98 lines
4.6 KiB
Org Mode
98 lines
4.6 KiB
Org Mode
:PROPERTIES:
|
|
:ID: 94c0bb8c-f9ed-46cb-89da-3eb7cacc4c1d
|
|
:END:
|
|
#+title: 2020-07-14
|
|
|
|
* Tech Initiative Sync-Up
|
|
SCHEDULED: <2020-07-14 Tue 09:30>
|
|
|
|
** [[id:57ee2f00-9bcd-4e0f-8a77-ae1f2d4cda89][Control Panel]] Dockerization progress
|
|
Nearly done, just need to test and iron out issues sending legacy mail via the
|
|
[[id:24578fe5-6ca0-4000-a7cd-201e952e4c76][Mail Relay]] service.
|
|
** Migrating legacy emails to [[id:32c66bc8-a397-4f50-96cd-2aec70dd14c5][Corporate Notifications]]
|
|
Meghan will assist to label notifications as internal or external.
|
|
** Replace direct consul usage with templated configuration files
|
|
Tickets to be created.
|
|
** Sites deployment pipeline
|
|
The sites deployment will continue to be triggered exclusively by Jenkins, which will trigger the associated control-panel deployment in Gitlab.
|
|
** ICON support
|
|
Coordinating with Gavin.
|
|
** Ops initiatives
|
|
- [[id:ac416861-ce45-49ac-8b60-f8ea39362135][Migration to common RabbitMQ]]
|
|
- [[id:592aa825-154c-4659-8193-75b0ce1f2e5c][PGBouncer port migration]]
|
|
|
|
** COI Message Editor Preact to React
|
|
|
|
* Sites release
|
|
SCHEDULED: <2020-07-14 Tue 14:00>
|
|
- tags :: [[id:6c7250d0-6871-4030-98f2-2a53c6ca5eb3][Sites Releases]]
|
|
|
|
| Issue | Status | Summary |
|
|
|---------------+------------------+---------------------------------------------------------------------------|
|
|
| CC-5333 | Closed | UI For Adding/Customizing Landing Page Subdomains |
|
|
| CCPANEL-10555 | Awaiting Release | Add WPMU DEV to Partner Offers Pages (Both User and Public Partner pages) |
|
|
| CONV-3961 | Awaiting Release | Add package ID to AW.vars |
|
|
| CONV-3977 | Raw | Design improvements to /users/upgrade form |
|
|
| CONV-3978 | In Development | Add sift JS to /free.htm |
|
|
| CONV-3979 | Awaiting Release | Freemium account creations is sending bogus data to Sift.com. Fix that. |
|
|
|
|
Please review your tickets and ensure that only code related to Freemium that is
|
|
ready to release is in the sites master branch. The master branch will be tagged
|
|
and released at 2pm.
|
|
|
|
----------------------------------------------------------------------
|
|
|
|
Sites is scheduled to be released at 2:00pm today. If you have any changes that are not related to Freemium, please revert them if you haven't already.
|
|
- CC-5333
|
|
- CCPANEL-10555
|
|
- CONV-3961
|
|
- CONV-3977
|
|
- CONV-3978
|
|
- CONV-3979
|
|
|
|
----------------------------------------------------------------------
|
|
|
|
Released at [2020-07-14 Tue 14:11].
|
|
* CAPI pages
|
|
[2020-07-14 Tue 12:11]
|
|
A variety of alerts went off in [[id:ebea379a-8fa6-4e22-9275-a9fc98c02804][Pagerduty]], seemingly caused by work being done
|
|
on the old RabbitMQ nodes as part of the [[id:ac416861-ce45-49ac-8b60-f8ea39362135][Migration to common RabbitMQ]] project. A
|
|
rolling restart of [[id:e4d00c11-da8a-4c91-8f38-ce939846e5cb][CoreAPI]] successfully addressed the issues.
|
|
|
|
* Fixing mail-relay issues
|
|
Working with Ryan Steele and Eric Toner to resolve issues sending mail with the
|
|
[[id:24578fe5-6ca0-4000-a7cd-201e952e4c76][Mail Relay]] service.
|
|
|
|
The staging environment, [[id:e1b95d0e-366e-4ecf-b867-409b6b6c6ee8][Momentum]] will not send to aweber.com, only aweber.net.
|
|
Very few external domains are allowed to avoid accidentally emailing customers.
|
|
|
|
Mail seems to be working fine in production.
|
|
|
|
[2020-07-14 Tue 14:24] Working with Eric Toner and Chris Fox to test account
|
|
signup to verify that billing and invoice receipt emails are going out properly.
|
|
|
|
Documented steps for [[id:7a362881-875f-4f74-8053-55f63826da63][Refunding an Order]].
|
|
|
|
----------------------------------------------------------------------
|
|
|
|
We saw the emails succeeding, but not hitting the relay. It turned out the
|
|
X-Kube header wasn't actually being used. Getting that enabled led us to see the
|
|
NUE experience being broken.
|
|
|
|
* Compromised Account Credentials
|
|
|
|
Considering forcing password reset on next login based on login attempt
|
|
throttling by user / IP.
|
|
|
|
[2020-07-14 Tue 22:00]
|
|
|
|
Added a temporary logging change, determined that the attacker is using the same
|
|
SIFT id on all requests(=Al9h1qsyeZcUYlB6VPnE6736i-by7fG1=). Added it to the
|
|
blocked SIFT id list.
|
|
|
|
Proposed changes to the [[id:d17e934b-b340-4246-88f0-9b36527100c0][Login Throttling]] code that were hacked together tonight
|
|
include forcing password reset on next login when:
|
|
- 20 login attempts within 30 minutes for the same username
|
|
- 20 login attempts within 30 minutes from the same IP address
|
|
- Any login attempt from a GeoIP-detected IP address that does not match the
|
|
country of any attached account.
|