ividyon will never get this done, will he.

Server move, SSL connection

For discussion about UnrealSP.org itself.

Moderators: ividyon, Semfry, zYnthetic

User avatar ividyon
Administrator Administrator
Posts: 2296
Joined: 12 Nov 2007, 14:43
Location: Germany
Contact:

Subject: Server move, SSL connection

Post Posted: 09 Feb 2019, 21:25

Hi guys,

just letting you know (if you didn't notice the downtimes yesterday) that the website has now migrated to another webhost.

One of the upsides of the move is that we are now finally using the HTTPS protocol, following web security standards that have been set years ago.

Besides that, there should be no particularly exciting changes that are visible to you directly.

Let me know if you experience any sudden unusual problems!

- ivi
UnrealSP.org webmaster & administrator

User avatar Sat42
Skaarj Warlord Skaarj Warlord
Posts: 825
Joined: 14 Jul 2013, 16:42
Contact:

Subject: Re: Server move, SSL connection

Post Posted: 10 Feb 2019, 16:46

Good move! No more silly security warnings when I want to login to the site :)
No new problems
Nali: Magic or Telekinesis
Waffnuffly wrote:It's tarydium-doped smoothies. Drunk by the player, I mean. The player is tripping balls. The whole game actually takes place in a large city and the player thinks he's on an alien world.

User avatar Diego96
Skaarj Assassin Skaarj Assassin
Posts: 139
Joined: 13 Apr 2014, 19:36
Location: South 'Merica

Subject: Re: Server move, SSL connection

Post Posted: 12 Feb 2019, 20:39

Are PMs working? I get the 504 Gateway Time-out error.
M'nali

User avatar Dr.Flay
Skaarj Lord Skaarj Lord
Posts: 219
Joined: 23 Aug 2012, 06:24
Location: Kernow, UK
Contact:

Subject: Re: Server move, SSL connection

Post Posted: 13 Feb 2019, 01:30

Grade A cert and configuration
https://www.ssllabs.com/ssltest/analyze ... realsp.org
The host is not using DNSSEC or has not configured it properly
https://dnssec-name-and-shame.com/domai ... realsp.org

User avatar ividyon
Administrator Administrator
Posts: 2296
Joined: 12 Nov 2007, 14:43
Location: Germany
Contact:

Subject: Re: Server move, SSL connection

Post Posted: 13 Feb 2019, 13:03

Thanks! Sadly the DNSSEC thing seems to be out of my hands, as that appears to be something that's configured on the side of the nameservers, which I do not provide, but rather just use. I have opened a ticket with my domain registrar to ask about it, though.

Diego96 wrote:Are PMs working? I get the 504 Gateway Time-out error.


I have gotten several of those reports now; I will have to look closer into this.

I believe that your PMs will get sent off anyway, even though your browser gets stuck. Can you confirm?
UnrealSP.org webmaster & administrator

UBerserker
Nali Priest Nali Priest
Posts: 7915
Joined: 11 Nov 2007, 21:00

Subject: Re: Server move, SSL connection

Post Posted: 13 Feb 2019, 13:13

I had two ppl sending me PMs and both sent three each, so yeah there's a bug.
ImageImage

User avatar ividyon
Administrator Administrator
Posts: 2296
Joined: 12 Nov 2007, 14:43
Location: Germany
Contact:

Subject: Re: Server move, SSL connection

Post Posted: 13 Feb 2019, 13:38

Unrelated to the 504 issue, but I'm now preparing to employ CloudFlare to use some of their features, as well as their nameservers, as these seem to comply to DNSSEC.

While I'm somewhat of an amateur in this field of DNS and protocol security, I'll try to set it up in a way that continues to use my own SSL certificate, as I've seen some security/privacy concerns about the platform.
UnrealSP.org webmaster & administrator

User avatar Dr.Flay
Skaarj Lord Skaarj Lord
Posts: 219
Joined: 23 Aug 2012, 06:24
Location: Kernow, UK
Contact:

Subject: Re: Server move, SSL connection

Post Posted: 13 Feb 2019, 22:20

Such a pain but unless you admin the actual host systems DNSSEC is something you have to hope for as generally it is out of your hends.

Yeah using cloudflare can add DNSSEC, but I'm still not seeing many sites using it that do use cloudflare. This puzzles me since CF did say they were rolling it out as standard.
Possibly it is a host configuration issue.

On 1 level this site is at low risk of spoofing, but as the amount and effectiveness of attacks on DNS is escalating, it is best to use DNSSEC if you can, though don't worry about it too much.

Agreed with using your specific cert.
The way CF are minting certs with loads of unrelated sites included, leaves domains open to abuse if 1 of those sites is compromised.
It makes a mess of domain validation if the cert for someone elses site also works on yours.

Unfortunately as you have noticed due to the low uptake of this old standard there is not so much in the way of guides and tutorials.

User avatar ividyon
Administrator Administrator
Posts: 2296
Joined: 12 Nov 2007, 14:43
Location: Germany
Contact:

Subject: Re: Server move, SSL connection

Post Posted: 14 Feb 2019, 14:43

DNSSEC is now enabled for unrealsp.org. The "Name and shame" tool above still continues to report that it's disabled, but both my registrar and CloudFlare, as well as this link, say it's on. :)

EDIT:

The name-and-shame tool has now also updated to stop shaming. That website concept is very weird in itself, but okay...
UnrealSP.org webmaster & administrator

User avatar Dr.Flay
Skaarj Lord Skaarj Lord
Posts: 219
Joined: 23 Aug 2012, 06:24
Location: Kernow, UK
Contact:

Subject: Re: Server move, SSL connection

Post Posted: 19 Feb 2019, 03:07

It must have been a delay in DNS replication.

Well I believe congratulations are in order, and a round of drinks !
It is highly likely eg. 99.99% certain that this is the very first site in the Unreal universe to be correctly using DNSSEC \o/
Even Epic epic fail https://dnssec-analyzer.verisignlabs.co ... cgames.com which makes having a green padlock, pointless.

As more people are moving over to DNS such as 1.1.1.1 9.9.9.9 and 8.8.8.8 those users are now finally protected against spoofing.
I imagine most existing Unreal and UT players are using 1 of these faster DNS anyway, but now we just need for ISPs to also.... ah... yes... ISPs doing something they are not forced to, or generates money...

OK. at least anyone that has manually changed DNS settings should be protected anyway


Who is online

Users browsing this forum: No registered users and 0 guests

Copyright © 2001-2019 UnrealSP.org

Powered by phpBB® Forum Software © phpBB Limited