Server outtage

Description of your first forum.
User avatar
Nathan
Site Admin
Posts: 1940
Joined: Wed Nov 26, 2014 8:51 pm
Location: Billings, MT
Contact:

Server outtage

Postby Nathan » Wed Nov 23, 2016 7:42 pm

As you've likely noticed, we've been down for a few days due to a failure that occurred during a backup and update. I've restored the forum using a backup database and combined it with the forum software from one of my other sites (which explains the header logo that I'll correct in time).

I have essentially lost three days of my life restoring the site and I don't want to go through this again. I'm moving the site over to a managed cloud where I don't have to worry about upgrades and backups ever again. I have purchased a RAID server but I can use that for file and video hosting and keep the core of the site (the forum) in the managed cloud.

I can use this as an opportunity to switch platforms over to vBulletin which offers a customized mobile app. I'm also going to be approving new members to get participation levels up. I can convert the DB that I have over to vBulletin to prevent losing content.

...or I can keep everything as is and move it all over to a local RAID capable server hosted from my office.

What say you?
Nathan in Image

NRA Certified Instructor in Pistol, Rifle, Shotgun, Personal Protection Inside the Home and Personal Protection Outside the Home.
Image

User avatar
hkguy
Posts: 615
Joined: Sun Nov 30, 2014 9:51 pm

Re: Server outtage

Postby hkguy » Wed Nov 23, 2016 7:50 pm

make it easy on yourself. though, the ability to interact with the forum via tapatalk is appealing.
NRA Member and Certified NRA RSO
IDPA & USPSA Member
Michigan Gun Owner Member

MisterB
Posts: 437
Joined: Thu Dec 04, 2014 7:54 pm

Re: Server outtage

Postby MisterB » Wed Nov 23, 2016 9:15 pm

Good choice. The site is sure running faster than it used to

User avatar
Dubhan
Posts: 145
Joined: Tue Dec 09, 2014 11:23 pm

Re: Server outtage

Postby Dubhan » Thu Nov 24, 2016 5:49 am

Three words. National security letter.

If you don't want to know when a LEO decides to ask for, and get a forensic image of all of your data, without judicial oversight, then there are vast advantages to hosting on a 'cloud' service. Heck, I keep the rent paid supporting the massive infrastructure necessary to keep all that running, and for purely commercial applications, I wouldn't hesitate.

But this site is politically sensitive. You share a lot of personal information that I have counseled you against in the past, and I imagine a lot of people share information with you that they probably shouldn't. If I were you, I would want my data, and my backups in a place where someone is going to have to get a warrant or break in to get it. That means a local box with a fully encrypted partition living on RAID, a local SAN for backups (not just one backup, build yourself a full/differential plan), and maybe a tape drive for for catastrophic recovery. Weekly or monthly full backups to tape with a 10 tape rotation in secure offsite storage used to be the gold standard pre cloud days.

All that isnt cheap, and it definitely isnt convenient, but it is MUCH more secure, assuming you have a decent firewall and keep your patches up to date.

Also, have you looked into whether this forum software supports https?

MisterB
Posts: 437
Joined: Thu Dec 04, 2014 7:54 pm

Re: Server outtage

Postby MisterB » Thu Nov 24, 2016 10:45 am

Dubhan wrote:Three words. National security letter.

If you don't want to know when a LEO decides to ask for, and get a forensic image of all of your data, without judicial oversight, then there are vast advantages to hosting on a 'cloud' service. Heck, I keep the rent paid supporting the massive infrastructure necessary to keep all that running, and for purely commercial applications, I wouldn't hesitate.

But this site is politically sensitive. You share a lot of personal information that I have counseled you against in the past, and I imagine a lot of people share information with you that they probably shouldn't. If I were you, I would want my data, and my backups in a place where someone is going to have to get a warrant or break in to get it. That means a local box with a fully encrypted partition living on RAID, a local SAN for backups (not just one backup, build yourself a full/differential plan), and maybe a tape drive for for catastrophic recovery. Weekly or monthly full backups to tape with a 10 tape rotation in secure offsite storage used to be the gold standard pre cloud days.

All that isnt cheap, and it definitely isnt convenient, but it is MUCH more secure, assuming you have a decent firewall and keep your patches up to date.

Also, have you looked into whether this forum software supports https?


Things posted online live on forever, whether they are on a cloud based server, or locally owned and controlled server. Warrants can be eventually obtained for both, but may not even be necessary for them to get what they want, given the over reach of the NSA. Besides, no extreme vetting of new members on the forum takes place, and frankly never could to avoid an agent posing as a CCW interested civilian from joining the forum and doing his own backup of the site. I'm sure they have better things to do, but I'm just saying.

Best thing to do is not post something online that you wouldn't want the feds to ultimately see. Change your brain filter regularly, and stop saying shit online that could get you in trouble. "Don't do things in the daytime, that will later keep you up at night"...

Besides, the local server route all just seems like so much fuss for a gun forum that has maybe a dozen regulars. Where's the payoff. Better to keep your nose clean, and host the site in the cloud.

User avatar
Tye
Posts: 104
Joined: Mon Dec 08, 2014 11:15 am

Re: Server outtage

Postby Tye » Thu Nov 24, 2016 4:50 pm

Happy Thanksgiving!
Best regards,

Tye

User avatar
samuelrp
Posts: 455
Joined: Sun Nov 30, 2014 7:01 am
Location: North Carolina

Re: Server outtage

Postby samuelrp » Thu Nov 24, 2016 5:34 pm

:D Thanks for working so hard Nathan! Some have had withdrawal issues for the past few days. I am not technical enough to offer an opinion.
Maintain the sport. Take a kid shooting.

User avatar
Nathan
Site Admin
Posts: 1940
Joined: Wed Nov 26, 2014 8:51 pm
Location: Billings, MT
Contact:

Re: Server outtage

Postby Nathan » Thu Nov 24, 2016 6:57 pm

Thanks for the feedback so far; I'll response later with more to address specific points.

In the meantime, I'm currently toying around with a cloud-based server. I have a seven day free trial. Please give me a hand experimenting with it and let me know if you like it more or less than this package.

http://7db9dc653280-023458.demo.vbulletin.net/index.php

thanks,
Nathan in Image

NRA Certified Instructor in Pistol, Rifle, Shotgun, Personal Protection Inside the Home and Personal Protection Outside the Home.
Image

User avatar
Dubhan
Posts: 145
Joined: Tue Dec 09, 2014 11:23 pm

Re: Server outtage

Postby Dubhan » Fri Nov 25, 2016 3:22 am

MisterB wrote:Things posted online live on forever, whether they are on a cloud based server, or locally owned and controlled server. Warrants can be eventually obtained for both, but may not even be necessary for them to get what they want, given the over reach of the NSA. Besides, no extreme vetting of new members on the forum takes place, and frankly never could to avoid an agent posing as a CCW interested civilian from joining the forum and doing his own backup of the site. I'm sure they have better things to do, but I'm just saying.


It isn't that simple. There are steps one can take which makes it exponentially more difficult to harvest data. Depending on its implementation, HTTPS for one can make it considerably more difficult for your ISP to see the contents of your packets during transmission, and while anyone with an account can see what is posted in the clear, without hacking the server itself, they would be unable to view PMs, for example, nor would they be able to see anything that isn't public to the community, like archives, or any other personal info Nate want to store on his server for his own benefit. And for you to argue that it is just as easy and cheap to get a warrant, assemble a team, transport them, break down a door, seize a server, haul it back to a nerd, and decrypt a physical LUKS encrypted volume as it is to fax a national security letter to Rackspace is just crazy. Sure, .gov has the means to do both. One is easy and secret. The other is not. Plus, not all potential adversaries are government agencies.

Best thing to do is not post something online that you wouldn't want the feds to ultimately see. Change your brain filter regularly, and stop saying shit online that could get you in trouble. "Don't do things in the daytime, that will later keep you up at night"...


I think we have already established that Nate's "cover his ass filter" is defective and beyond repair.

Besides, the local server route all just seems like so much fuss for a gun forum that has maybe a dozen regulars. Where's the payoff. Better to keep your nose clean, and host the site in the cloud.


I agree that the cost/benefit ratio may make sense to just pay rackspace, but dude has already bought a RAID capable server, that cost is sunk. He presumably already pays for a commercial internet feed, which is another sunk cost. Depending on how much data he has to back up, and whether he wants a catastrophic backup plan, he could get into a SAN for a little as a grand. Beyond that, the real costs are learning to set it up right and running the infrastructure properly. Some people value their privacy, for them, it would be worth it.

as an aside, a bare metal server, if properly implemented, can also run many projects in their own VMs. Want your own VPN server for when you are away from the office? Want to run your own email server? Want to set up a TOR node? Hell, there is a lot you can do with it. Your only real limit is the number of cores and ram you have available. I have several different projects running on my personal 8 year old dell server, and will eventually run several more.

MisterB
Posts: 437
Joined: Thu Dec 04, 2014 7:54 pm

Re: Server outtage

Postby MisterB » Fri Nov 25, 2016 8:05 am

Dubhan wrote:
MisterB wrote:Things posted online live on forever, whether they are on a cloud based server, or locally owned and controlled server. Warrants can be eventually obtained for both, but may not even be necessary for them to get what they want, given the over reach of the NSA. Besides, no extreme vetting of new members on the forum takes place, and frankly never could to avoid an agent posing as a CCW interested civilian from joining the forum and doing his own backup of the site. I'm sure they have better things to do, but I'm just saying.


It isn't that simple. There are steps one can take which makes it exponentially more difficult to harvest data. Depending on its implementation, HTTPS for one can make it considerably more difficult for your ISP to see the contents of your packets during transmission, and while anyone with an account can see what is posted in the clear, without hacking the server itself, they would be unable to view PMs, for example, nor would they be able to see anything that isn't public to the community, like archives, or any other personal info Nate want to store on his server for his own benefit. And for you to argue that it is just as easy and cheap to get a warrant, assemble a team, transport them, break down a door, seize a server, haul it back to a nerd, and decrypt a physical LUKS encrypted volume as it is to fax a national security letter to Rackspace is just crazy. Sure, .gov has the means to do both. One is easy and secret. The other is not. Plus, not all potential adversaries are government agencies.

Best thing to do is not post something online that you wouldn't want the feds to ultimately see. Change your brain filter regularly, and stop saying shit online that could get you in trouble. "Don't do things in the daytime, that will later keep you up at night"...


I think we have already established that Nate's "cover his ass filter" is defective and beyond repair.

Besides, the local server route all just seems like so much fuss for a gun forum that has maybe a dozen regulars. Where's the payoff. Better to keep your nose clean, and host the site in the cloud.


I agree that the cost/benefit ratio may make sense to just pay rackspace, but dude has already bought a RAID capable server, that cost is sunk. He presumably already pays for a commercial internet feed, which is another sunk cost. Depending on how much data he has to back up, and whether he wants a catastrophic backup plan, he could get into a SAN for a little as a grand. Beyond that, the real costs are learning to set it up right and running the infrastructure properly. Some people value their privacy, for them, it would be worth it.

as an aside, a bare metal server, if properly implemented, can also run many projects in their own VMs. Want your own VPN server for when you are away from the office? Want to run your own email server? Want to set up a TOR node? Hell, there is a lot you can do with it. Your only real limit is the number of cores and ram you have available. I have several different projects running on my personal 8 year old dell server, and will eventually run several more.


I never said both warrants were equally as easy to execute. I said warrants for both could eventually be obtained, which is true. You also can't gloss over the NSA. Their servers intercept information, as it is sent from the server to one's browser... Whether that be PM'a, emails, or web browsing/site information and content. This had been going on without our knowledge, as they harvested and stored tons of data on us all. Even if the NSA were to stop their slimy overreach with these practices, you can safely bet that if they had cause, a warrant could eventually be obtained, which would make taking the physical server or a warrant to the cloud provider unnecessary at least at first until they had such an overwhelming case that they get the rest. You also can't gloss over a planted informant posing as a citizen member of the forum. The whole local server thing with all the nonsense is really a false sense of security when it comes to this topic.

User avatar
Dubhan
Posts: 145
Joined: Tue Dec 09, 2014 11:23 pm

Re: Server outtage

Postby Dubhan » Fri Nov 25, 2016 9:14 am

MisterB wrote:I never said both warrants were equally as easy to execute. I said warrants for both could eventually be obtained, which is true. You also can't gloss over the NSA. Their servers intercept information, as it is sent from the server to one's browser... Whether that be PM'a, emails, or web browsing/site information and content. This had been going on without our knowledge, as they harvested and stored tons of data on us all. Even if the NSA were to stop their slimy overreach with these practices, you can safely bet that if they had cause, a warrant could eventually be obtained, which would make taking the physical server or a warrant to the cloud provider unnecessary at least at first until they had such an overwhelming case that they get the rest. You also can't gloss over a planted informant posing as a citizen member of the forum. The whole local server thing with all the nonsense is really a false sense of security when it comes to this topic.


National security letters are trival and secret. Getting warrants and executing them are not. Cracking properly implemented encryption considerably less trivial than getting a warrant.

You don't need the NSA to intercept in the clear transmissions between the server and the browser, a national security letter to the ISP would do just fine. You DO need the NSA to crack properly implemented HTTPS traffic. This would protect PMs and web browsing and private site content information pretty well except in extreme circumstances. Email is generally transmitted without any sort of encryption whatsoever, so that is always going to be risky, unless you utilize PGP or an encrypted email service, in which case, you are back to needing the NSA to crack it. And honestly the NSA has a whole lot better things to do.

I get that you think are an expert on this, but you simply aren't. Anyone who knows anything more than you can get off of a casual reading of mass media sources (who dont really understand this subject either) understands that information security is just like physical security. None is perfect, but that doesn't mean that it is useless. Every small step you make that makes it harder for an adversary to get to your information incentivizes him to move onto softer targets...

And before you go there, where there is a list of persons of interest to federal law enforcement for non mainstream political views, Nate is already on it. He is very unlikely attract additional scrutiny by using encryption or running his own servers.

You are welcome to your opinion, but you should invest some time reading a bit deeper before dismissing things out of hand based on an incomplete understanding. Yes, there is cost/benefit math to be done. No, it isn't a slam dunk either way.

MisterB
Posts: 437
Joined: Thu Dec 04, 2014 7:54 pm

Re: Server outtage

Postby MisterB » Fri Nov 25, 2016 1:59 pm

Dubhan wrote:
MisterB wrote:I never said both warrants were equally as easy to execute. I said warrants for both could eventually be obtained, which is true. You also can't gloss over the NSA. Their servers intercept information, as it is sent from the server to one's browser... Whether that be PM'a, emails, or web browsing/site information and content. This had been going on without our knowledge, as they harvested and stored tons of data on us all. Even if the NSA were to stop their slimy overreach with these practices, you can safely bet that if they had cause, a warrant could eventually be obtained, which would make taking the physical server or a warrant to the cloud provider unnecessary at least at first until they had such an overwhelming case that they get the rest. You also can't gloss over a planted informant posing as a citizen member of the forum. The whole local server thing with all the nonsense is really a false sense of security when it comes to this topic.


National security letters are trival and secret. Getting warrants and executing them are not. Cracking properly implemented encryption considerably less trivial than getting a warrant.

You don't need the NSA to intercept in the clear transmissions between the server and the browser, a national security letter to the ISP would do just fine. You DO need the NSA to crack properly implemented HTTPS traffic. This would protect PMs and web browsing and private site content information pretty well except in extreme circumstances. Email is generally transmitted without any sort of encryption whatsoever, so that is always going to be risky, unless you utilize PGP or an encrypted email service, in which case, you are back to needing the NSA to crack it. And honestly the NSA has a whole lot better things to do.

I get that you think are an expert on this, but you simply aren't. Anyone who knows anything more than you can get off of a casual reading of mass media sources (who dont really understand this subject either) understands that information security is just like physical security. None is perfect, but that doesn't mean that it is useless. Every small step you make that makes it harder for an adversary to get to your information incentivizes him to move onto softer targets...

And before you go there, where there is a list of persons of interest to federal law enforcement for non mainstream political views, Nate is already on it. He is very unlikely attract additional scrutiny by using encryption or running his own servers.

You are welcome to your opinion, but you should invest some time reading a bit deeper before dismissing things out of hand based on an incomplete understanding. Yes, there is cost/benefit math to be done. No, it isn't a slam dunk either way.


What an arrogant, yet ignorant response. Your opinion has been challenged, and so your response is to question my knowledge and suggest that I study up. :roll: Right back at you...

We could keep playing this back and forth game, but instead I will leave you with this big picture summation:

No matter what server Nathan has for this web site, no matter how much security it has, and how difficult it would be for the feds to ultimately crack... in the end, the government can and will get in to view what they need if they have enough reason to do so. Whatever means that is, will prove to ultimately be irrelevant. What IS relevant, is what is said (or not said) on a public forum.

User avatar
Nathan
Site Admin
Posts: 1940
Joined: Wed Nov 26, 2014 8:51 pm
Location: Billings, MT
Contact:

Re: Server outtage

Postby Nathan » Fri Nov 25, 2016 2:11 pm

Have we really ever discussed anything that would implicate criminal intent? Ever? Granted that much of our content isn't politically correct but nothing has ever been said that could be considered treasonous or criminal?
Nathan in Image

NRA Certified Instructor in Pistol, Rifle, Shotgun, Personal Protection Inside the Home and Personal Protection Outside the Home.
Image

MisterB
Posts: 437
Joined: Thu Dec 04, 2014 7:54 pm

Re: Server outtage

Postby MisterB » Fri Nov 25, 2016 2:31 pm

Nathan wrote:Have we really ever discussed anything that would implicate criminal intent? Ever? Granted that much of our content isn't politically correct but nothing has ever been said that could be considered treasonous or criminal?


Not suggesting "we" have, but I certainly can't speak for everyone, nor can I possibly read everything posted, nor can I assume intent. I am talking about what "could" be said, and I'm saying that if you're careful with what you say, there is less reason to fear, and therefore less reason for all this cost and hassle to secure a public forum for a dozen or so regulars.

User avatar
Dubhan
Posts: 145
Joined: Tue Dec 09, 2014 11:23 pm

Re: Server outtage

Postby Dubhan » Fri Nov 25, 2016 2:44 pm

Nathan wrote:Have we really ever discussed anything that would implicate criminal intent? Ever? Granted that much of our content isn't politically correct but nothing has ever been said that could be considered treasonous or criminal?


There are literally thousands of ways to run afoul of the US Code, NOBODY knows how many regulations have been written that can land a person in jail, not to mention state and local codes. Additionally, as we all know, being politically incorrect has been motivation for hundreds maybe even thousands of investigations. If you aren't paranoid, you really haven't been paying close enough attention.

User avatar
Dubhan
Posts: 145
Joined: Tue Dec 09, 2014 11:23 pm

Re: Server outtage

Postby Dubhan » Sun Nov 27, 2016 8:53 am

MisterB wrote:What an arrogant, yet ignorant response. Your opinion has been challenged, and so your response is to question my knowledge and suggest that I study up. :roll: Right back at you...

We could keep playing this back and forth game, but instead I will leave you with this big picture summation:

No matter what server Nathan has for this web site, no matter how much security it has, and how difficult it would be for the feds to ultimately crack... in the end, the government can and will get in to view what they need if they have enough reason to do so. Whatever means that is, will prove to ultimately be irrelevant. What IS relevant, is what is said (or not said) on a public forum.


Its arrogant, but it isn't ignorant. I'm not going to bother to school you on this because I doubt you would understand anyway. Your blanket statements which reflect zero understanding of the technology and legalities involved are are what show ignorance. How much effort it takes to get what the government wants is ABSOLUTELY relevant. If it didn't, nobody would encrypt, and the NSA wouldn't need half the water rights of the state of Utah to handle the heat generated by the processing power necessary to decrypt, store and process what they consider to be relevant national security threats, and various law enforcement agencies wouldn't be clamoring for the right to demand information with a fax and no oversight. Nobody would bother, because nothing anyone could do would make it more costly.

Heck, FBI couldn't even manage to hack a fucking i-phone without hiring a highly specialized firm to do it after whining about it in open court for a month. And in fact, the encryption wasn't cracked, it was the software that was hacked, which is considerably easier. And it took them how many man hours to put an end to Silk Road? Which by the way only got targeted because a Senator went on national media and embarrassed them into dumping thousands of man hours into one site.

Yep, properly implemented encryption is meaningless and pointless. Don't bother, because you have nothing to fear if what you say is hated by a full third of the population, because if you did happen to violate a regulation that you didn't know existed, you wouldn't be able to keep that unwitting infraction between you and a forum member by using encryption, because all the feds have to do is snap a fucking finger. Because its fucking magic.

Yep. I've had enough. Nate, definitely take this guy's advice. He's knows exactly what he's doing. Don't worry. Privacy doesn't matter if you have nothing to hide. You have absolutely no reason to know who is mucking about in your database. Nobody has ever gone to prison for inadvertently violating some obscure regulation. Nothing anyone has ever said online in a private message has ever been taken out of context by a LEO or jury. Bad shit doesn't happen to good people, and if if it does, there's nothing you can do to protect yourself anyway, because the Government is God, they are omniscient. They know all, and see all with zero cost, and they totally don't have to prioritize who they decide to harass or persecute based on how hard that target is. And besides, your facebook friend count will tell them that you are a good guy and should be left alone.

Totally.

Night.

MisterB
Posts: 437
Joined: Thu Dec 04, 2014 7:54 pm

Re: Server outtage

Postby MisterB » Sun Nov 27, 2016 9:33 am

Dubhan wrote:
MisterB wrote:What an arrogant, yet ignorant response. Your opinion has been challenged, and so your response is to question my knowledge and suggest that I study up. :roll: Right back at you...

We could keep playing this back and forth game, but instead I will leave you with this big picture summation:

No matter what server Nathan has for this web site, no matter how much security it has, and how difficult it would be for the feds to ultimately crack... in the end, the government can and will get in to view what they need if they have enough reason to do so. Whatever means that is, will prove to ultimately be irrelevant. What IS relevant, is what is said (or not said) on a public forum.


Its arrogant, but it isn't ignorant. I'm not going to bother to school you on this because I doubt you would understand anyway. Your blanket statements which reflect zero understanding of the technology and legalities involved are are what show ignorance. How much effort it takes to get what the government wants is ABSOLUTELY relevant. If it didn't, nobody would encrypt, and the NSA wouldn't need half the water rights of the state of Utah to handle the processing power to decrypt what they consider to be relevant national security threats, and various law enforcement agencies wouldn't be clamoring for the right to demand information with a fax and no oversight. Nobody would bother, because no matter what an end user could do would make it more costly.

Heck, FBI couldn't even manage to hack a fucking i-phone without hiring a highly specialized firm to do it after whining about it in open court for a month. And in fact, the encryption wasn't cracked, it was the software that was hacked, which is considerably easier. And it took them how many man hours to put an end to Silk Road? Which by the way only got targeted because a Senator went on national media and embarrassed them into dumping thousands of man hours into one site.

Yep, properly implemented encryption is meaningless and pointless. Don't bother, because you have nothing to fear if what you say is hated by a full third of the population, because if you did happen to violate a regulation that you didn't know existed, you wouldn't be able to keep that unwitting infraction between you and a forum member by using encryption, because all the feds have to do is snap a fucking finger. Because its fucking magic.

Yep. I've had enough. Nate, definitely take this guy's advice. He's knows exactly what he's doing. Don't worry, bad shit doesn't happen to good people, and if if it does, there's nothing you can do to protect yourself anyway.

Night.


Nope. Still ignorant, and your arrogance is your Achilles heel. You are the worst type of professional. The insecure kind that mistakenly thinks YOU know everything, and everyone else should bow down and kiss your rings. If you were a doctor, you would be the type with poor bedside manner, who refuses to listen to the patient, and hastily makes a diagnosis that ultimately ends up being proven wrong.

You have once again failed to understand what I have said, but yet point the finger that I am somehow below you, and couldn't possibly know what I am talking about. If you will recall, have been talking about the government's ability to gain access to THIS web site, and whether the cost and hassle involved in having a physical server Nathan controls is necessary, or if having a cloud based shared server would suffice. Yes, there is a time and a place for security. Yes, it is important, but you keep muddying the waters by talking about security issues that don't necessarily apply to this particular discussion at hand.

Every example you give of the government having a tough time cracking something (such as the terrorist iPhone), ultimately ends in the government getting what they need. It doesn't matter that it took a private consulting firm, or whatever to get access. What matters is that access can ultimately be gained no matter how much "security" you have. Suggesting Nathan spend the time and money to secure and maintain a public web server for the use of a small handful of regulars is irresponsible. It is a false sense of security (which could lead to he and others saying things that could get them in trouble), that can and will ultimately be accessed by the feds if they have enough cause to do so, regardless of how much security the server has.

User avatar
Nathan
Site Admin
Posts: 1940
Joined: Wed Nov 26, 2014 8:51 pm
Location: Billings, MT
Contact:

Re: Server outtage

Postby Nathan » Sun Nov 27, 2016 12:31 pm

Well this has taken some unfortunate turns. Image
...but I do appreciate all the feedback. Both positions actually make many good points worth considering carefully.


http://7db9dc653280-023458.demo.vbulletin.net/index.php
Has anyone tried out the trial forum link posted above? I'd really like some feedback on that platform. If we switched to that platform there is a custom mobile app available. I don't mind paying for the app (that you would use for free) but only if people would actually be interested in using it. It's the vBulletin app that anybody can buy for their forum that's simply customized for CCF. This is what it looks like: http://www.vbulletin.com/en/mobile/

I tried Tapatalk briefly but it was way too intrusive for my comfort level getting root access into the forum that I couldn't protect against if someone hacked Tapatalk.
Nathan in Image

NRA Certified Instructor in Pistol, Rifle, Shotgun, Personal Protection Inside the Home and Personal Protection Outside the Home.
Image

User avatar
Nathan
Site Admin
Posts: 1940
Joined: Wed Nov 26, 2014 8:51 pm
Location: Billings, MT
Contact:

Re: Server outtage

Postby Nathan » Sun Nov 27, 2016 4:34 pm

The cloud based vBulletin really seems like the way to go, but there are many other factors to consider.

Image
When the server that I lease at the datacenter failed, the first thing I did was order a replacement server with the intent on bringing the site back home to host on my own commercial cable connection in my home just as I have done for eight of the ten years this site has been online. This gives me the flexibility of doing my own hardware upgrades instead of spending a small fortune on IT guys at the datacenter to do it for me.


Image
However, currently I have a RAID capable Xeon quad core server on 32 gigs of RAM (upgraded from the original 16) just sitting on top of my gun safe collecting dust. If I don't bring my sites home, I've essentially wasted $2,500 (total investment including operating system).

If I remain on the current software, I am responsible for everything and while the software is fully upgradable, adding application extensions to get additional features requires manually editing the open source software myself for a computer language that I only have a very basic grasp of (.php). Each security patch that comes out has to be manually implemented by over-write and modifying manually. The open source software is as solid as I've ever found, but it does require considerable manual effort just to do something as simple as change the background colors (which is why choices are so limited, now). With the vBulletin being a commercial forum software package, upgrades are as simple as clicking the new pretty color that you want to use as upgrades are implemented by their staff.

I can host the vBulletin on their cloud where they do all the work for $15 a month (currently paying $150 a month to lease the current server at the datacenter), or I could buy a copy of vBulletin to install on my own server. The downside to the vBulletin is that it runs on a MySQL database which is an industry standard setting database, but I know nothing about it, how to implement it, modify it or do anything else with it. We currently run on MSSQL from Microsoft that is equally as fast and dependable as the open source MySQL and I've already paid a small fortune for the MSSQL and would prefer to continue using it to get my money's worth out of it eventually. As is right now, if I moved over to the vBulletin platform in the cloud, I could never bring the software home to use on my own server without having to learn MySQL (which I don't know that I want to do).

The primary reason that traffic has died on this forum (aside from Facebook killing forums everywhere) is that I haven't been approving new membership requests and the primary reason I haven't done this is due to spambots that establish accounts and then fill your forum with spam in a matter of seconds. The phpBB solutions just aren't working to keep them out whereas the vBulletin forums that I read don't seem to have the problem leaving me to believe that the commercial software just does a better job at blocking spambots from successfully registering.

I have thought about hosting the forum on the vBulletin cloud and then utilizing the new server for my email, file hosting and other websites that I run that aren't forum based.

I don't yet know; there is so much to consider from so many different angles.
Nathan in Image

NRA Certified Instructor in Pistol, Rifle, Shotgun, Personal Protection Inside the Home and Personal Protection Outside the Home.
Image

User avatar
Tye
Posts: 104
Joined: Mon Dec 08, 2014 11:15 am

Re: Server outtage

Postby Tye » Sun Nov 27, 2016 5:52 pm

The trial site seems ok on my cheap Samsung tablet. Not sure about the tabw to blogs and articles, etc. Maybe a new place put more formal reviews?

You look much younger in your Avatar there as well. Be interesting to see how/whether a photo intensive post would effect the experience.
Best regards,

Tye

User avatar
Nathan
Site Admin
Posts: 1940
Joined: Wed Nov 26, 2014 8:51 pm
Location: Billings, MT
Contact:

Re: Server outtage

Postby Nathan » Sun Nov 27, 2016 6:12 pm

Tye wrote:Be interesting to see how/whether a photo intensive post would effect the experience.

Photo-intensive post --> http://7db9dc653280-023458.demo.vbullet ... carryguide
Nathan in Image

NRA Certified Instructor in Pistol, Rifle, Shotgun, Personal Protection Inside the Home and Personal Protection Outside the Home.
Image

User avatar
Rodeo Mike
Posts: 93
Joined: Tue Dec 02, 2014 8:12 pm

Re: Server outtage

Postby Rodeo Mike » Tue Nov 29, 2016 9:16 pm

Ya'll are way over my head! I like Tapatalk I'm already on it with Steel Soliders, I went to the V bulletin site and could only view the carry guide, I couldn't sign on for some reason. May have just forgot the passwords. Seemed ok othewise
OVERKILL IS UNDERRATED

User avatar
Nathan
Site Admin
Posts: 1940
Joined: Wed Nov 26, 2014 8:51 pm
Location: Billings, MT
Contact:

Re: Server outtage

Postby Nathan » Wed Nov 30, 2016 8:39 am

Rodeo Mike wrote:Ya'll are way over my head! I like Tapatalk I'm already on it with Steel Soliders, I went to the V bulletin site and could only view the carry guide, I couldn't sign on for some reason. May have just forgot the passwords. Seemed ok othewise

There are no members on the vBulletin sight so there was no way to log on. What did you think of the platform itself? Which platform do you prefer?
Nathan in Image

NRA Certified Instructor in Pistol, Rifle, Shotgun, Personal Protection Inside the Home and Personal Protection Outside the Home.
Image

User avatar
samuelrp
Posts: 455
Joined: Sun Nov 30, 2014 7:01 am
Location: North Carolina

Re: Server outtage

Postby samuelrp » Wed Nov 30, 2016 4:49 pm

An upgraded mobile capability might be of benefit. It looks good.
Maintain the sport. Take a kid shooting.

User avatar
Rodeo Mike
Posts: 93
Joined: Tue Dec 02, 2014 8:12 pm

Re: Server outtage

Postby Rodeo Mike » Wed Nov 30, 2016 6:48 pm

V bulletin looks alot like what we have at the moment. Very staight forward, l didn't see any issues. I only have Internet axcess on my phone, Tapatalk is a little nicer on my phone. It uses very little data, it's typically faster, the user interface is very easy to navigate, and if your on more than one forum that uses Tapatalk it all comes up initially together.

I do wish we didn't have go thru a 3rd party to host our pics. I understand it probably takes lots of space on that server. Photobucket doesn't do so well on my phone, I was trying to load some pics to put here yesterday, after a hr I gave up.
OVERKILL IS UNDERRATED


Return to “News@ConcealedCarryForum.com”

Who is online

Users browsing this forum: No registered users and 1 guest