Language Selection

English French German Italian Portuguese Spanish

Site News

Keeping a Web Site Safe and Available With or Without a CDN

Submitted by Roy Schestowitz on Wednesday 23rd of October 2019 07:47:35 PM Filed under
Site News

PostgreSQL

THE site Tux Machines is and has been online for over 15 years. It has not suffered security-related incidents. The same is true for Techrights, which soon turns 13. Tux Machines uses Gallery and Drupal, whereas Techrights uses MediaWiki, WordPress and Drupal. WordPress is its most important component as it contains over 26,000 posts. Tux Machines has about 130,000 nodes in Drupal. We don't use a CDN as we have a reasonably powerful server that can cope with the load on its own. For security we use best practices and keep critical issues plugged. I was recently asked for advice on these matters and explained things as follows.

There are mainly two types of attacks (maybe three if one includes social engineering, e.g. tricking a citizen journalist/blogger/administrator into a trap):

1) capacity-based, e.g. DDOS attack

2) exploiting vulnerabilities to degrade/compromise site's quality of service (similar to (1) above but not the same), access site data (confidential), spy on people (writers/staff/visitors) without them being aware.

WordPress runs lots of stuff and powers a lot of the Web, maybe 20% (or more) of today's Web sites. It's regularly checked for security issues and bugs are regularly fixed. Updates can be set to automatic, which means they happen in the background without user intervention. I check the site for updates several times per day, e.g. this one from yesterday.

I've used WordPress for 15 years as an early adopter and developer.

What's known as the "core" of WordPress is generally secure if kept up to date, manually or automatically (for large sites it might make sense to apply patches manually to reduce risk of unnoticed incidents and enable quality control, patch assessment etc). It's also important to keep the underlying operating system and pertinent packages like PHP (programming language), mysql/psql (WordPress and Drupal typically use MariaDB or MySQL as the database, but PostgreSQL should be possible too) and Apache (there are simpler alternatives e.g. NGINX for Web server) up to date.

If we get to keep everything up to date, and moreover we don't install WordPress extensions that cannot be trusted or are no longer maintained (or scarcely maintained), we should be OK. The social engineering part involves stuff such as phishing, e.g. someone sending out an E-mail in an attempt to obtain passwords of privileged users.

If you use a CDN for content distribution, e.g. CloudFlare, then availability will be mostly down to the CDN company. WordPress generates pages on the fly (dynamic), but it has caching mechanisms that can be further improved with extensions. The CDN likely obviates the need for those. So, if the site is receiving 'too many' requests, the CDN can probably scale to deal with that (maybe a more expensive protection plan).

I peronsally would never use CloudFlare (for a lot of reasons), but to many people it's the only CDN that 'counts' or exists. Brand recognition perhaps.

»

Contact Private Internet Access (PIA) Managers to Help Save Linux Journal From Shutdown

Submitted by Roy Schestowitz on Friday 9th of August 2019 08:35:32 AM Filed under
Site News

Private Internet Access

TUX MACHINES turned 15 almost exactly two months ago. The site has operational costs, as one can expect, mostly the hardware and bandwidth. We've thankfully had these resources very kindly donated to us last year, basically saving us the massive burden of bills somewhere around $10,000. Running a site with a lot of traffic isn't cheap and it isn't getting cheaper, either. As an overhead or addition to server maintenance (uptime requires habitual work on repairing databases, managing backups, patching of software and agonising system upgrades once in a few years) it takes a lot of time to compose new material and moderate to keep spam out.

A lot of the mainstream media is bashing Linux Journal right now. It makes it seem like its demise is a problem with GNU/Linux itself. These are villainous lies from self-serving foes of Linux, sometimes people who are aligned with Microsoft or salaried by Microsoft (we don't want to link to their provocative clickbait). But anyway, the bottom line is that keeping Linux Journal online may be costly and people should prepare for the possibility of Linux Journal becoming unavailable (offline) some time soon. I try very hard to prevent this (today and yesterday). "There is a real (and ever-growing) danger that a massive trove of GNU/Linux and Free software history will vanish unless urgent action is taken right now," I said. There are ways to avoid this (writers of that site need to unite in a union-like sense). I also secure my own sites from such a fate, having reached almost 13 years in Techrights. This week the site is experiencing all-time traffic records.

I've decided to contact Rick Falkvinge (Dick Greger Augustsson), founder of the Swedish Pirate Party and head of privacy at Private Internet Access, which owns Linux Journal. Bear in mind he used to work for Microsoft. We're still friendly online (we've exchanged some messages over the years) and he probably has sufficient clout at Private Internet Access to sway their decisions. In case they plan to shut down the site, we must act fast. Please contact him; as per his Web site, his E-mail address is x1bpsas66na001@sneakemail.com and any message he receives he can relay to other high-level people at the company. I don't personally know anyone else at that company, so that's the only contact I'm able to provide.

»

Photos: 15-Year Anniversary Party

Submitted by Rianne Schestowitz on Saturday 6th of July 2019 06:24:17 PM Filed under
Site News

Toast to Tux Machines

Access full album

»

Tux Machines Over the Past 15 Years

Submitted by Roy Schestowitz on Tuesday 11th of June 2019 07:39:21 AM Filed under
Site News

2005

Tux Machines site in 2005

2010

Tux Machines site in 2010

2012

Tux Machines site in 2012

2013

Tux Machines site in 2013

Late 2013

Tux Machines site in late 2013

2014

Tux Machines site in 2014

2015

Tux Machines site in 2015

2019

Tux Machines site in 2019

»

Happy 15th Anniversary to Tux Machines

Submitted by Rianne Schestowitz on Monday 10th of June 2019 03:22:20 PM Filed under
Site News

Anniversary of Tux Machines

Summary: Anniversary of Tux Machines is today, a special anniversary too

Today Tux Machines is celebrating its 15th year of existing. When we bought the website it was about 10 years old, so kudos to Susan Linton who devoted time to make and keep the site on pace. We promise to keep the website up to date with lots of insightful OSS/FOSS/Linux/Android-related articles. We hope to continue the job well into the distant future.

»

Tell Us About Your (or Others') GNU/Linux Blogs

Submitted by Roy Schestowitz on Monday 27th of May 2019 07:34:46 AM Filed under
Site News

THE MEDIA online is dying. It's no secret. Not all sorts of media are dying but traditional media struggles to survive. Causes for these have been explained for years if not more than a decade. This won't be the subject of this post.

Tux Machines does not produce a lot of original material. Susan used to publish GNU/Linux reviews (with galleries of screenshots), but other than that we mostly cluster and syndicate news. This has been the case for nearly 15 years (our anniversary is next month).

Each year it feels like mainstream media produces a lot less stories (not just about GNU/Linux but about anything, in general terms). So we're 'mining' more and more RSS feeds, typically of blogs. Do you have a GNU/Linux blog or know one/s you wish to recommend? Let us know in the IRC channel because we always hunt for more news sources, no matter if they're 'mainstream' or not as long as they're credible, reliable, and on topic.

»

Fifteenth Anniversary of Tux Machines Coming Soon

Submitted by Roy Schestowitz on Saturday 27th of April 2019 06:31:35 PM Filed under
Site News

NOT many Internet enterprises or even protocols outlast the Web. IRC is under attack, E-mail is being hijacked by large corporations (the business model of spying), and copyright monopolies compel ISPs to disconnect from USENET. Even without the Web there's a similar problem; not many sites last a decade; some last a few years until interest is lost or life-changing events cause stagnation and ultimately shutdown (it's not cheap to keep a domain registered and it can be technically difficult to keep a host going). Some sites or blogs remain active only for days, weeks, months. Not many sites have lasted 2 decades. Some become dormant and shelved. Some suffer the "Google Plus effect" (host decides it's not viable to carry on hosting, mostly for selfish "business reasons").

Tux Machines domainTux Machines remains very active. Every day, almost every hour. Even when we're on holiday (or abroad) we still log in and post the more crucial news. We never wink or lose a heartbeat. Dedication like this becomes almost addictive.

In less than a couple of months the site will turn 15. We're planning to celebrate locally somehow (a little party), knowing that it's a rare event and seeing how the Web becomes just "apps" and "social media" it's hard to guarantee we'll reach 20 (we sure hope so). Over the years we've considered modernising the site (CMS overhaul), but such novelty may entail bloat, speed losses, 'UX' erosion, and a lack of 'traditional' feel, maybe even issues associated with navigation, user familiarity, backward compatibility of URLs (we still use node numbers!) and so on.

»

Real-time Tux Machines Chat Over IRC (Internet Relay Chat)

Submitted by Roy Schestowitz on Saturday 2nd of March 2019 11:06:11 PM Filed under
Site News

The first IRC server
"The first IRC server, tolsun.oulu.fi, a Sun-3 server on display near the University of Oulu computer centre." Credit/licence: CC BY 2.5, Urpo Lankinen

TUX MACHINES reached all-time record traffic in the past couple of weeks. This (raw) traffic now stands at about 4 million hits/week, with 3,970,777 hits in the past 6 days and 4,289,540 hits last week (predating these 6 days). It's just a shame that interaction with readers became hard; the forums had a severe spam issue, as did comments and submissions (by new registrants, always, more so at a later stage) -- to the point where it became impractical to allow any new registrations (except adding people manually upon request). The open/incognito registrants would overrun the site within minutes (we tried several times over the years and saw the effect immediately).

So we've decided to try IRC and have added "IRC" to the menu at the top with an applet (JavaScript) to make life easier for those who aren't familiar with IRC clients.

Here's how to join us. This is still experimental. Real-time updates with posts (as they are posted) will in due course be shown in the channel and we can all casually chat in real-time, too. We are also still working on our Android app these days.

»

Testers Wanted: Android App for Tux Machines Site

Submitted by Roy Schestowitz on Tuesday 12th of February 2019 10:40:53 AM Filed under
Site News

APK icon

Diaspora logo Mastodon logo Pleroma logo

Tux Machines is turning 15 this summer and as we noted over the weekend, many people now access the site using mobile devices, for which the site provides a subpar experience due to legacy. RSS feeds are therefore recommended. There's our RSS feed for news, RSS feed for Tux Machines Blogs and another for Techrights, where I write my original articles.

Most readers, however, do not use RSS feeds. Consider the 700 followers of our Twitter account, the 2,365 followers of our Diaspora account, 1,080 followers of our Mastodon account, and 63 followers of our Pleroma account (so about 4,000 in total). Those are dependent on third parties (we do not self-host these platforms). Even if "apps" are used for access to these social media platforms/sites, the links would lead to Tux Machines Web pages, which don't render particularly well on small screens (phones). So we've made this simple "app" for the site, but we're still testing it. If anyone out there can try it on an Android device and report back to us, we'll appreciate it greatly and use the feedback to improve it.

Screenshot Tux Machines app

»

Mobile Interfaces, Internet, Devices and UX

Submitted by Roy Schestowitz on Sunday 10th of February 2019 11:20:13 AM Filed under
Site News

A mobile phone

Summary: Visitors who use mobile phones get a subpar experience, but that's an issue that boils down to preservation versus novelty

TUX MACHINES is turning 15 later this year. Longtime readers may very well know that the appearance or the layout of this site barely changed over the years. The key components have been in place since the very start. We still use node IDs as URLs (not ideal, but that works), mobile devices are barely supported (they were barely used on the Net at the time the site started), and due to SPAM we can no longer allow new user registrations (they overwhelm the site with a flood of SPAM submissions, i.e. noise such as pornographic comments, abusive blog posts etc.) within hours. We know because we tried opening up these registrations several times in the past. Any loosening of these restriction means a complete and utter mess.

"Mobile users who struggle with the site contact me routinely and my best suggestion for them is an RSS reader (many exist for mobile devices), which overcomes these issues and bypasses all the 'cruft'."

So-called 'UX' (buzzword for user interfaces/experience) in Tux Machines is far from ideal, especially for those who use a phone. We are aware of it, but the overhaul required to change that would be truly massive because of the number of pages, images, and the underlying framework, which was heavily modified and tailored for the existing user experience. I spent a lot of time making things work as they do. Susan had also invested a great deal of effort.

Mobile users who struggle with the site contact me routinely and my best suggestion for them is an RSS reader (many exist for mobile devices), which overcomes these issues and bypasses all the 'cruft'. Taking all the implications into account (endless work associated with a change), we don't plan a site redesign/overhaul. Maybe in the distant future, but not any time soon. The RSS feed is already used by a lot of people, even desktop/laptop users. We have no ads and no surveillance in this site, so RSS feeds don't impact some "business model" or whatever. In fact, it helps lower the strain on the server.

»
Syndicate content

More in Tux Machines

Red Hat Enterprise Linux 7 and CentOS 7 Get Important Kernel Security Update

Marked as important by Red Hat Product Security, the new Linux kernel security patch is here to fix a use-after-free flaw (CVE-2018-20856) discovered in the __blk_drain_queue() function in block/blk-core.c, as well as a heap overflow issue (CVE-2019-3846) discovered in the mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c. It also addresses a heap overflow issue (CVE-2019-10126) discovered in the mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c and a Bluetooth flaw (CVE-2019-9506) that may lead to BR/EDR encryption key negotiation attacks (KNOB). Read more

Purism: Supplying the Demand

Thank you all for the continued support and remarkable demand for the Librem 5. As we’ve shared earlier, we are iterating through shipping batches. The purpose of doing so is to increment and improve with each batch toward mass production and share that story publicly. As a result, these earlier batches are limited in quantity as we move toward mass production. Publicly releasing iterated hardware at this level of transparency is extremely uncommon, but in nearly everything we do we try to lead by example. Forming as a Social Purpose Corporation, open sourcing all our software, having PureOS be FSF endorsed, securing the lower layers of computing, or manufacturing a revolutionary mobile phone from scratch… all have required sacrifice but are well worth it to provide people with a values-driven alternative to Big Tech. Read more Also: Purism Provides Update On Librem 5 Shipping, Known Issues

KDE Plasma 5.17 Desktop Environment Gets First Point Release with 40 Bug Fixes

Released last week on October 15th, the KDE Plasma 5.17 desktop environment introduces Night Color support on X11, fractional scaling on Wayland, HiDPI and multi-screen improvements, as well as the ability to support for managing and configuring Thunderbolt devices in System Settings. It also improves the notification system with a new Do Not Disturb mode that automatically detects presentations, Breeze GTK theme support for the Google Chrome and Chromium web browsers, Nvidia GPU stats in System Settings, and color scheme support for GTK and GNOME apps in the Breeze GTK theme. Read more

Ubuntu Touch OTA-11 Release

Ubuntu Touch is the privacy and freedom respecting mobile operating system by UBports. Today we are happy to announce the release of Ubuntu Touch OTA-11! OTA-11 is immediately available for all supported Ubuntu Touch devices. You can skip to How to get OTA-11 to get it right away if you're impatient, or read on to learn more about this release. We were calling this a "small release" originally. Our plan was to cover the backlog of pull requests that weren't quite ready for OTA-10. It turns out, that made this "small" update not small at all. Read more Also: Ubuntu Touch OTA-11 for Ubuntu Phones Brings Smarter Keyboard, Better Browsing UBports' Ubuntu Touch OTA-11 Released

More on Tux Machines: AboutGalleryForumBlogsSearchNewsRSS Feed

Part of Bytes Media ● Sister sites below.

TechBytes Techrights button

Powered by Drupal, an open source content management system

Content available under CC-BY-SA CC

© by original authors

Powered by CentOS 6.5 (GNU/Linux), Varnish, and Drupal 6