Thread: We've moved web hosts
The private messaging system is broken, I'm looking into it.
Private messages are now fixed.
https:// (SSL) is now back
You can now see who is online, and who isn't again (it's been broken for some time, and always showed people as offline).
Right now it says
has made billions upon billions of posts and is an Uruk-Hai from Isengard and is online.
Posted Wednesday 6th August 2014 (08:43am)
But you aren't showing up at the bottom right...
That's because I'm not logged-in to the chat.
Awesome, Taz. Good to see people online once more.
Curufinwe, I was thinking about your question and wanted to explain...
The chat program we use at the bottom right is by a third party called envolve – it's not very good and I'm looking to replace it – but separately to that, it uses a different way of detecting who is online and how many users are online at any given time.
The forum (which I wrote), where it says "and is online" above each user's post, uses the "session" store of our web server. Basically, every time a user visits the website a session cookie is created which I store in a folder on the server and associate with that user in the database so I can detect whether a logged-in user is online or not. The server, periodically expires these sessions, however, this isn't instant and often can be 30-50 minutes in between. This basically means that the forum can sometimes report that a user is still online, when they're not – and this will be cleaned when the session expires.
Should be working now, see your email and private message.
Just wanted to say I really appreciate what you do on the website, Taz :-) This is the best Tolkien website ever! (And of course you know that;-) Thank you for taking the time to fix these little problems we keep finding and constantly helping out! Namarie,
http:// (SSL) is now back
I am currently posting this through an unsecured connection using sslstrip.
I'm surprised that that still works after the change of hosts.
Thanks for the memo Elrohir! It's certificate was sticking up the website, and it is clear now, so thanks
The SSL works fine for me now, let me know if you're still having problems.
if I enter http:// instead of https:// in my browser, I can log in without using ssl. usually I would start sslstrip to create an insecure connection, because switching to http in the browser wasn't possible before. it seems ssl is not properly enforced. it should not be possible to log in over http, for obvious reasons.
Yeah. it's optional at the moment. I will force it at some point.