Database Errors

I restarted the database only to discover it had eaten itself, or more specifically its access permissions. For a while it wouldn’t come up at all, and then when it did, none of the scripts could connect because the access control lists were gone…

These are now restored so everything should be working, but if you get repeated errors that are due to the database, please drop us a line.

Steve

Planned Downtime

We are moving the deardiary.net server onto a machine thats got faster hard disks and more of them…

In theory this shouldn’t take long, but we all know the wild difference between theory and practise 😉

So. A heads up, the site will be going down fairly shortly (once I am satisfied that other sites we’re running have successfully ported to a new machine). I wouldn’t imagine it taking longer than a couple of hours to get everything moved across…

Fingers crossed.

Steve.

Reader Comment Saga

As most of you are probably aware, the Reader Comments subsystem is presently disabled – here’s a brief explanation of why, without giving too many details.

We’ve received a few emails from people that aren’t quite clear on what the problem actually was, saying that people should only allow authenticated comments if they’re having problems and that its the diarists responsibility to sort these things out etc. Here’s whats really going on;

The security breach is that people can leave AUTHENTICATED comments and appear to be someone else. This means that even though the diarist has authenticated comments only allowed, someone can appear to be someone else. Worse than that, the someone else has no idea they are being impersonated, and of course since the comment is authenticated, the diarist totally believes the person is who (s)he appears to be.

Unfortunately this particular problem is a significant hole in our system that can be exploited. If we continued to allow it to be exploited, we would be legally liable. That position is untenable to us, and the other solution would be to close the entire site, which is clearly a worse solution than disabling reader comments for a few weeks.

We will get the problem resolved, the solution is fairly straightforward, but unfortunately time consuming (we need to implement some significant extra checks at the ‘updateuser’ script level). We’re right in the middle of migrating ALL of our sites to new servers for performance and administration reasons and this couldn’t have come at a worse time for us. The ONLY option at the moment is to disable reader comments. However, they will return, once we have a chance to breathe :-)

Regards,

Steve.

Unprecedented Disaster

Yesterdays system administration efforts were an unprecedented disaster and caused a significant unplanned downtime, for which we sincerely apologise.

It had been intended to move a couple of unrelated web sites from the server that runs DearDiary, to another server. However, for some odd reason, which is still as yet unknown, doing so caused the failure of the DearDiary server with some very strange effects.

No data was lost.

In the end, the system was restored by re-adding the other sites back to the DearDiary server… We will try again another day, with a bit better plan.

Apologies for the downtime.

Steve.