New website version coming
Forum rules
The News forum is only for updates about the Prohashing pool.
Replies to posts in this forum should be related to the news being announced. If you need support on another issue, please post in the forum related to that topic or seek one of the official support options listed in the top right corner of the forums page or on prohashing.com/about.
For the full list of PROHASHING forums rules, please visit https://prohashing.com/help/prohashing- ... rms-forums.
The News forum is only for updates about the Prohashing pool.
Replies to posts in this forum should be related to the news being announced. If you need support on another issue, please post in the forum related to that topic or seek one of the official support options listed in the top right corner of the forums page or on prohashing.com/about.
For the full list of PROHASHING forums rules, please visit https://prohashing.com/help/prohashing- ... rms-forums.
- Steve Sokolowski
- Posts: 4585
- Joined: Wed Aug 27, 2014 3:27 pm
- Location: State College, PA
New website version coming
There's a new version of the website being released right now.
There are a few changes to this version. First, we are preparing for the next mining server release. This version prepares for removal of some data from the website that is rarely used, and which increases system load by requiring copying strings and uses up disk space. Examples include share start times (end times are still retained) and block hashes of each share.
Second, while I was looking for bugs to fix this morning, I discovered that there were many errors in the Tomcat logs caused by IP addresses that repeatedly trying passwords for many accounts. After brainstorming how to reduce the number of password trials, we decided on a new invalid_password_attempts table, which limits the number of invalid password attempts to 100 per day per IP address. We can't limit password attempts by user, because then these IP addresses could just lock out users for the day.
We'll see if that reduces the number of E-Mails Chris is receiving about changed payout addresses. This, combined with the use of two-factor authentication unique passwords, should make it nearly impossible for criminals to access an account that takes these basic precautions. Criminals continue to steal money from users who reuse passwords previously used at other sites, and they have made off with nearly $10,000 so far.
The site will be down for a few minutes while it reloads. Normal users should not notice any difference from these changes.
The next security feature will be "Block Tor Access," which I assigned to Michael, and hopefully he'll be willing to do it next weekend. We'll enable this by default. When enabled, Tor users won't be able to login to your account, preventing thieves from retaining their anonymity behind exit nodes and making it easier for the police to follow up on these reports.
There are a few changes to this version. First, we are preparing for the next mining server release. This version prepares for removal of some data from the website that is rarely used, and which increases system load by requiring copying strings and uses up disk space. Examples include share start times (end times are still retained) and block hashes of each share.
Second, while I was looking for bugs to fix this morning, I discovered that there were many errors in the Tomcat logs caused by IP addresses that repeatedly trying passwords for many accounts. After brainstorming how to reduce the number of password trials, we decided on a new invalid_password_attempts table, which limits the number of invalid password attempts to 100 per day per IP address. We can't limit password attempts by user, because then these IP addresses could just lock out users for the day.
We'll see if that reduces the number of E-Mails Chris is receiving about changed payout addresses. This, combined with the use of two-factor authentication unique passwords, should make it nearly impossible for criminals to access an account that takes these basic precautions. Criminals continue to steal money from users who reuse passwords previously used at other sites, and they have made off with nearly $10,000 so far.
The site will be down for a few minutes while it reloads. Normal users should not notice any difference from these changes.
The next security feature will be "Block Tor Access," which I assigned to Michael, and hopefully he'll be willing to do it next weekend. We'll enable this by default. When enabled, Tor users won't be able to login to your account, preventing thieves from retaining their anonymity behind exit nodes and making it easier for the police to follow up on these reports.
- Steve Sokolowski
- Posts: 4585
- Joined: Wed Aug 27, 2014 3:27 pm
- Location: State College, PA
Re: New website version coming
This version was just released.
- VanessaEzekowitz
- Posts: 24
- Joined: Sun Apr 16, 2017 4:01 pm
Re: New website version coming
Steve, I asked a couple of times before and never got a reply: How about moving the realtime chat off of the website? Move it over to IRC, in some channel on Freenode. That'll save a tiny bit of load on the website, as well as some headaches I'm sure.
Join Hashflare, make some money, and help a crabby old battle axe earn too, using my referral link:
https://hashflare.io/r/19027B79
https://hashflare.io/r/19027B79
-
- Posts: 646
- Joined: Sun Apr 16, 2017 3:01 pm
Re: New website version coming
i answered you and said the ajax chat does nothing for load on the server, and using irc or another service just means another thing members have to create an account for, in turn will make the community smaller because of all the account requirementsVanessaEzekowitz wrote:Steve, I asked a couple of times before and never got a reply: How about moving the realtime chat off of the website? Move it over to IRC, in some channel on Freenode. That'll save a tiny bit of load on the website, as well as some headaches I'm sure.
- VanessaEzekowitz
- Posts: 24
- Joined: Sun Apr 16, 2017 4:01 pm
Re: New website version coming
You don't create accounts to use IRC, you just tell your IRC client what server, channel, and nick to use.
Join Hashflare, make some money, and help a crabby old battle axe earn too, using my referral link:
https://hashflare.io/r/19027B79
https://hashflare.io/r/19027B79
-
- Posts: 646
- Joined: Sun Apr 16, 2017 3:01 pm
Re: New website version coming
the take-away is the ajax chat has no affect on server load and introducing additional softwares cause more people not to bother, community size decreasesVanessaEzekowitz wrote:You don't create accounts to use IRC, you just tell your IRC client what server, channel, and nick to use.
- VanessaEzekowitz
- Posts: 24
- Joined: Sun Apr 16, 2017 4:01 pm
Re: New website version coming
Actually, it does have some load on the server, because you often have to reload the page to get new chat messages to show up. I get your point though. Maybe some kind of IRC gateway into that chat would be a nice middle-ground? Can you tell I hate using websites for chat?
Join Hashflare, make some money, and help a crabby old battle axe earn too, using my referral link:
https://hashflare.io/r/19027B79
https://hashflare.io/r/19027B79
- Steve Sokolowski
- Posts: 4585
- Joined: Wed Aug 27, 2014 3:27 pm
- Location: State College, PA
Re: New website version coming
I don't think this will make a big enough difference in the system load, as chat is a very minor contributor to CPU usage, but thanks for the suggestion.VanessaEzekowitz wrote:Steve, I asked a couple of times before and never got a reply: How about moving the realtime chat off of the website? Move it over to IRC, in some channel on Freenode. That'll save a tiny bit of load on the website, as well as some headaches I'm sure.