Hi guys,
just letting you know (if you didn't notice the downtimes yesterday) that the website has now migrated to another webhost.
One of the upsides of the move is that we are now finally using the HTTPS protocol, following web security standards that have been set years ago.
Besides that, there should be no particularly exciting changes that are visible to you directly.
Let me know if you experience any sudden unusual problems!
- ivi
Server move, SSL connection
10 posts •
Page 1 of 1
- ividyon
- Administrator
- Posts: 2354
- Joined: 12 Nov 2007, 14:43
- Location: Germany
- Contact:
Subject: Server move, SSL connection
Post Posted: 09 Feb 2019, 21:25
UnrealSP.org webmaster & administrator
- Sat42
- Skaarj Warlord
- Posts: 880
- Joined: 14 Jul 2013, 16:42
- Contact:
Subject: Re: Server move, SSL connection
Post Posted: 10 Feb 2019, 16:46
Good move! No more silly security warnings when I want to login to the site
No new problems
No new problems
Nali: Magic or Telekinesis
Waffnuffly wrote:It's tarydium-doped smoothies. Drunk by the player, I mean. The player is tripping balls. The whole game actually takes place in a large city and the player thinks he's on an alien world.
- Diego96
- Skaarj Lord
- Posts: 163
- Joined: 13 Apr 2014, 19:36
- Location: South 'Merica
Subject: Re: Server move, SSL connection
Post Posted: 12 Feb 2019, 20:39
Are PMs working? I get the 504 Gateway Time-out error.
M'nali
- Dr.Flay
- Skaarj Lord
- Posts: 222
- Joined: 23 Aug 2012, 06:24
- Location: Kernow, UK
- Contact:
Subject: Re: Server move, SSL connection
Post Posted: 13 Feb 2019, 01:30
Grade A cert and configuration
https://www.ssllabs.com/ssltest/analyze ... realsp.org
The host is not using DNSSEC or has not configured it properly
https://dnssec-name-and-shame.com/domai ... realsp.org
https://www.ssllabs.com/ssltest/analyze ... realsp.org
The host is not using DNSSEC or has not configured it properly
https://dnssec-name-and-shame.com/domai ... realsp.org
- ividyon
- Administrator
- Posts: 2354
- Joined: 12 Nov 2007, 14:43
- Location: Germany
- Contact:
Subject: Re: Server move, SSL connection
Post Posted: 13 Feb 2019, 13:03
Thanks! Sadly the DNSSEC thing seems to be out of my hands, as that appears to be something that's configured on the side of the nameservers, which I do not provide, but rather just use. I have opened a ticket with my domain registrar to ask about it, though.
I have gotten several of those reports now; I will have to look closer into this.
I believe that your PMs will get sent off anyway, even though your browser gets stuck. Can you confirm?
Diego96 wrote:Are PMs working? I get the 504 Gateway Time-out error.
I have gotten several of those reports now; I will have to look closer into this.
I believe that your PMs will get sent off anyway, even though your browser gets stuck. Can you confirm?
UnrealSP.org webmaster & administrator
- UB_
- Nali Priest
- Posts: 7960
- Joined: 11 Nov 2007, 21:00
Subject: Re: Server move, SSL connection
Post Posted: 13 Feb 2019, 13:13
I had two ppl sending me PMs and both sent three each, so yeah there's a bug.
- ividyon
- Administrator
- Posts: 2354
- Joined: 12 Nov 2007, 14:43
- Location: Germany
- Contact:
Subject: Re: Server move, SSL connection
Post Posted: 13 Feb 2019, 13:38
Unrelated to the 504 issue, but I'm now preparing to employ CloudFlare to use some of their features, as well as their nameservers, as these seem to comply to DNSSEC.
While I'm somewhat of an amateur in this field of DNS and protocol security, I'll try to set it up in a way that continues to use my own SSL certificate, as I've seen some security/privacy concerns about the platform.
While I'm somewhat of an amateur in this field of DNS and protocol security, I'll try to set it up in a way that continues to use my own SSL certificate, as I've seen some security/privacy concerns about the platform.
UnrealSP.org webmaster & administrator
- Dr.Flay
- Skaarj Lord
- Posts: 222
- Joined: 23 Aug 2012, 06:24
- Location: Kernow, UK
- Contact:
Subject: Re: Server move, SSL connection
Post Posted: 13 Feb 2019, 22:20
Such a pain but unless you admin the actual host systems DNSSEC is something you have to hope for as generally it is out of your hends.
Yeah using cloudflare can add DNSSEC, but I'm still not seeing many sites using it that do use cloudflare. This puzzles me since CF did say they were rolling it out as standard.
Possibly it is a host configuration issue.
On 1 level this site is at low risk of spoofing, but as the amount and effectiveness of attacks on DNS is escalating, it is best to use DNSSEC if you can, though don't worry about it too much.
Agreed with using your specific cert.
The way CF are minting certs with loads of unrelated sites included, leaves domains open to abuse if 1 of those sites is compromised.
It makes a mess of domain validation if the cert for someone elses site also works on yours.
Unfortunately as you have noticed due to the low uptake of this old standard there is not so much in the way of guides and tutorials.
Yeah using cloudflare can add DNSSEC, but I'm still not seeing many sites using it that do use cloudflare. This puzzles me since CF did say they were rolling it out as standard.
Possibly it is a host configuration issue.
On 1 level this site is at low risk of spoofing, but as the amount and effectiveness of attacks on DNS is escalating, it is best to use DNSSEC if you can, though don't worry about it too much.
Agreed with using your specific cert.
The way CF are minting certs with loads of unrelated sites included, leaves domains open to abuse if 1 of those sites is compromised.
It makes a mess of domain validation if the cert for someone elses site also works on yours.
Unfortunately as you have noticed due to the low uptake of this old standard there is not so much in the way of guides and tutorials.
- ividyon
- Administrator
- Posts: 2354
- Joined: 12 Nov 2007, 14:43
- Location: Germany
- Contact:
Subject: Re: Server move, SSL connection
Post Posted: 14 Feb 2019, 14:43
DNSSEC is now enabled for unrealsp.org. The "Name and shame" tool above still continues to report that it's disabled, but both my registrar and CloudFlare, as well as this link, say it's on.
EDIT:
The name-and-shame tool has now also updated to stop shaming. That website concept is very weird in itself, but okay...
EDIT:
The name-and-shame tool has now also updated to stop shaming. That website concept is very weird in itself, but okay...
UnrealSP.org webmaster & administrator
- Dr.Flay
- Skaarj Lord
- Posts: 222
- Joined: 23 Aug 2012, 06:24
- Location: Kernow, UK
- Contact:
Subject: Re: Server move, SSL connection
Post Posted: 19 Feb 2019, 03:07
It must have been a delay in DNS replication.
Well I believe congratulations are in order, and a round of drinks !
It is highly likely eg. 99.99% certain that this is the very first site in the Unreal universe to be correctly using DNSSEC
Even Epic epic fail https://dnssec-analyzer.verisignlabs.co ... cgames.com which makes having a green padlock, pointless.
As more people are moving over to DNS such as 1.1.1.1 9.9.9.9 and 8.8.8.8 those users are now finally protected against spoofing.
I imagine most existing Unreal and UT players are using 1 of these faster DNS anyway, but now we just need for ISPs to also.... ah... yes... ISPs doing something they are not forced to, or generates money...
OK. at least anyone that has manually changed DNS settings should be protected anyway
Well I believe congratulations are in order, and a round of drinks !
It is highly likely eg. 99.99% certain that this is the very first site in the Unreal universe to be correctly using DNSSEC
Even Epic epic fail https://dnssec-analyzer.verisignlabs.co ... cgames.com which makes having a green padlock, pointless.
As more people are moving over to DNS such as 1.1.1.1 9.9.9.9 and 8.8.8.8 those users are now finally protected against spoofing.
I imagine most existing Unreal and UT players are using 1 of these faster DNS anyway, but now we just need for ISPs to also.... ah... yes... ISPs doing something they are not forced to, or generates money...
OK. at least anyone that has manually changed DNS settings should be protected anyway
10 posts •
Page 1 of 1
Who is online
Users browsing this forum: No registered users and 48 guests