Site Updates (Site News)
Site News will be posted here. This means news about changes and enhancements to the web-site itself, not news of other Group activities nor general news/information about the KSFIoM situation
Please refrain from comments that are not directly related to the topic. If you have ideas for new features which should be added to the site, or changes to be made etc, please post them in this thread.
Please read the Site Updates from time to time.
- Login to post comments
Site recently updated for security
A couple of weeks ago, details of a serious security vulnerability in the the Drupal CMS which the site is based on were published.
All fixed, with no impact other than that I took the site off-line for a few days to avoid any possible risk of intrusion while waiting for the relevant security fixes to become available. If you noticed a "site under maintenance" page showing from early evening on Mar-28, this was the reason.
Kind regards,
Andy
Thanks Andy for your
Thanks Andy for your contribution to our sanity. Unsung but definitely appreciated.
Rob and Wendy
Site Security
Totally Agree.
Very much appreciated.
Sites moved to new server and hosting company
Hopefully you didn't notice, but a few days ago I moved the chat and www sites to a new server. There was a very small amount of downtime, about 15 minutes I believe, when the sites would have been inaccessible. There were also a few days where notification emails were not being sent out regularly.
Changes
The main reason for this move is to make the site easier to manage. I also expect the site to be generally faster than before, and it certainly seems that way to me.
Regards to everybody,
Andy (ng)
Thanks Andy (ng)
Thanks for all that you do to keep us in touch and maintain this site on our screens. It is greatly appreciated.
Rob and Wendy
Updated to Drupal 6.37
Updated to Drupal 6.37 (security update) and latest versions of all modules.
Updated the sites (chat and
Updated the sites (chat and www) to Drupal V6.33 (security update). As I've said before, that's about as exciting as having your car serviced. Further information here.
De-activated cookie message
De-activated cookie message (no change to cookie policy).
Updates installed
Next service due at 150,000 miles :)
Technical stuff for my reference:
Backups taken prior to upgrades (drush ard)
Chat site
backup saved in
/root/drush-backups/archive-dump/20140616174449/ksfiomdepositors_chat.20140616_054452.tar.gz
Security and code updates will be made to the following projects: Date [date-6.x-2.10], EU Cookie Compliance [eu-cookie-compliance-6.x-1.10], Fivestar [fivestar-6.x-1.21], Link [link-6.x-2.11], Masquerade [masquerade-6.x-1.9], OAuth [oauth-6.x-3.0-beta5]
All installed ok.
www site
backup saved in
/root/drush-backups/archive-dump/20140616174426/ksfiomdepositors_new.20140616_054426.tar.gz
No additional module updates.
Disabled modules: prepopulate and views_calc on as they are no longer supported. I don't think we were actually using them.
Thanks
Hi Ng,
Many thanks for all your work behind the scenes which allows us all to see all the news on the website!
James aka everhopeful
Freed disk space
Discovered that we were down to only 4% free disk space, which might have been the underlying cause of today's downtime. Freed space by deleting old backups (March through May). Disk space now 39% free.
Updates installed
Installed the available security updates for Drupal (on this occasion, only relevant to the public site, the chat site is unchanged).
Sites were down today
Both ksfiomdepositors.org sites were unavailable today from around 13:22 to 21:10 GMT due to a technical fault.
Technical detail for my reference:
Apache processes seemed to be stalled for some reason, though not using significant CPU. service apache2 restart fixed the issue.
Disabled (temporarily)
Disabled (temporarily) automatic user blocking due to inactivity.
Drupal security updates
Shoutbox fixed
Disabled block cache which should fix the occasional validation error problems when posting to the shoutbox.
Thanks ng
Good work as usual ng. Working hard to maintain communication. Your efforts are always appreciated.
Rob and Wendy
Security update installed
Drupal CMS updated to version 6.27 which addresses various security vulnerabilities described here.
System software updates installed
Security updates and maintenance upgrades installed on chat and www sites (Nothing exciting!)
Technical detail
chat site:
Security and code updates will be made to the following projects: Email Field [email-6.x-1.4], Google Analytics [google_analytics-6.x-3.5], Markdown filter [markdown-6.x-1.3], Organic groups [og-6.x-2.4], Video Filter [video_filter-6.x-3.1]
(successful)
public site:
Security updates will be made to the following projects: Password policy [password_policy-6.x-1.5]
(successful)
Cookie legislation compliance
As you will no doubt have noticed, I have made changes on both the chat and www sites to support recent legislation changes regarding websites' use of cookies. There is (and always has been) a description of our use of cookies in our sites' privacy statement - there are no changes to that policy.
So, enjoy clicking to accept cookies - they are sugar-free and non-fattening :)
Good heads-up, thanks
Good heads-up, thanks Andy.
Lou
IMPORTANT: Blocked accounts
A number of members here have recently had their user-account blocked due to not having logged-in for more than a year.
The blocking is automatic - the purpose is to weed-out users who have apparently "gone away" so that they can eventually be deleted for security and data-privacy reasons.
Please remember to log-in once in a while - otherwise the system has no way of knowing that you're still "out there" - even though you may be receiving and reading email updates, there's no way that we can detect that.
In summary, just log-in to the site occasionally - you don't need to post or do anything else - that will prevent the automatic block from triggering.
Site account blocking, forgot to mention...
I forgot to mention a few points:
Installed latest security and
Installed latest security and other updates.
drush output:
Security and code updates will be made to the following projects: Google Analytics Reports [google_analytics_reports-6.x-1.3], Mass Contact [mass_contact-6.x-1.2], Token [token-6.x-1.19]
Installed security update for
Installed security update for email field - installed version is now 6.x-1.3.
Shout Box
I've made the Shout Box visible even when not logged-in, previously it was visible to logged-in users only. You still need to log in to post in it.
OK. No doubt explains why it
OK. No doubt explains why it temporarily went AWOL while I was trying to post a shout last night!
Visitor statistics now working again
The visitor statistics page and block are now working again. This required installation of an updated version of the Google Reports Module.
Removed the superfluous and
Removed the superfluous and non-functional Glossary menu link (top menu) - the remaining Glossary link works as before.
The visitor statistics report
The visitor statistics report has stopped working for some reason. I've spent a while investigating but can't see what the reason is. Logged a support request here.
Added a link to "Create poll"
I've added a link on the quick links menu (near top-right of page) to create a poll, as it was probably far from obvious how to do that. Any logged-in member is able to create new polls.
Updates installed
Updated the system to Drupal 6.26 and all modules to latest versions on both chat and www. All seems to have worked without issues. As I've said before these upgrades are necessary but unexciting, a bit like having your car serviced :)
A few notes for myself:
Disabled OG Forums module which is no longer supported.
Disabled the following unused/unimportant modules: Block edit links, Clone, Multiple mandatory groups by role, Node Convert, OG Audience, Organic groups access control, Pending User Notification, Popups: Add & Reference, Popups: Administration Links. Left them in the modules directory - delete at a later date.
Re-enabled BAM module backups at 24-hour intervals with 15 day lifespan. Backup size is currently 43MB gzipped, so 15 copies will be about 650 MB. We currently have 4GB free space so that will reduce to around 3.3 GB. This is in addition to OS level (cron based) backups which seem to be working fine and currently occupy a little over 1GB (daily, 3 day lifespan.)
Tables in posts
I've changed things so that tables can now be included in posts by defining them in Markdown format
To show a table you enter text for each column separated by vertical bars. First line contains column headers; second line contains a mandatory separator line between the headers and the content; each following line is a row in the table. Columns are always separated by the pipe (|) character.
Note that due to proportional fonts, columns won't line-up properly when you are typing them, but the end result looks like this:
A further possibility here is a WYSIWYG editor to provide a similar interface to typical word processing programs, with buttons for bold, italic and so on. It's on my to-do list!
"Shoutbox" posts no longer get automatically deleted
I've changed a setting so that posts mas in the Shout Box are no longer deleted - previously they were deleted automatically after seven days. This change makes the All Shouts link (shown in the Shout Box) more useful.
A quick aside, I welcome suggestions for changes of this type. In general I don't want to change the site too much as I guess everybody is now pretty used to how it all works, but the whole thing was rather thrown together (rather than designed!) in the early days, and I'm aware there is a lot of room for improvement.
File attachments
Changed system permissions so that file attachments are now visible (downloadable) without being logged in. When uploading files, please first rename the file to remove any non-alphanumeric characters other than space, hyphen and period.
"Counter" removed and "Visitor statistics" added
There's a new Visitor statistics block, currently shown on the left of each page. The "counter" which was previously shown on the lower-right of each page has been removed (to reduce database size and disk space usage.) The link to http://chat.ksfiomdepositors.org/admin/reports/google-analytics shows further detail.
Time-out ?
Hi ng,
It seems that since your last intervention we get automatically logged-out after a certain time (which seems to be quite short), which was not the case before. Intentional or not? I note that Gordon 45 was caught out by this yesterday and thus lost what he was writing. If this situation is to remain, we need to be aware and not compose long texts directly online. It's very frustrating to write a longish piece and then lose it all.
Session timeout
Yes, there is now a session timeout that wasn't there before, but it supposed to be 24 hours. Perhaps it was by chance 24 hours since you actually logged in (i.e. the previous day) - otherwise something is not working properly. Let me know?
The reason for the change was to reduce disk space requirements, though actually the main problem is "anonymous" sessions, not registered users. I can tweak it if needbe.
Re session timeout
Indeed, something seems to be 'not working properly'. A timeout after 24 hours would be fine, but it's very much shorter than that. I frequently log in in the morning and am logged out automatically (according to my preference setting) when I shut down the computer at night. But over the weekend I was definitely logged out several times during the day - I would think after less than 2 hours (but can't say exactly).
How can unregistered users log in anyway??
Session timeout issue hopefully fixed
I've checked and the settings seem to be correct. So, I've changed some other things which I hope will fix it.
Unregistered users aren't logged-in as such, but the system keeps some data per user, such as whether they've already correctly responded to a captcha challenge (in which case they don't get asked again, until their session expires.)
For my own reference, settings in settings.php are now back to installation defaults, and so only the session expire module should be having any effect - that's set to clear sessions older than 24 hours but check every two days, so should allow between 24 and 48 hours.
Thanks NG!
Thanks Andy, for your tireless background nurturing of this website which is still such an important venue for those of us remaining...
Lou
Server downgraded
Around 10:30 GMT today the server was downgraded to the minimum hosting plan offered by xtrahost. This gives us 512MB RAM and 10GB disk-space, which should be adequate with the current level of activity (much much lower than a few years ago!). Everything seems to be working fine after the downgrade/reboot.
Note to myself: reduced the number of stored backup copies from 7 to 3 as we are now relatively low on disk space - currently 79% used - may need to make further changes to how backups are done to reduce disk space requirements.
Ability to edit your own posts
I've changed permissions so that it is now possible to edit your own form and news posts (it was already the case for blog posts.)
Note, that when you edit and save a post, the system automatically keeps a copy of the old version - if you later need access to the old version, or need to have some information permanently removed, contact me.
Public forums
I've tried to make all forum areas now public, with the exception of the old Core group area which I've deleted because it contained personal information.
Unfortunately one of the side effects seems to have been that various old post are appearing as updated even though they haven't been. Well, they've been made public, which may mean that they're now visible to you even though they weren't before, so in that sense they're new/updated.
I'm still testing to see if this has actually worked as intended - the idea is that all forum site content should now be visible (and searchable) on Google.
Added Forums back to the main
Added Forums back to the main menu, and to the "quick" menu (top-right corner) to make it easier for people to get directly there - the whole Groups concept now de-emphasized. Nostalgia sets in!
Reduced number of registered users
You may notice the number of registered members has dropped by about 1000. This was due to an automated deletion of all members who had not logged in during the past two years, and who had never posted on the site. At the time of writing we now have 1525 registered users.
"Latest projects and groups" block removed
I've removed the block that was shown in the left side-bar listing Latest projects and groups since it's pretty pointless these days. It can be switched back on if the groups feature starts being more actively used (i.e. with new groups being added.)
Public site update notifications removed
I've completely removed the notifications system on the public site - this is two avoid the same issues there as here - outdated email addresses causing mail bounces and "inactive" users complaining about email being received. In practice this will make little difference as the public site is rarely updated.
@ng - URGENT!
ng,
Suggest you should immediately delete your latest post "Deletion of "inactive" user accounts" (mass mailout). It is clearly most inappropriate that the email adresses of all recipients should appear here!
Yikes! I wasn't expecting
Yikes! I wasn't expecting that! This turns out to be an new "feature" of the module, and has been reported "incorrect" here: http://drupal.org/node/1113794
I have removed the list from public visibility and will look for a longer term solution.