[JoPP-Public] New theme for JoPP website [was: Re: Jopp Web Site: Server error 503]
Dr. Peter Troxler
trox at fabfolk.com
Wed Oct 14 08:19:35 CEST 2015
Hi all
have you considered generating static html for the public site from a non publicly accessible site with the current theme?
this could be a quick and easy to implement workaround, check wordpress.org <http://wordpress.org/> for corresponding plugins
/ Peter
> On 14 Oct 2015, at 05:54, Mathieu ONeil <mathieu.oneil at anu.edu.au> wrote:
>
> Hi all
>
> Javier (who looks after P2P Foundation servers) has investigated and reported that the JoPP website has been compromised. He has taken steps to fix this: thank you so much Javier!
>
> An urgent task is that we need to change the WordPress theme as this appears to be a source of the problem. I feel bad about this for the Fem(un)hack eds who are, very naturally, experiencing anxiety about this hiccup. At the same time, we are all volunteers and sometimes in volunteer projects things take a bit longer to fix. But, they will be fixed. On the positive side (for me) I'm happy to change themes.
>
> From Javier:
> "The peerproduction.net website was hacked sometime in the summer. There's a persistent vulnerability in the theme in use, which apparently hasn't been updated in a while and is unsupported. I've ported all content to the P2PF webserver. Of course, I didn't copy over the theme nor any other infected files. I also brought over the surveys website and updated its plugins, and apparently this broke the layout slightly. I didn't enable the php-exec plugin, which represents a serious security vulnerability.
>
> In peerproduction.net I enabled the default WordPress theme for the time being. For best support, you can pick any GPL theme from https://wordpress.org/themes/ . If you'd like you may pick a commercial theme from https://www.elegantthemes.com/gallery/ and use it through my own developer license.
>
> In short, peerproduction.net needs to be adapted to use a newer theme, and the layout on surveys.peerproduction.net should be updated to use the newer widget library. All in all, it would be good to check out the whole websites to make sure that no spam or infected content made it trough.
>
> James already updated the DNS records and they should propagate shortly, making the new websites generally available. I'm flipping the switch for the old ones so that people don't update them inadvertently in the meantime."
> [end quote]
>
> From this, four things:
>
> A-THEMES
> So, the sooner we pick a theme, the better. I prefer a minimal style with some space for the eye to rest. Specifically, I like these:
> https://wordpress.org/themes/twentyten/
> https://www.elegantthemes.com/gallery/vertex/ [though not sure about the mountain pic - a bit cliche?]
> As time is of the essence, anyone who feels strongly about this, please give your opinion about this before Friday 16 October 3pm GMT.
> Once opinions have been heard the editorial team will make a decision and inform Javier.
>
> B-SURVEYS
> Though the surveys.peerproduction.net was set up as a subdomain of peeproduction.net we do not run it or have anything to do with it. I guess Jarkko Moilanen needs to fix his widget, advise Javier asap if there is an issue, or if the site is inactive, cut it loose?
>
> C-WEBMASTER
> This is a recurring issue. Some of us know some things but no-one seems to know enough. We need to find a solution, so will be communicating privately with people who are able to help.
>
> D-PROXY SITE
> maxigas mentioned he set up a proxy prior to JoPP 5 going live. Is it worth doing now for fem(un)hack or does the current situation prohibit this? thanks for advising.
>
> cheers,
>
> Mathieu
>
> ________________________________________
> From: jopp-public-bounces at lists.ourproject.org <jopp-public-bounces at lists.ourproject.org> on behalf of stoopt <stoupin at riseup.net>
> Sent: Tuesday, October 13, 2015 11:17
> To: jopp-public at lists.ourproject.org
> Subject: [JoPP-Public] Jopp Web Site: Server error 503
>
> Hi all,
>
> We, the Feminism and (Un)hacking editors, have started uploading papers
> for our upcoming release. Unfortunately there seems to be a problem with
> the server at the moment. A 503 error. Can someone look into this please?
>
> Much appreciated,
> Sophie
>
> _______________________________________________
> JoPP-Public mailing list
> JoPP-Public at lists.ourproject.org
> https://lists.ourproject.org/cgi-bin/mailman/listinfo/jopp-public
>
> _______________________________________________
> JoPP-Public mailing list
> JoPP-Public at lists.ourproject.org
> https://lists.ourproject.org/cgi-bin/mailman/listinfo/jopp-public
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.ourproject.org/pipermail/jopp-public/attachments/20151014/8fc64f3f/attachment.htm
More information about the JoPP-Public
mailing list