Server Improvements

If you don’t care about the inner workings of the forum, then the only thing you might care about is the ‘Chat’ link above now connects you to IRC without the need of anything but a somewhat modern browser, and no extra open ports. Otherwise, read on…

This forum has been running lighttpd 1.4 since 2007 or so, because it is so much faster and less memory intensive than apache. lighttpd 1.5 also promises to be better and have new features we could really use, unfortunately it’s been in ‘development’ since 2006 and at this point I doubt it will go anywhere. Meanwhile nginx has popped up, taken all market share from lighttpd, and is swiftly becoming the de-facto web server when it comes to speed and is even approaching apache on features.

Therefore, I’ve switched to nginx, which supports SPDY, newer SSL features like OCSP stapling, sendfile, and various other features to make the browsing experience much faster. In addition, PHP processes are now launched with php-fpm, instead of lighttpd’s deprecated fastcgi spawner. Finally I’ve tweaked the web server configuration, now, instead of running anything ending in .php, I have a whitelist of allowed applications to run, which should increase security in case a bad applications should sneak through the cracks. Static resources like images are set with a “Cache-Control: public, max-age=86400” header which allow you to cache everything for a full day (I might increase this later).

I also specially ordered the SSL ciphers that are offered to your browser when using HTTPS, so that stronger forward secret ciphers are chosen first, falling back to stronger non-forward secret ciphers. Lastly I now have an SSL cert for rswiki.moparisthebest.com, which was the only domain I host that didn’t have one before. You can view the SSL information grades and info below, currently I have an A+, and every browser that supports forward secret ciphers uses a strong ECDHE one which should also be fast:

https://www.ssllabs.com/ssltest/analyze.html?d=moparisthebest.com
https://www.ssllabs.com/ssltest/analyze.html?d=gamedev.moparisthebest.com
https://www.ssllabs.com/ssltest/analyze.html?d=moparisthebest.com
https://www.ssllabs.com/ssltest/analyze.html?d=android.moparisthebest.org
https://www.ssllabs.com/ssltest/analyze.html?d=rswiki.moparisthebest.com
https://www.ssllabs.com/ssltest/analyze.html?d=moparcraft.net

If you have any questions, concerns, or comments on the new setup, let me know!

'Tis good right? xD

Great updates!

Okay, so this is good. : D

Great updates!

Does this mean you fixed the issue with the youtube bbcode script?
Before someone comes here and tells me to “Fix” it by enabling the shield or similar, I’m asking mitb if he fixed the server-sided end so the client sided (aka us users) don’t have to enable an ‘unsecure’ script.

[quote=“sk8rdude461, post:6, topic:540677”]Does this mean you fixed the issue with the youtube bbcode script?
Before someone comes here and tells me to “Fix” it by enabling the shield or similar, I’m asking mitb if he fixed the server-sided end so the client sided (aka us users) don’t have to enable an ‘unsecure’ script.[/quote]
Nope, this sounds like it’s a completely different thing. I’m pretty sure if you look around the Chrome options and enable something that has SSL then tick or enable it. If you don’t know what box to tick or enable just do what i’d do and tick them all.

OT: Sounds like a good update

New Chat is not working

Seems to work fine for me

So with all these lovely fixes, does this mean we will get some form of rep back?

nice updates

[quote=“sk8rdude461, post:6, topic:540677”]Does this mean you fixed the issue with the youtube bbcode script?
Before someone comes here and tells me to “Fix” it by enabling the shield or similar, I’m asking mitb if he fixed the server-sided end so the client sided (aka us users) don’t have to enable an ‘unsecure’ script.[/quote]

Nope I haven’t had time yet, of course anyone is free to fix it on github.

You have to have a recentish browser (one that supports html5 and websockets) but other than that it should work for everyone because it requires no plugins or ports open that you don’t already use to access this website.

We wanted a ‘thanks’ system called thank-o-matic, but it’s outdated and incompatible with the current SMF. We tried the only other thanks mod on SMF and it was awful. So we need to find another or fix thank-o-matic.

how are those official moparscape private server going

Nginx is a great choice these days.

[quote=“Moparisthebest, post:12, topic:540677”][quote author=Rodgerwilco link=topic=659542.msg4410509#msg4410509 date=1393465495]
New Chat is not working
[/quote]

You have to have a recentish browser (one that supports html5 and websockets) but other than that it should work for everyone because it requires no plugins or ports open that you don’t already use to access this website.[/quote]

My IE works but Chrome doesn’t run it. Go figure.

Kiwi keeps disconnecting me every 5 mins then reconnects

greeeaaatttt

Sweet. Some of these updates I’ve been wondering about. I’ve followed the lighttpd development for awhile, but I noticed it stopped. I heard of nginx, but never did my research on it. Anywhore, great to hear you guys are improving as technology improves.

Sounds good to me, thanks.