4.6 KiB
2020-07-14
- Tech Initiative Sync-Up
- Sites release
- CAPI pages
- Fixing mail-relay issues
- Compromised Account Credentials
Tech Initiative Sync-Up
SCHEDULED: <2020-07-14 Tue 09:30>
Control Panel Dockerization progress
Nearly done, just need to test and iron out issues sending legacy mail via the Mail Relay service.
Migrating legacy emails to Corporate Notifications
Meghan will assist to label notifications as internal or external.
Replace direct consul usage with templated configuration files
Tickets to be created.
Sites deployment pipeline
The sites deployment will continue to be triggered exclusively by Jenkins, which will trigger the associated control-panel deployment in Gitlab.
ICON support
Coordinating with Gavin.
Ops initiatives
COI Message Editor Preact to React
Sites release
SCHEDULED: <2020-07-14 Tue 14:00>
- tags
- Sites Releases
| Issue | Status | Summary |
|---|---|---|
| CC-5333 | Closed | UI For Adding/Customizing Landing Page Subdomains |
| CCPANEL-10555 | Awaiting Release | Add WPMU DEV to Partner Offers Pages (Both User and Public Partner pages) |
| CONV-3961 | Awaiting Release | Add package ID to AW.vars |
| CONV-3977 | Raw | Design improvements to /users/upgrade form |
| CONV-3978 | In Development | Add sift JS to /free.htm |
| CONV-3979 | Awaiting Release | Freemium account creations is sending bogus data to Sift.com. Fix that. |
Please review your tickets and ensure that only code related to Freemium that is ready to release is in the sites master branch. The master branch will be tagged and released at 2pm.
Sites is scheduled to be released at 2:00pm today. If you have any changes that are not related to Freemium, please revert them if you haven't already.
- CC-5333
- CCPANEL-10555
- CONV-3961
- CONV-3977
- CONV-3978
- CONV-3979
Released at [2020-07-14 Tue 14:11].
CAPI pages
[2020-07-14 Tue 12:11] A variety of alerts went off in Pagerduty, seemingly caused by work being done on the old RabbitMQ nodes as part of the Migration to common RabbitMQ project. A rolling restart of CoreAPI successfully addressed the issues.
Fixing mail-relay issues
Working with Ryan Steele and Eric Toner to resolve issues sending mail with the Mail Relay service.
The staging environment, Momentum will not send to aweber.com, only aweber.net. Very few external domains are allowed to avoid accidentally emailing customers.
Mail seems to be working fine in production.
[2020-07-14 Tue 14:24] Working with Eric Toner and Chris Fox to test account signup to verify that billing and invoice receipt emails are going out properly.
Documented steps for Refunding an Order.
We saw the emails succeeding, but not hitting the relay. It turned out the X-Kube header wasn't actually being used. Getting that enabled led us to see the NUE experience being broken.
Compromised Account Credentials
Considering forcing password reset on next login based on login attempt throttling by user / IP.
[2020-07-14 Tue 22:00]
Added a temporary logging change, determined that the attacker is using the same
SIFT id on all requests(Al9h1qsyeZcUYlB6VPnE6736i-by7fG1). Added it to the
blocked SIFT id list.
Proposed changes to the Login Throttling code that were hacked together tonight include forcing password reset on next login when:
- 20 login attempts within 30 minutes for the same username
- 20 login attempts within 30 minutes from the same IP address
- Any login attempt from a GeoIP-detected IP address that does not match the country of any attached account.