new site progress update

Here’s what I can now do:

  • Import all user accounts from old site
  • Import all user accounts from old forum
  • Import all messages from old forum
  • Import all pages from old wiki
  • Import all items from old bug tracker
  • Import all module pages from old site

Here’s what’s left:

  • Mirroring for module files
  • Forum-mailing list bridge

I’ve run into serious trouble with both of these.

Mirroring for module files: Having one or more mirrors for modules will save
us a lot of bandwidth. I thought there was going to be a straightforward way
to do this through MediaWiki, but I haven’t found one yet. What I was
expecting to do was have the file links do something like rotate over the
available mirrors.

Forum-mailing list bridge: Right now, we’re using Mail2Forum to bridge between
a Mailman list and phpBB2. phpBB2 reached its end-of-life in February 2009, so
there will be no more updates for it, not even security updates. The current
version of Mail2Forum does not work with phpBB3, and after hours of trying
I haven’t been able to get the alpha of Mail2Forum 2 to work with phpBB3.
Having a working forum-list bridge is non-negotiable for me. The new site will
not go live until this problem is solved, but presently I don’t see any
acceptable solutions here.

I need some suggestions for how to proceed.

I don’t know if this will be any help to you, because in fact I don’t really understand what you are doing… its beyond me, but just in case I was looking at some software located here schoolforge.net/education-software/web-based
It may be of use to you and it may not.

Well, I suppose we could continue to use phpBB2 and gamble that they’ll come up with a mailing list bridge for phpBB3 (with an upgrade path) before security vulnerabilities make phpBB2 unusable.

rk

Post generated using Mail2Forum (mail2forum.com)

There is an alpha of mail2forum (version 2.0a4) which is suppose to handle phpbb3.

From what I see on their status of v2.0, after a somewhat messy install (because its an alpha) if you can pass all the tests with out any bugs cropping up, pass the appropiate chain usage, it should be alright to use maybe… is it worth trying :open_mouth: :question:

Would it be possible to split the items and run the forum on the older
software until the gateway catches up?

Also, on the mirror issue, one could always go with a manual solution,
with multiple links. It isn’t as seamless and doesn’t do real load-
balancing, but it would spread things out a bit. Especially if one
attached geographic areas to different links.


Messages mailing list
Messages@forums.vassalengine.org
forums.vassalengine.org/mailman/ … engine.org

Post generated using Mail2Forum (mail2forum.com)

Thus spake Thomas Russ:

Yes, but then we’re running software which has a history of security
problems while knowing that any yet-to-be discovered problems will never
be fixed. And the SSO stuff I wrote was designed to work with phpBB3, not
phpBB2, as was the forum customization. I don’t know if phpBB2 can even
do LDAP authentication. I’m not very keen on doing work to retrofix this,
since it’s work that we’d throw away tomorrow if we could get Mail2Forum
to work with phpBB3.


J.


Messages mailing list
Messages@forums.vassalengine.org
forums.vassalengine.org/mailman/ … engine.org

Post generated using Mail2Forum (mail2forum.com)

Thus spake “Tim M”:

This is the version of Mail2Forum I was speaking of.

I can pass all of the tests which aren’t phpbb2 tests (I don’t care about
those) except one which has to do with MIME types. I can get chains which
don’t involve phpBB3 to work. I can’t successfully post a message in phpBB3
after installing M2F without getting an exception.


J.


Messages mailing list
Messages@forums.vassalengine.org
forums.vassalengine.org/mailman/ … engine.org

Post generated using Mail2Forum (mail2forum.com)

Thus spake Rodney Kinney:

My worry is that we would find out that security vulnerabilities have made
phpBB2 unusable by becoming the victim of one.


J.


Messages mailing list
Messages@forums.vassalengine.org
forums.vassalengine.org/mailman/ … engine.org

Post generated using Mail2Forum (mail2forum.com)

I think as long as phpBB2 is backed up every day, we can deal with security issues if/when they happen, without much downtime. Honestly, security just isn’t worth the worry and extra work.

So hopefully… and I can only pray… phpBB2 and the associated Mysql database are both being backed up. Right guys? :smiley:

I’m switching web hosts in August and will be moving to an “enterprise” hosting plan with unlimited bandwidth and disk space.

Would it be possible for / do you need me to volunteer as a module mirror when the time comes?

Thus spake “Shad”:

Yes. That would be excellent.


J.


Messages mailing list
Messages@forums.vassalengine.org
forums.vassalengine.org/mailman/ … engine.org

Post generated using Mail2Forum (mail2forum.com)

Hi,

I have tested your RSS Flux from the test Website … I receive all without any problem …

If you need help to test this again… just call me.

Or help in general too … :wink:

Great, then we’ll discuss it further then. Glad I can find another little way to help!

Thus spake “Shad”:

Where is your server, BTW? (I hope it’s in North America or Europe, as
a mirror anywhere else won’t help much.)


J.


Messages mailing list
Messages@forums.vassalengine.org
forums.vassalengine.org/mailman/ … engine.org

Post generated using Mail2Forum (mail2forum.com)

I was planning on switching to HostGator, and I understand that they’re based in Texas.

Hope that still works for you?

Thus spake “Shad”:

That’s fine; Texas is in North America, last I checked.


J.


Messages mailing list
Messages@forums.vassalengine.org
forums.vassalengine.org/mailman/ … engine.org

Post generated using Mail2Forum (mail2forum.com)

I was referring to Host Gator, smart guy! :stuck_out_tongue:

Thus spake “bsmith”:

I can’t speak for the old server. Everything on the new server is backed up
nightly.

I had not thought of this until you mentioned backups, but there’s a
serious problem created by the interaction between the way we’re doing
backups and possible security flaws in phpBB2: The current backup scheme
on the new server has backups being pushed from our server to our hosts’s
backup server. If our server were to be compromised, then an attacker
could use the backup account to log into our hosts’s backup server. I
can’t justify exposing Bruce’s backup server that way. This makes running
phpBB2 even less appealing than it had been.

I could reverse the way the backups work, so that the backup server pulls
the backups instead of having them pushed from our server, and I might do
that anyway—but since I would be the person cleaning up the mess if
we were pwned via phpBB2, I’m still not keen on continuing to use phpBB2.


J.


Messages mailing list
Messages@forums.vassalengine.org
forums.vassalengine.org/mailman/ … engine.org

Post generated using Mail2Forum (mail2forum.com)

Thus spake Thomas Russ:

We could do that, but it would mean that we’ll continue to pay for two
hosting setups, and also it means that we can’t start using the single-
signon stuff I wrote—and it still doesn’t address the security issue,
it just moves it around.


J.


Messages mailing list
Messages@forums.vassalengine.org
forums.vassalengine.org/mailman/ … engine.org

Post generated using Mail2Forum (mail2forum.com)

It occured to me that we might be able to get M2F working with phpBB3 faster
if we could offer the M2F developers some help. Is there anyone here who is
proficient with PHP who would be willing to donate them a bit of time?