Forums
First  <<>>  Last
Forum Main>>Announcements>> Note: Quick update
Chedburn

ID: 1
Level: 35
Posts: 7252
Score: 12641
Chedburn [1]Reply | Quote | Report

Thread created on Wed Jun 12, 2013 22:31:44
Last replied to on Wed Jun 12, 2013 23:31:44
Hello,

Just thought I'd fill you in on some things we've been up to over the past few days.

BBcode & text
We made the decision to toughen our security by very strictly limiting our filters. This has no doubt temporarily broken most BBcode across the site, and makes some text characters look weird. This is all expected and planned, we've begun a series of steps which will radically change the filtering method the site uses for user text input. The end goal is to have the entire site fully secure from XSS, injection and other malicious attacks - while allowing users access to every character / special characters available. This means not only a brand new BBcode with perhaps even more features - but you'll even be able to make heart symbols with characters again.; How long this process will take depends on how quickly we can find a developer for the job - we already have a couple in mind and are awaiting their responses. If they're available, this should hopefully be completed in under a week, but time frames are always hard to give.

If you can suffer without BBcode for a week, we'd be grateful!

Chat
Chat has been a nightmare, and the developers assigned to this are totally burnt out. It's one serious problem after another, and I've counted about 6 serious problems in the past couple of weeks. One minute it's working flawlessly, the next it's disappearing for some users and taking 10 seconds to send a message. These guys are pros too!

I personally can't wait for a fully reliable and 100%; operational chat system, because it has the potential to be something great. We have a full design plan for upcoming patches and they really will revolutionise chat, but only when it's working well!

Hacks
For now we've protected ourselves against 13 year old children and DDoS attacks. Although a call to their mother wouldn't hurt! Protection has been added and we've taken the necessary steps to prevent cross-site scripting (;at the same time temporarily breaking bbcode);. It's frustrating, but we always expect these kind of things to happen. I'm just grateful we have a robust backup system which we're still always improving. The only 100%; effective solution to attacks, is a great backup system. This means after an attack, we can view the logs to see what they did - fix it - and then restore a backup if we need to. Losing 1-24 hours at optimal isn't ideal, but it's a lot better than doing a total reset of all users back to level 1, which obviously is never going to happen.

Progress on updates
Progress is going great and the developers are really settling in nicely. Development on RESPO started reaching full momentum at the start of April and we've been adding new developers pretty much every month since then. We now have a dedicated team of 7 developers working solely on RESPO. We've been making weekly updates on our facebook page, showing off some of the recently finished pages. There is of course no timeline for this, it's really a very-long-term project.

RESPO pretty much launches Torn ahead of almost all websites out there and is the start of something really special. When it launches it may just be a pretty site, making some things nicer and easier... but it lays the foundation for infinite expansion, and removes all restrictions we had before. It truly is the biggest single update we've ever made - by about tenfold.

Way before RESPO is released, I'm currently working on a new 'Companies 1.5' update which will revolutionise the current system, totally changing the way companies work. I'm going to somehow release this while using a development server which is dramatically different from it's live counterpart. This is the bedrock for Companies 2.0, which will later involve 10 star ratings and new specials.

What else?
I think that's about it for now. We've had a flurry of site issues over the past week, but it all seems to be clearing up now. You've probably noticed them if you're an active player.
- 504 errors
- Random lag
- 5 minute kick for being mistaken as a DDoS
- Broken text
- Broken BBcode
- Errors on front page
- Random errors all over the site
- Chat down
- Chat lagging
- Random logouts
- Broken images
- Broken Captcha
- Crons down
- Server crashes
- DDoS attacks
- XSS attacks

It's been one of the toughest weeks on record, but hopefully it's all up from here. I remember a 6 month period about a year ago where everything was fast and flawless, hopefully we can get that back at some point.

Thanks.







Ched.jpg
Forum Main>>Announcements>> Note: Quick update
First  <<>>  Last

This thread has been locked.