Hello again I need a couple of changes…

Hello again! I need a couple of changes on WordCamp.org to move forward with the Let’s Encrypt stuff:

  • An include of /home/wordcampWordCamp WordCamps are casual, locally-organized conferences covering everything related to WordPress. They're one of the places where the WordPress community comes together to teach one another what they’ve learned throughout the year and share the joy. Learn more./letsencrypt/output/*.nginx.conf in the httpHTTP HTTP is an acronym for Hyper Text Transfer Protocol. HTTP is the underlying protocol used by the World Wide Web and this protocol defines how messages are formatted and transmitted, and what actions Web servers and browsers should take in response to various commands. context. These files will be generated dynamically, each will have a server blockBlock Block is the abstract term used to describe units of markup that, composed together, form the content or layout of a webpage using the WordPress editor. The idea combines concepts of what in the past may have achieved with shortcodes, custom HTML, and embed discovery into a single consistent API and user experience. listening on 443 with one or more domains, paths to the SSLSSL Secure Socket Layer - Encryption from the server to the browser and back. Prevents prying eyes from seeing what you are sending between your browser and the server. certs and an include of camps-common.
  • Privileges to reload the nginxNGINX NGINX is open source software for web serving, reverse proxying, caching, load balancing, media streaming, and more. It started out as a web server designed for maximum performance and stability. In addition to its HTTP server capabilities, NGINX can also function as a proxy server for email (IMAP, POP3, and SMTP) and a reverse proxy and load balancer for HTTP, TCP, and UDP servers. https://www.nginx.com/. server.

Thanks!

#ssl, #wordcamp-org

I’m working on integrating Let’s Encrypt with WordCamp…

I’m working on integrating Let’s Encrypt with WordCamp.org. Can I please have the following packages installed on the WordCamp.org server?

  • python-dev
  • libffi-dev
  • libssl-dev
  • virtualenv

Thanks!

#ssl, #wordcamp-org

It looks like the * forums wordpress org…

It looks like the *.forums.wordpress.orgWordPress.org The community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/ SSLSSL Secure Socket Layer - Encryption from the server to the browser and back. Prevents prying eyes from seeing what you are sending between your browser and the server. certificate has expired, since we’ve not yet migrated those forums to their main locale domains, can we please get the cert renewed?

Example URL: https://ru.forums.wordpress.org
Reported in: https://meta.trac.wordpress.org/ticket/1327

#ssl

SSL for 2015.us.wordcamp.org

Matt would like to use 2015.us.wordcamp.org, which isn’t covered by the wildcard cart. Could you please setup an individual cert for it?

#ssl, #wordcamp-org

This is a followup to what I posted…

(This is a followup to what I posted on a8c’s sysreq last Thursday, which @762e5e74 was working on. That request should have gone here in the first place, because it’s related to WordCamp.org, so I’m moving the discussion here.)

To summarize the issue, URLs like https://2013.sf.wordcamp.org/tickets are being redirected to http://central.wordcamp.org/tickets, when they should instead be redirected to http://2013.sf.wordcamp.org/tickets. (I think this is because they get caught by the catch-all redirect, even though they’re valid pages.)

r4811-deployDeploy Launching code from a local development environment to the production web server, so that it's available to visitors. added a new rule that redirected all HTTPSHTTPS HTTPS is an acronym for Hyper Text Transfer Protocol Secure. HTTPS is the secure version of HTTP, the protocol over which data is sent between your browser and the website that you are connected to. The 'S' at the end of HTTPS stands for 'Secure'. It means all communications between your browser and the website are encrypted. This is especially helpful for protecting sensitive data like banking information. traffic to HTTPHTTP HTTP is an acronym for Hyper Text Transfer Protocol. HTTP is the underlying protocol used by the World Wide Web and this protocol defines how messages are formatted and transmitted, and what actions Web servers and browsers should take in response to various commands., but that conflicted with a PHPPHP PHP (recursive acronym for PHP: Hypertext Preprocessor) is a widely-used open source general-purpose scripting language that is especially suited for web development and can be embedded into HTML. http://php.net/manual/en/intro-whatis.php. redirect back to HTTPS, and created a loopLoop The Loop is PHP code used by WordPress to display posts. Using The Loop, WordPress processes each post to be displayed on the current page, and formats it according to how it matches specified criteria within The Loop tags. Any HTML or PHP code in the Loop will be processed on each post. https://codex.wordpress.org/The_Loop..

We’ve removed the PHP redirect for the time being, since the SSLSSL Secure Socket Layer - Encryption from the server to the browser and back. Prevents prying eyes from seeing what you are sending between your browser and the server. cert doesn’t work on 4th-level domains. We should be able to re-apply r4811-deploy at this point, but I’d like to make a minor modification to it, so that it’s future-proof for when we do support HTTPS on the 4th-level domains (via 3rd-level aliases and domain mapping, or a wildcard with *.*.wordcamp.org SANs, or some other solution).

The modification would be to ignore HTTPS requests to wp-admin URLs. So, the logic would be:

if https
    if URL doesn't contain wp-admin
        redirect to http version of the URL

That way a request to https://2013.sf.wordcamp.org/wp-admin (or any subpages under wp-admin) would not be redirected, but a request to https://2013.sf.wordcamp.org/tickets will be redirected.

One other thing to keep in mind is that attempts to login to the year.city sites (e.g., http://2013.sf.wordcamp.org/wp-login.php) redirect to http://wordcamp.org/wp-login.php (so they can use the valid SSL), though, and we don’t want that to be affected by any new rules. I don’t think it will be, but thought I’d mention it just in case.

#https, #redirect, #ssl, #wordcamp-org

SSL Certificate for * wordpress org has been…

SSLSSL Secure Socket Layer - Encryption from the server to the browser and back. Prevents prying eyes from seeing what you are sending between your browser and the server. Certificate for *.wordpress.orgWordPress.org The community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/ has been updated. New expiration date is 2014.

#ssl