Update svn1 node versions for Gutenberg

As per #4974-meta for future Core builds the NodeJS/NPM versions will need bumping for proper Gutenberg building. The PR won’t be merged prior to the svn build servers being updated.

Gutenberg now requires Node.js 12.x and npm > 6.9.x and the “build server” requires updating to accommodate this.
At the time of creating this ticket:
* the latest Node.js LTS release is 12.14.1 https://nodejs.org/en/
* the latest npm release is 6.13.6 https://blog.npmjs.org/
See also: https://github.com/WordPress/gutenberg/pull/19680

For any questions, you’ll need to follow up with someone more involved with Gutenberg development, see the above Trac ticket or Gutenberg PR.

#prio1

#4974-meta

WordCamp.org slow load times

I’ve been noticing intermittently slow load times for wordcamp.org lately, and others have reported it as well.

Most of the times things are normal, but when it happens the page takes 10-30 seconds to load. While it’s going on, it seems like any page I visit is slow (e.g., 2020.asia.wordcamp.org/wp-admin and also 2019.seattle.wordcamp.org/contact). Then it resolves itself after a minute or so.

I noticed it this morning around 7:40am Pacific.

Because all requests are affected, it doesn’t feel like a slow MYSQL query. I’m wondering if it’s a DDoS that was automatically mitigated?

Do we have any logs that would give clues? I don’t see anything in the Slack channels. Or do you have any other ideas?

#prio2

Can I please have commit…

Can I please have commit access granted to bbpress.svn.wordpress.org for the WordPress.org username casiepa?

Pascal has been contributing to localizing bbPress and moderating the forums for several years. He’ll be helping the rest of the team maintain strings going forward.

(He has secure passwords on his WordPress.org, Slack, and GitHub accounts.)

#bbpress, #commit, #prio3

New SSH key for Timi Wahalahti

Was @sippis‘ proxy access automatically blocked (maybe similar to a few people last month)?

We’ve been trying to get it working on his new machine (using his old key), but haven’t been able to. Here’s the output with ports 8080 and 8090; I think they’re both supposed to work, but not sure.

$ ssh -vvv -ND 8080 -p22 -i worgproxy_rsa sippis@proxy.wordpress.org
OpenSSH_7.9p1, LibreSSL 2.7.3
debug1: Reading configuration data /Users/sippis/.ssh/config
debug1: /Users/sippis/.ssh/config line 1: Applying options for proxy.wordpress.org
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 48: Applying options for *
debug1: Connecting to proxy.wordpress.org port 22.
debug1: Connection established.
debug1: identity file worgproxy_rsa type 0
debug1: identity file worgproxy_rsa-cert type -1
debug1: identity file /Users/sippis/.ssh/worgproxy_rsa type 0
debug1: identity file /Users/sippis/.ssh/worgproxy_rsa-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.9
ssh_exchange_identification: Connection closed by remote host

$ ssh -vvv -ND 8090 -p22 -i worgproxy_rsa sippis@proxy.wordpress.org
OpenSSH_7.9p1, LibreSSL 2.7.3
debug1: Reading configuration data /Users/sippis/.ssh/config
debug1: /Users/sippis/.ssh/config line 1: Applying options for proxy.wordpress.org
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 48: Applying options for *
debug1: Connecting to proxy.wordpress.org port 22.
debug1: Connection established.
debug1: identity file worgproxy_rsa type 0
debug1: identity file worgproxy_rsa-cert type -1
debug1: identity file /Users/sippis/.ssh/worgproxy_rsa type 0
debug1: identity file /Users/sippis/.ssh/worgproxy_rsa-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.9
ssh_exchange_identification: read: Connection reset by peer

If you don’t see what’s wrong, could you replace his old public key with this new one?

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDRBalZIm7+6MjsAOdm9HVd7rOoy4Z1cyd8vpsGGfejo5qYfRszOHbkOSouXLIuRymm/+vSvmshFLh2N3FhGDMYE/F8rTPrBTTVCNh36aOutBqTPW3ynTHEq7scG9VRM2Ir7ongSjFKF+MIseycJ/6BmEVSwRxvXDV22iCWwZoJwB/qhr8g8nycV152aZPpLPTlWhjZVmZYJg1AhWYX7yc+D3ih06bkfDiKzr+VygIxrhg6R6+MiC4KN8KFuYvsqHSvlgS8CMqj8WJRmcfs0lBmwMSvixzchDfJDeXPqCu1P60wqGaDMvZ+p1/Sx7ttI08g9qsso2R2d1CnGku7FYjP sippis@Illusia.local

#prio2

Add alexforcier to make/updates

Can you add alexforcier as an editor to make.wordpress.org/updates? He’s going to be posting the mobile update and needs publishing rights. Thanks!

Let me know if this isn’t the right place to request this as well 🙂

Tighten the config block rules.

Currently the 403 LB block for config is being too greedy. Can we please tighten it up to allow legitimate urls such as these through?

https://wordpress.org/support/users/sconfig/, https://profiles.wordpress.org/sconfig/

Ref: #4776-meta

#prio3

#4776-meta

Remove old bbPress1 Search blocking

Currently requests to /support/search.php and /plugins/search.php are blocked for GoogleBot at the LB
Since neither of these URLs are in use today, can we remove these blocks?

Low-priority ref #4765-meta

#prio3

#4765-meta

Update some 302 redirects to 301s

Hi, as per #4630-meta can we update the following 302 redirects to 301’s?

  • chat.wordpress.org
  • phpdoc.wordpress.org
  • wordpress.org/extend/

Additional ones via #4075-meta

  • wordpress.org/forums/
  • wordpress.org/tags/*

Here’s a diff that should apply to the web role:

Index: wporg-redirects.conf
===================================================================
--- wporg-redirects.conf	(revision 9066)
+++ wporg-redirects.conf	(working copy)
@@ -112 +112 @@
-	return 302 https://make.wordpress.org/chat/;
+	return 301 https://make.wordpress.org/chat/;
@@ -134 +134 @@
-	return 302 https://developer.wordpress.org/reference/;
+	return 301 https://developer.wordpress.org/reference/;
Index: wporg-wordpress.org
===================================================================
--- wporg-wordpress.org	(revision 9066)
+++ wporg-wordpress.org	(working copy)
@@ -36 +36 @@
-	rewrite ^/extend/?$ https://wordpress.org/ redirect;
+	rewrite ^/extend/?$ https://wordpress.org/ permanent;
@@ -88 +88 @@
-		rewrite ^ /support/ redirect;
+		rewrite ^ /support/ permanent;
@@ -91 +91 @@
-		rewrite ^ /support/ redirect;
+		rewrite ^ /support/ permanent;
@@ -99 +99 @@
-		rewrite ^/tags/(.*) /support/topic-tag/$1 redirect;
+		rewrite ^/tags/(.*) /support/topic-tag/$1/ permanent;

#prio3

#4075-meta, #4630-meta

Redirect downloads.wordpress.org/?$ to wordpress.org/download/ Currently…

Redirect downloads.wordpress.org/?$ to wordpress.org/download/

Currently if a user visits https://downloads.wordpress.org/ url into a browser, they hit a nginx 404, The nginx configuration isn’t setup to allow an index.php file to be served for that domain, so could we either have it redirect the root to wordpress.org/download/ or haveindex.php support enabled?

Ref: https://meta.trac.wordpress.org/ticket/4654

Thanks!
#prio3

Blackberry Mobile App Trac being targeted for hacks

We’ve noticed an influx of new entries in the BlackBerry Trac that are hacky/spammy. Example:

https://blackberry.trac.wordpress.org/#no1
https://blackberry.trac.wordpress.org/ticket/263

Can we block this from happening for the existing bad accounts posting and also prevent it from happening further? The BlackBerry app is also dead (for several years now) so we can freeze the entire site or get rid of it entirely.

#mobile #prio3