malicious stuff – it’s real

sguil_rocksOn our little company blog on our tiny corner of the Internet (relatively speaking I guess) this is the current reality. Mind you this is just our blog and not attacks on our site or on client sites.

Tendenci blog stats – blog.tendenci.com
132,055 Blocked malicious login attempts
282,058 Spam comments blocked by Akismet

#joy

Note that Tendenci is not a blog platform – it’s on Python and Django and open source https://github.com/tendenci – but our blog is on wordpress as my personal blog is. WordPress is doing an amazing job fighting hard against the constant php attacks.

The numbers above speak for themselves. I still think WordPress is the best blogging platform out there. But just WOW. I just don’t know that people understand what they are up against.

Yes I’ll share some of the data on attacks on our cloud infrastructure which aren’t that far off as a percentage. This is just me pointing out that the Internet isn’t a nice place. If you have a WordPress blog I HIGHLY recommend you install JetPack from WordPress (free) as well as Securi. It’s worth it.

Rolling out Docker Swarm for Clients Seeking Higher Availability

Tendenci is rolling out Docker Swarm in our cloud data centers for clients seeking higher availability. What is docker swarm? It looks like this:

Docker Swarm

For more on docker-swarm, I recommend this slideshare for an overview.

This is just part of our efforts at Tendenci to avoid downtime from the inevitable security updates. More on this to follow as we continue to review automatic security updates causing unintended consequences at times.

Docker Server outage Sunday May 8th 11:10pm – May 10th 2:15pm

An automatic security update installed on one (1) of the Tendenci Docker servers in our AWS US-East data center on Sunday May 8th at approximately 11:10pm CST.

The update included changes to the file system to increase security. The automatic conversion took significantly longer than prior updates resulting in some sites being offline during this time period.

Reference the release notes on Dockers 1.11.1 here for more technical detail: https://github.com/docker/docker/releases/tag/v1.11.1

Security can not and will not be compromised. Our focus instead is on redundancy (multiple copies of sites/automatic fail over).

Our response will be explained further when our after-action incident review is complete.

Get Important Info to Your Community Through the Storms – Emergency Announcements Module

I am proud to have called Houston home for the last three years for many reasons.

Houston is home to the Astros and the Texans. We are known for our great bbq, arts, and Beyonce. (Perhaps you have heard of her? “She is Texas forever like Bun B”.)

Houston is also sometimes home to lots and lots of rain.

Today, we have received over a foot of rain and many Houston businesses and organizations have delayed operations for the day due to flooding on the roads.

It can be challenging in a situation like this to get information out to the public and your staff, which is why we built the Emergency Announcements module into the Tendenci software.

Emergency Announcements is a feature that allows you to quickly post an update on the top of your site, so that you can get important information out to your community.

2016-04-18_1239

 

 

To access this feature, navigate to www.your_url.com/admin/announcements/emergencyannouncement/

emergencyannouncement

The standard content editor will allow you to format your content for your announcement.

Are you cancelling activities?

Who should someone call or email if they have questions?

Is everyone in your organization safe from the storms?

All of this information is important to get out to your community and the Emergency Announcements will allow you to place it front and center on your website.

If you need to get information out to your community today, the Emergency Announcements feature is a great tool to utilize.

Stay safe and dry Houston!

 

rolling outages today and tomorrow April 16 for additional security precautions

Dear clients – we will be doing some unscheduled maintenance to build out a more redundant infrastructure. Specifically this means the network team is making copies of entire servers to so they can be brought back up in the case of a security issue quickly and easily.

The decision to create the extra server images in addition to the normal site backups was made based on security information we received from official and unofficial sources. We recognize any outage is an inconvenience and will work to keep security as our top priority.

The ETA for outages is approximately 30 minutes per server. Most likely less as our cloud is fairly distributed.

I am typing this at 5:40 PM on Saturday April 16 CST 2016. I will keep updating this same blog post as we get better data on timelines.

5 Things to Know About The Upgraded Content Editor

We here at Tendenci are excited to announce that the content editor has a new look!

WYSIWYGeditor

Your content editor is one of the most frequently utilized features in your Tendenci website.

We’ll be rolling this new content editor out to sites in the next few weeks.

Here are a few things to know about your updated editor:

  1. Inserting videos into content is much easier

insert video

 

2. Utilize Anchors To Help Users Navigate Around Pages

An anchor is an attribute that links an element on your page to text or an image on the same page.

To use the anchor feature in your editor:

Highlight text and select “Anchor” from your Insert drop down.

Name your anchor in the window that appears.

anchor1

Highlight text on another area of the page and click on insert/edit link from your Insert drop down.

Anchor2

Select the name of your Anchor from the Anchors drop down menu.

3. Edit your content in HTML and upload docs from new locations

Want to play around in the HTML of your page?

You can now do so via the below icon.

sourcecode

 

Upload documents that are not images via the insert/edit link from your Insert drop down.

 

insertlink1

Click the file icon to upload documents.

insertlink

Upload your document and title your file.

file name

 

4. New formatting options

There are new formatting options available to you through the Formatting drop down.

formatting options1

You can also add background colors to format your text.

formatting2

5. See html styling elements while editing

The “Show Blocks” View option allows you to see what html attributes are being applied to the different areas of your content.

showblocks

 

Do you like the new editor or have questions?

Leave us a comment below or contact us at tendenci.com/contact

 

Let’s Encrypt Passes 1 Million SSL Certs (thanks Shelly Palmer!)

Encryption is a good thing. You should if you don’t already, encrypt your website with SSL.

Excuses? Nope. As usual, we always learn something from Shelly Palmer’s Strategic Advisor newsletter. And today is was some wonderful news! The EFF‘s efforts with Let’s Encrypt is producing some great results.

letsencryptLet’s Encrypt just passed 1M SSL certificates issued for FREE.

That means anyone can get a secure site, the ones with the lock in the URL on the top left like your bank, without paying for the certificate itself. Pretty cool accomplishment!

letsencrypt1millioncerts

And a definite tip of the hat to Shelly for pointing it out!

 

AUFS and Docker Deployment (Developer Track)

The AUFS file system, part of what gives us C-Groups, now called containers, now called Dockers, etc, but it is the onion-style file system that gives Dockers (we’re gonna just settle on calling them dockers) their magical powers.

AUFS on Ubuntu for Dockers
AUFS FIle System with Dockers. Not your ordinary file system

This can lead to some very unexpected results, for example deleting a file in container “X” will appear to delete it. However let’s presume the previous base box “A” had the file and you want to make an new image and container from “A”. You might presume that file “abc” was deleted from all of the layers. But with AUFS that isn’t how works. You either keep layering up (meaning build your new site as a container from an image of the latest container you were working on.

This layering is a critically important concept to fully understand if you are working with dockers and the aufs file system. Rather than take my amateur explanation of it, I’ll refer you to the full docs on and let you go from there. Just *please* don’t overlook file system layers in AUFs when trouble shooting issues with containers.

UCOA-Unified Chart of Accounts for NPOs

Short version: Unified Chart of Accounts for NPOs

“Hey y’all, let’s all adopt the Unified Chart Chart of Accounts and save time and energy to focus on our causes!

Long version:

Dear Board of Directors, Executive Director, long time accountant, and major donors. Let’s all adopt the Unified Chart Chart of Accounts and save time and energy to focus on our causes!

Wouldn’t it be better if at least reviewing the financials was simplified so you could focus on your cause? Here is a partial solution:

Unified Chart of Accounts for NPOs
National Center for Charitable Statistics UCOA

The big organizations know, but for smaller NGOs, did you know that the National Center for Charitable Statistics has published an open source/free/please-use-it Unified Chart Chart of Accounts JUST FOR YOU!

Like many of the folks reading this blog, living the life of adventure which accompanies working with worldwide NGOs, we serve on a lot of boards and sponsor a lot of activities for the greater good. We love that part of our responsibilities!

OK, maybe we just agree on the need.

A board member must understand their serious and legal responsibility to provide financial stewardship and demonstrate strong fiduciary responsibility to the organization. While not losing site of the goals.  Nothing “returns to your soul” like giving of your time and energy. It comes back to us all big time as long as it is fulfilling.

May your organization never again lose a board member to the tedium of going through financials printed out of Excel that have evolved from double entry accounting as fast as Moore’s law to quantum accounting for no reason at all. Simplify with the Unified Chart of Accounts. Even if the rules are constantly changing on you.

….to think they can change the world

“Because the people who are crazy enough to think they can change the world are the ones who do.”