Upcoming changes (and possible breakage)

Talk about whatever you feel like.
Post Reply
User avatar
Martin Blank
Knower of Things
Knower of Things
Posts: 12513
Joined: Fri Feb 07, 2003 4:11 am
Real Name: Jarrod Frates
Gender: Male
Omnicode: sxy cm163 kg76 eso.#_glasses sp= Ag1974.October anE hdd Zot RlM Kd1y PeC&C FHb IN14 PrPython(3)^(7)&C(2)^(5)&C++(2)^(7)&JavaScript(2)^(5)&Ruby(1)^(5)&PHP(2)^(5) GM-6DN LAEN(9)&ES(2)^(6)&EO(1)^(7) Crc(6).Security MvD BA! PlM
Location: Dallas, TX
Contact:

Upcoming changes (and possible breakage)

Post by Martin Blank » Mon Apr 01, 2019 7:58 am

Before the end of April 2019, I plan to do some work and experiments on the forums, since this is the most active site I run. I hope that it won't break anything, but I can't promise. Among these are:
  • Upgrading to phpBB 3.2.5 (or whatever is current when I upgrade)
  • Adding Content-Security-Policy (CSP) headers to limit from where your browser can pull resources
  • Adding a Feature-Policy header
  • Adding a CAA DNS record to prevent certificate authorities other than those allowed from issuing certs
  • (Maybe) Add an Expect-CT header to trigger the browser to make sure the site's certificate is in published certificate transparency logs
  • Set up header reporting so I can see errors
My goal here is first to get some basic practical experience with these while improving security while you're visiting the forums. A secondary goal is to improve your privacy and experience. For example, I plan to use the Feature-Policy header to disable camera, microphone, and payment APIs, as well as media autoplay. The first three are entirely about potential compromise of the forums (which would likely happen through PHP code changes while modifying headers would require root access), while the autoplay restrictions are a quality of life thing. Feature-Policy is still new and in development and no browser completely supports all of it, so that is the most likely to cause issues.

I'll provide more updates as things happen so you can report any issues more effectively. If you run into any questions or problems, send them my way.
If I show up at your door, chances are you did something to bring me there.

User avatar
FirebirdNC
Mad Hatteras
Posts: 1857
Joined: Tue Feb 13, 2007 3:00 pm
Real Name: Jennifer
Gender: Female
Location: Hatteras,NC

Re: Upcoming changes (and possible breakage)

Post by FirebirdNC » Mon Apr 01, 2019 10:19 am

I understood none of those things, but I am glad that you do and are willing to keep running a tight ship.
~Insert clever bon mot here~

User avatar
Deacon
Shining Adonis
Posts: 44007
Joined: Wed Jul 30, 2003 3:00 pm
Gender: Male
Location: Lakehills, TX

Re: Upcoming changes (and possible breakage)

Post by Deacon » Mon Apr 01, 2019 6:56 pm

*like*
The follies which a man regrets the most in his life are those which he didn't commit when he had the opportunity. - Helen Rowland, A Guide to Men, 1922

User avatar
Martin Blank
Knower of Things
Knower of Things
Posts: 12513
Joined: Fri Feb 07, 2003 4:11 am
Real Name: Jarrod Frates
Gender: Male
Omnicode: sxy cm163 kg76 eso.#_glasses sp= Ag1974.October anE hdd Zot RlM Kd1y PeC&C FHb IN14 PrPython(3)^(7)&C(2)^(5)&C++(2)^(7)&JavaScript(2)^(5)&Ruby(1)^(5)&PHP(2)^(5) GM-6DN LAEN(9)&ES(2)^(6)&EO(1)^(7) Crc(6).Security MvD BA! PlM
Location: Dallas, TX
Contact:

Re: Upcoming changes (and possible breakage)

Post by Martin Blank » Mon Apr 01, 2019 8:16 pm

One thing I can't do just yet is upgrade to PHP 7.3. It's on the server, but an older module is active because phpBB doesn't support 7.3 yet and won't until 3.3 because of dependencies.
If I show up at your door, chances are you did something to bring me there.

nosystemd
Crazy Person
Posts: 23
Joined: Thu Jan 24, 2019 2:27 am
Omnicode: -Begin OmniCode! version 0.1.7 ----------------
sxy spO.pan anC rl? Pll PrFig
-End OmniCode!--------------------------------
Contact:

Re: Upcoming changes (and possible breakage)

Post by nosystemd » Tue Apr 02, 2019 2:27 am

Good luck!

Post Reply

Who is online

Users browsing this forum: No registered users and 13 guests