mysql and have been conscious for a while it is due an upgrade for a number of reasons, including security, functionality and mobile app connectivity. However, this isn't a 'run setup.exe' 2 minute job as a number of you will understand, so please bear with me whilst we work out the best route forward. |
Thanks Ian. Will https be included in the upgrade?
I presume all this stuff is running on Linux so my Microsoft skills won't be of much use, but happy to help if I can :) Or if you want to put it in Azure :D |
Quote:
Its still operational, but we let the certificate elapse... I'm hoping newer version of vbulletin have better handling to force HTTP users on a redirect to HTTPS instead. Quote:
I dont do linux, so its 100% windows. However, its mysql and php which is all a bit linuxy if you ask me.... Ignoring the Azure comment. I want more control and data protection, not less... ;-) |
Quote:
I'm also happy to pitch in and help if I can be useful, far from my day job these days but I like to keep my hand in! |
Quote:
(spent too long typing and Paul beat me to it) Quote:
|
Quote:
A simple 'URL' redirect of anything hitting HTTP to the root HTTPS would break whatever link people were trying to visit so I had a brief look at the time and parked it. I knew it would rear its head again one day, and here it is.... ;) |
Glad to hear you're on it, but can't help at all as it's not my bag, but just wanted to say that it's only a minor nuisance, even though it's happening more frequently - nothing on here is time critical, well not for me, anyway...
|
Well, I'm sure that you'll be building a shiny new Server 2019 machine for the shiny new vbulletin, so you'll have a shiny new version of IIS with URL Rewrite... :eek3:
URL Rewrite runs within IIS and uses regex to dynamically change the request, so if a link on the forum points to http://something IIS will accept the request, rewrite it to https://something, and vbulletin ought not to notice the difference. Probably... |
Exactly this, think it came in in IIS7 - so many moons ago, and prior to that you could use a 3rd party filter (free) in earlier versions that did the same thing..... I'm assuming it isn't NT4 still? :ROFL:
|
I hate these foriegn language threads.
If I had the power I'd send you all to a room where you could talk dirty without annoying us mere mortals! :ROFL: |
No, don't dare stop. I think I might understand some of it. I can read capitals.
|
Quote:
...or connecting to Teamviewer and let someone remotely fix the problem. Was actually quite chuffed the other day as I had to swap hard drives on a PC with a failed motherboard....something remote dial in can't do :ROFL: |
Quote:
|
Quote:
fwiw, I did actually buy and download the latest Vbulletin software last night, so that's a step forward..... ... probably not going to improve things much just sat in my download folder though, but I feel accomplished... ;) |
Quote:
You'll have a bunch of people sitting here twitching at their keyboards and checking the time every few minutes in anticipation. |
I'm curious what the upgrade process actually is. Are there a bunch of scripts to run in MySQL? Presumably the PHP stuff is just drop the new files on top of the old ones? Is all the config in the database?
If you're moving to a new server at the same time can a test version be spun up in parallel to the live version? |
Vbulletin has to go from 3.8 -> 4.2 -> 5.x
Windows has to come into supportability at least.. ;-) MySQL and PHP will no doubt need updating hugely too. There will definitely be parallel testing, to make sure that the upgrade hasn't broken anything, before performing it for real, so consider yourself volunteered for that test phase +++ Edit: I didn't really answer your questions! - I assume there will be lots of DB scripts to alter the schema, but not looked yet. I also assume the php bits will just drop in..... The database is key. You can run everything in the DB, or run attachments as separate files. We currently have separate attachments, although they recommend you move attachments back into the DB for any sort of migration work, which makes sense, but I suspect we have gathered a lot of attachments over the last decade... ! It will be a few weeks yet I think unfortunately. Royal Mail have thrown us some curveballs on their APIs post Brexit, so need to finish sorting all that out first. |
Happy to help out however is useful :)
|
Are there any updates on this?
The forum runs on software from 2009 that has probably hundreds of easily accessible exploits. They run http (meaning all the input like our log ins and passwords are sent to forums in plain text) and to be honest I'm suprised this forum is still up and hasn't been ransomwared. It's the equivalent of having your debit card pin written on the card in your wallet. Are there any backups in case this happens? There are plenty of time served forum members with decades of experience in IT which I'm sure would be happy to help out if needed. Having the forums run on https would also mean the forums would not be all the way down on the google search results, so more users would register and use the forums. Most browsers these days mark http websites as unsecure which I'm sure turns off many potential members. I also wouldn't mind chipping in for the new licenses and whatever's needed. The risk of these forums (and all the knowledge freely shared between users) going down is very high and once it gets ransomed/hacked or whatever it may be too late to rebuild it. |
Quote:
|
Quote:
I would have gone bankrupt or crazy trying to maintain my car without these forums for sure, and I've met some pretty crazy people (in a good way) through them as well. FB groups are full of the kind of people that sell cats off their cars to fund 22" alloy wheels and oil top ups instead of changes :ROFL: |
Quote:
EDIT: Forgot to mention in my previous post. It would be nice to get the notifications issue resolved as well, as I think without them, there is less interaction at the moment as people aren't receiving them. |
I'm sure Ian has a sound air-gapped backup of the forum +++ We've discussed hosting and upgrades previously and he knows I'm happy to step up for whatever help is needed :)
At least it's not hosted in CloudNordic :eek2: I do worry if its the end each time we get a more serious error than the database server falling over though. This recent week I assumed Ian was on holiday and the server got lonely :ROFL: However, the assorted ransomware scum are getting more creative at destroying things and we've seen a lot of attacks recently on smaller companies with standalone web servers running older versions of things. Smaller companies generally have less to spend on security and upgrades and so are easier targets for the ransomware-as-a-service types. Hopefully it goes without saying, but don't re-use passwords across different web sites. That at least mitigates some of the personal risk were the worst to happen to the forum. |
Password updated to a random string suggestion, just in case +++
|
and now magically the edit button has been removed at least for me..:Confused:
|
Quote:
|
I'd rather have signature size removed than no edit button.
Some people on here have signatures longer than the threads they post in :ROFL: |
signature length decreased*
sorry there's no edit button now so there will be loads of fluff like this. |
any likelyhood we might get https? duckduckgo is not happy and Im having to revert to chrome just for this site?
|
Quote:
|
Definitely using https here.
|
It must be 🌨️ in hell, forum on ssl
|
Quote:
|
Yep, me too.
|
Quote:
|
| All times are GMT. The time now is 07:56 AM. |
Powered by vBulletin® Version 3.8.0
Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.