Free hosting for free people.
TuxFamily is a non-profit organization that provide free services for projects and contents
dealing with the free software philosophy.
- Héberger le site internet d'un futur café-repair/ recyclerie
- https avec let's encrypt
- Php 7.0
- April 2016
- November 2015
- September 2015
- August 2015
- June 2015
- April 2015
- March 2015
- January 2015
- November 2014
- July 2014
- June 2014
- May 2014
- April 2014
- March 2014
- February 2014
- December 2013
- July 2013
- June 2013
- May 2013
- April 2013
- March 2013
- January 2013
- December 2012
- June 2012
- April 2012
- March 2012
- January 2012
- October 2011
- September 2011
- August 2011
- July 2011
- June 2011
- May 2011
- April 2011
- March 2011
- February 2011
- December 2010
- November 2010
- August 2010
- July 2010
- June 2010
- April 2010
- March 2010
- January 2010
- October 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- January 2009
- October 2008
- September 2008
- August 2008
- June 2008
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- December 2007
- October 2007
- August 2007
- July 2007
- June 2007
- May 2007
- April 2007
- March 2007
- February 2007
- January 2007
- December 2006
- November 2006
- October 2006
- September 2006
- July 2006
- June 2006
- May 2006
- April 2006
- February 2006
- January 2006
Posted on Saturday 2 April 2016
Debian Wheezy security support is scheduled to end at the end of April, therefore we have to upgrade to Debian Jessie before this deadline. The good news is that it leaves you a few weeks to check that your installed webapps will continue to work after the upgrade.
Posted on Saturday 2 April 2016
Until recently, anything hosted by TuxFamily and reached over TLS (HTTPS, POPS, IMAPS, etc.) implied to accept a self-signed certificate.
Since the "Let's encrypt" initiative has become a reality, TuxFamily recently jumped on the bandwagon:
- *.tuxfamily.org web areas now benefit from a wildcard certificate (*.tuxfamily.org) kindly provided by GlobalSign.
- Most *.tuxfamily.org services also benefit from that wildcard certificate.
- Other TuxFamily-hosted web areas (e.g. vhffs.org or yabause.org) now benefit from a Let's Encrypt certificate.
- Due to technical limitations, *.*.tuxfamily.org web areas and domains remain plagued by a common name mismatch error; fortunately, those remain quite rare and should benefit from a Let's Encrypt certificate on the long run.
Since your web areas are now reachable by everybody over both HTTP and HTTPS, you are now free to adapt your sites accordingly; typical setups include (but are not restricted to):
- handling both protocols;
- enforcing only authenticated traffic to HTTPS;
- enforcing all traffic to HTTPS through redirections and/or HSTS implemented in .htaccess.
Posted on Saturday 2 April 2016
All TuxFamily services are now reachable over IPv6, making them future-proof with regard to IPv4 address exhaustion.
Those of you managing their domains through DNS servers other than TuxFamily's may want to add some AAAA records pointing to 2a02:2178:1000:201::4 (IPv6 address for web.tuxfamily.net).
Posted on Friday 1 April 2016
These times are rough. Or at least they seem so. Daily news look increasingly bad. Global warming, conflicts, terrorism, economical concerns, extremists fueled by global political disinterest, the list feels endless. All these events and the extraordinary noise they bring along with them divert our attention from many good things that also happen on a daily basis: scientific progress, environment-friendly innovation, constructive local initiatives, education-oriented projects and more generally people adding their humble yet significant contribution to the better side of Humanity. TuxFamily takes pride in providing such people with a free hosting platform that helps them achieve whatever good deed they are aiming for. And yet...
And yet, forgotten among the forsaken, the TuxFamily staff members are too often neglected. Hidden behind a machine that works too well for anybody to wonder who exactly winds up its clocks and replaces its gears, the TuxFamily staff recently managed to narrow down, thanks to the cheap services of an estimate psychotherapist who accepted to work for only 250% of TuxFamily's patiently-collected treasury, the true cause of their long-dwelling spleen: they lack recognition and gratitude. Medication for the whole team having been dismissed as too expensive, it was decided to fight and improve the situation through two ground breaking ideas.
The first idea consists in reminding both our hostees and their visitors that there are actual people working under the hood of each web site. To this end, starting in a few days, all TuxFamily-hosted websites, with no possible exception, will be altered on-the-fly so that they display the face of a random TuxFamily staff member. That modification should remain discreet in most cases, as pictures are only about 100 pixels wide. However, thanks to well-engineered heuristics, all sites that either lack proper backups or which are not up-to-date security-wise will inherit an extra feature: the face of a TuxFamily staff member will *follow* the mouse cursor. This revolutionary feature allows everyone to become aware that a given site needs some extra caring, thus boosting both TuxFamily's staff's egos and the amount of speculative applications from new contributors to your projects! And it can be seen right now on the following websites:
Despite being under heavy discussions, the second idea was deemed ready for disclosure: in the coming months, a new TuxFamily service will enable you to bid for your favorite TuxFamily staff member; those of you who win these auctions will be entitled to spend an entire evening with that staff member. Whether "evening" actually means "night" and what exactly you will be allowed to do with that staff member is actually the "still under heavy discussions" part of that project. But we are confident that these questions will be duly addressed in no time.
All members of the TuxFamily team thank you in advance for your upcoming support to their mental health!
Edit: As most of you hopefully understood, yesterday's communication was our usual April's Fools' prank -- we hope it made you smile, laugh, choke on your dinner and/or other similar reactions that do not involve suing us in court. Some of you may wonder how close we actually are from the couch of a psychotherapist. Well, good news, most of us are fine.
Posted on Tuesday 17 November 2015, at 21:21 UTC
TuxFamily.org will be at Paris Open Source Summit 2015 event in Paris on November 18-19
It will be a great time for all of us to meet, talk about your projects and to have some feedbacks on our hosting platform. You are all welcome in our cubicle for a coffee (or more !) We always enjoy having a special time with our hosted people so don't hesitate, come and have a talk with us.
Posted on Sunday 13 September 2015, at 05:24 UTC
We are currently experiencing an outage on the download repositories master. We will keep you in touch.
Edit: Back online.
Posted on Saturday 29 August 2015, at 16:52 UTC
The shell host is down, we asked for a low priority remote-hand reboot which should not be done before than next monday, there is no urge at all.
Edit: SSH is back.
Posted on Friday 12 June 2015, at 14:00 UTC
Today, around 13:26 UTC, we collapsed under a power outage. Looks like we lost a couple of hardware, we are currently investigating. Secondary services (ns2 and mx2) are still working, we won't lose your mails ;-)
Edit 2015-06-12 14:26 UTC: Web service is back, everything else is down. Our disk arrays are degraded but properly running and currently rebuilding, at least data are safe. We lost a static switch and most of our single feed powered hosts are currently down.
Edit 2015-06-12 18:25 UTC: We weren't able to contact someone wanting to look at what's happening, we'll see what we'll be able to do tomorrow.
Edit 2015-06-13 15:35 UTC: Hourra!, our hoster went on site and managed to restart everything, our STS isn't dead finally, which is quite a good news. Everything should be back.
Posted on Saturday 6 June 2015, at 17:49 UTC
We are currently experiencing an outage of some services due to air conditioning failure, we'll keep you in touch.
Edit: Repaired, everything should be back.
Posted on Wednesday 1 April 2015
TuxFamily never ceased to drum it, security, and especially I.T. security, is everyone's matter ! The various vulnerabilities disclosed all throughout the epic year 2014 definitely proved that a careful monitoring of the subject is essential.
Alas, this matter too often remains neglected by many hostees with regards to web applications installed at TuxFamily's (blog engines, bugtrackers, Mediawiki, Drupal, WordPress, PunBB, etc.). Yet no one can deny that an outdated application is a vector to send massive amounts of spam as well as hosting phishing pages or even exploit local vulnerabilities that just ask to be discovered, published and exploited (not necessarily in this order)!
On the other hand, TuxFamily's resources, particularly human ones, remain limited: a single person hobbles along with the platform administration (as a benevolent on free time, of course) while the moderation process is statistically handled by 1.27 persons exactly. BEA figures, February 2015. Anyway, it has become vital to take action.
That's the reason why your beloved hosters are currently designing a tool basically named vhffs_rotvacuum. It will run every week on the plateform in order to detect and desactivate webspaces whose software may not be up-to-date.
Fully aware that such a change cannot be brought so suddenly, its deployment shall happen in several steps:
- Apr 2015: simple notification to the owner of concerned group/project
- May 2015: webspaces not updated are disabled after a grace delay of 15 days after security updates are published
- Jun 2015: deletion of webspaces considered outdated, grace delay kept at 15 days
- Sep 2015: grace delay will be lowered to 7 days for standard security updates, 1 day for critical ones.
The TuxFamily team kindly reminds you that their set of services does not include full-fledged backups.
We sincerely hope these measures will help keep the maintenance workload of the platform at its lowest and, hence, ensure its durability.
The TuxFamily.org team
Edit: Of course it was our yearly April fool joke ;-)