Welcome, Guest. Please login or register.

Author Topic: Site Maintenance and security updates discussion  (Read 8143 times)

Description:

0 Members and 1 Guest are viewing this topic.

  • Guest
Site Maintenance and security updates discussion
« on: February 23, 2005, 02:52:56 PM »
Due to security and database integrity concerns, we intend to institute a password change across the board for every account on March 31st.  After that point, your password will be reset and you will need to request a new one.  

This servers several purposes, including helping to prune older non-used and duplicate accounts.  We also intend to prune users who have not logged in for over 365 days.  We also need to consider pruning forum threads which have not been updated for 365 days.

VERY IMPORTANT : Check your account to make sure that the e-mail address is correct and up to date.  With one month's worth of advanced notice, when your password is reset, if your e-mail address is not correct, you will simply be out of luck.  You DO NOT have to make your e-mail address visible to the rest of the world, but your account MUST contain the correct e-mail address.
 

Offline Piru

  • \' union select name,pwd--
  • Hero Member
  • *****
  • Join Date: Aug 2002
  • Posts: 6946
    • Show only replies by Piru
    • http://www.iki.fi/sintonen/
Re: Site Maintenance and security updates discussion
« Reply #1 on: February 23, 2005, 03:28:23 PM »
Quote
We also intend to prune ... forum threads which have not been updated for 365 days.

Is there any particular reason for this, other than cleaning up the system?

I would imagine several historical and otherwise important threads could get pruned. For example I often use search function to find a link to older thread that already covers some particular topic.
 

Offline cecilia

  • Amiga Snob
  • Hero Member
  • *****
  • Join Date: Mar 2002
  • Posts: 4875
  • Country: 00
    • Show only replies by cecilia
    • http://cecilia.sawneybean.com/
Re: Site Maintenance and security updates discussion
« Reply #2 on: February 23, 2005, 03:41:49 PM »
Quote

Piru wrote:
I would imagine several historical and otherwise important threads could get pruned. For example I often use search function to find a link to older thread that already covers some particular topic.
this disturbes me as well. there are some threads that I have listed in my "Notifications" that are there for occassional perusal (and laughs).

while there isn't much left to say in those threads, they still provide a use. at least to me.
the no CARB diet- no Cheney, Ashcroft, Rumsfeld or Bush.
IFX CD Tutorial
 

Offline whabang

  • Hero Member
  • *****
  • Join Date: Mar 2002
  • Posts: 7270
    • Show only replies by whabang
Re: Site Maintenance and security updates discussion
« Reply #3 on: February 23, 2005, 03:47:30 PM »
How about just pruning the coffee house?
Beating the dead horse since 2002.
 

  • Guest
Re: Site Maintenance and security updates discussion
« Reply #4 on: February 23, 2005, 04:27:01 PM »
Notice updated and adjusted.
 

Offline ltstanfo

  • Sr. Member
  • ****
  • Join Date: Feb 2002
  • Posts: 412
    • Show only replies by ltstanfo
Re: Site Maintenance and security updates discussion
« Reply #5 on: February 23, 2005, 04:54:38 PM »
Everyone,

The security password change has been needed for some time, especially in regards to certain users who claim that their accounts have been hacked.  I am glad to see that Wayne is taking action on this item.

With respect to cleaning up the forums database, it has become quite large and really should be optimized.  I do tend to agree with others here about some of the forums needing to be maintained for archival purposes (AMIGA related) so I would like to suggest to Wayne that only the Coffee House forums be cleaned up, using the rule he listed.

Regards,
ltstanfo
Gee Brain... what do you want to do tonight?
 

Offline bloodline

  • Master Sock Abuser
  • Hero Member
  • *****
  • Join Date: Mar 2002
  • Posts: 12113
    • Show only replies by bloodline
    • http://www.troubled-mind.com
Re: Site Maintenance and security updates discussion
« Reply #6 on: February 23, 2005, 04:56:33 PM »
Quote

ltstanfo wrote:
With respect to cleaning up the forums database, it has become quite large and really should be optimized.  I do tend to agree with others here about some of the forums needing to be maintained for archival purposes (AMIGA related) so I would like to suggest to Wayne that only the Coffee House forums be cleaned up, using the rule he listed.


Aye, probably for the best... Maybe keep sock related threads though... ;-)

  • Guest
Re: Site Maintenance and security updates discussion
« Reply #7 on: February 23, 2005, 05:46:28 PM »
I apologize if I have been less than clear on the password reset.  Here's how it will work:  

On March 31st, I will reset all passwords on all accounts to a random password.  You will have to use the lost password function to request a new password to be sent to you.  If your e-mail address in your account is not valid, your account will be unable to get a new password.  We will NOT hand out manually new passwords to those who forget to update their e-mail address ahead of time.

If you do not have a valid e-mail account (as is the case with most bogus accounts, your account will -- in essence -- become unusable.  You have over a month's worth of advance notice, there is no acceptable excuse for not following through.
 

Offline dammy

  • Hero Member
  • *****
  • Join Date: Nov 2002
  • Posts: 2828
    • Show only replies by dammy
Re: Site Maintenance and security updates discussion
« Reply #8 on: February 23, 2005, 09:00:03 PM »
Wouldn't it be more prudent to drop xoop and go with something that is proven, like slashcode?

Dammy
Dammy

https://www.facebook.com/pages/Arix-OS/414578091930728
Unless otherwise noted, I speak only for myself.
 

  • Guest
Re: Site Maintenance and security updates discussion
« Reply #9 on: February 23, 2005, 09:04:58 PM »
I wouldn't mind going with something else, but a slashdot style site is the very opposite of what we need.  Was looking at another package as you may remember, but the amount of work involved means it would be far easier just to dump everything and start all over again.

If people are upset at the need to prune the forums, God forbid we think about going with some other package.  It would be anarchy.

On the positive side, such a "reboot" would allow us to both refocus the site and to get rid of several of the problems we suffer from now.

Thoughts?

Wayne
 

Offline Trooper

  • Full Member
  • ***
  • Join Date: Jul 2002
  • Posts: 133
    • Show only replies by Trooper
Re: Site Maintenance and security updates discussion
« Reply #10 on: February 24, 2005, 12:16:53 AM »
What about Invision Power Board, A lot of forums use that package and it`s very easy to use from a user (ie forum members) point of view.

Trooper
Rainbow Islands: \\"The game is sometimes called \\"Bubble Bobble 2\\". However, two other games --\\"Bubble Symphony: The Story of Bubble Bobble 2\\" and \\"Bubble Bobble 2\\"-- claim the same name. Rainbow Islands happens after Bubble Bobble. Bubble Symphon...
 

  • Guest
Re: Site Maintenance and security updates discussion
« Reply #11 on: February 24, 2005, 12:34:06 AM »
Though Amiga.org (and indeed the Amiga community) may be a shadow of what it once was, it's not just a forum.
 

Offline RacerX

  • Newbie
  • *
  • Join Date: Oct 2003
  • Posts: 18
    • Show only replies by RacerX
    • http://home.insightbb.com/~almetz
Re: Site Maintenance and security updates discussion
« Reply #12 on: February 24, 2005, 01:54:41 AM »
Quote

by Wayne on 2005/2/23 12:46:28

I apologize if I have been less than clear on the password reset. Here's how it will work:

On March 31st, I will reset all passwords on all accounts to a random password. You will have to use the lost password function to request a new password to be sent to you. If your e-mail address in your account is not valid, your account will be unable to get a new password. We will NOT hand out manually new passwords to those who forget to update their e-mail address ahead of time.

If you do not have a valid e-mail account (as is the case with most bogus accounts, your account will -- in essence -- become unusable. You have over a month's worth of advance notice, there is no acceptable excuse for not following through.


A couple of quick questions:

1)  After we get the new random password via E-mail, can we log onto our accounts and change the password back to what it was?  Or does it have to be different?

2)  If someone doesn't get his new password (say he doesn't check his E-mail for a month) couldn't he log on as a new user and make a new account?
\\"... When we Git-R-Done.\\"  Larry The Amiga Guy
:-D
 

Offline Argo

  • Hero Member
  • *****
  • Join Date: Feb 2002
  • Posts: 3219
    • Show only replies by Argo
Re: Site Maintenance and security updates discussion
« Reply #13 on: February 24, 2005, 02:06:46 AM »
Ack, No...
Also, we're not a forum site.
 

Offline yogisumo

  • Sr. Member
  • ****
  • Join Date: Apr 2004
  • Posts: 255
    • Show only replies by yogisumo
Re: Site Maintenance and security updates discussion
« Reply #14 on: February 24, 2005, 03:34:59 AM »
Questions:
   1) How large is the database?
   2) Is is possible to "export" in a reduced/changed format?
   3) Would it be possible to allow access to it in "archived" format?
   
   This would allow you to move to different software and still allow access to "archived" versions of the old database.

Just a thought...