• English version
  • Version française
  • Versión española

Latest news

Upgrade to Debian Jessie planned

Posted on Saturday 2 April 2016

Debian Wheezy security support is scheduled to end at the end of April, therefore we have to upgrade to Debian Jessie before this deadline. The good news is that it leaves you a few weeks to check that your installed webapps will continue to work after the upgrade.

Please welcome HTTPS

Posted on Saturday 2 April 2016

Until recently, anything hosted by TuxFamily and reached over TLS (HTTPS, POPS, IMAPS, etc.) implied to accept a self-signed certificate.

Since the "Let's encrypt" initiative has become a reality, TuxFamily recently jumped on the bandwagon:

  • *.tuxfamily.org web areas now benefit from a wildcard certificate (*.tuxfamily.org) kindly provided by GlobalSign.
  • Most *.tuxfamily.org services also benefit from that wildcard certificate.
  • Other TuxFamily-hosted web areas (e.g. vhffs.org or yabause.org) now benefit from a Let's Encrypt certificate.
  • Due to technical limitations, *.*.tuxfamily.org web areas and domains remain plagued by a common name mismatch error; fortunately, those remain quite rare and should benefit from a Let's Encrypt certificate on the long run.

This setup should bring class-A HTTPS to your sites, and even A+ if you set up HSTS.

Since your web areas are now reachable by everybody over both HTTP and HTTPS, you are now free to adapt your sites accordingly; typical setups include (but are not restricted to):

  • handling both protocols;
  • enforcing only authenticated traffic to HTTPS;
  • enforcing all traffic to HTTPS through redirections and/or HSTS implemented in .htaccess.

Please welcome IPv6

Posted on Saturday 2 April 2016

All TuxFamily services are now reachable over IPv6, making them future-proof with regard to IPv4 address exhaustion.

Those of you managing their domains through DNS servers other than TuxFamily's may want to add some AAAA records pointing to 2a02:2178:1000:201::4 (IPv6 address for web.tuxfamily.net).

The TuxFamily team needs you for their therapy!

Posted on Friday 1 April 2016

These times are rough. Or at least they seem so. Daily news look increasingly bad. Global warming, conflicts, terrorism, economical concerns, extremists fueled by global political disinterest, the list feels endless. All these events and the extraordinary noise they bring along with them divert our attention from many good things that also happen on a daily basis: scientific progress, environment-friendly innovation, constructive local initiatives, education-oriented projects and more generally people adding their humble yet significant contribution to the better side of Humanity. TuxFamily takes pride in providing such people with a free hosting platform that helps them achieve whatever good deed they are aiming for. And yet...

And yet, forgotten among the forsaken, the TuxFamily staff members are too often neglected. Hidden behind a machine that works too well for anybody to wonder who exactly winds up its clocks and replaces its gears, the TuxFamily staff recently managed to narrow down, thanks to the cheap services of an estimate psychotherapist who accepted to work for only 250% of TuxFamily's patiently-collected treasury, the true cause of their long-dwelling spleen: they lack recognition and gratitude. Medication for the whole team having been dismissed as too expensive, it was decided to fight and improve the situation through two ground breaking ideas.

The first idea consists in reminding both our hostees and their visitors that there are actual people working under the hood of each web site. To this end, starting in a few days, all TuxFamily-hosted websites, with no possible exception, will be altered on-the-fly so that they display the face of a random TuxFamily staff member. That modification should remain discreet in most cases, as pictures are only about 100 pixels wide. However, thanks to well-engineered heuristics, all sites that either lack proper backups or which are not up-to-date security-wise will inherit an extra feature: the face of a TuxFamily staff member will *follow* the mouse cursor. This revolutionary feature allows everyone to become aware that a given site needs some extra caring, thus boosting both TuxFamily's staff's egos and the amount of speculative applications from new contributors to your projects! And it can be seen right now on the following websites:

Despite being under heavy discussions, the second idea was deemed ready for disclosure: in the coming months, a new TuxFamily service will enable you to bid for your favorite TuxFamily staff member; those of you who win these auctions will be entitled to spend an entire evening with that staff member. Whether "evening" actually means "night" and what exactly you will be allowed to do with that staff member is actually the "still under heavy discussions" part of that project. But we are confident that these questions will be duly addressed in no time.

All members of the TuxFamily team thank you in advance for your upcoming support to their mental health!

Edit: As most of you hopefully understood, yesterday's communication was our usual April's Fools' prank -- we hope it made you smile, laugh, choke on your dinner and/or other similar reactions that do not involve suing us in court. Some of you may wonder how close we actually are from the couch of a psychotherapist. Well, good news, most of us are fine.

Tuxfamily will be at Paris Open Source Summit 2015 !

Posted on Tuesday 17 November 2015, at 21:21 UTC

TuxFamily.org will be at Paris Open Source Summit 2015 event in Paris on November 18-19

It will be a great time for all of us to meet, talk about your projects and to have some feedbacks on our hosting platform. You are all welcome in our cubicle for a coffee (or more !) We always enjoy having a special time with our hosted people so don't hesitate, come and have a talk with us.

Downloads master down

Posted on Sunday 13 September 2015, at 05:24 UTC

We are currently experiencing an outage on the download repositories master. We will keep you in touch.

Edit: Back online.

SSH access down

Posted on Saturday 29 August 2015, at 16:52 UTC

The shell host is down, we asked for a low priority remote-hand reboot which should not be done before than next monday, there is no urge at all.

Edit: SSH is back.

Power outage

Posted on Friday 12 June 2015, at 14:00 UTC

Today, around 13:26 UTC, we collapsed under a power outage. Looks like we lost a couple of hardware, we are currently investigating. Secondary services (ns2 and mx2) are still working, we won't lose your mails ;-)

Edit 2015-06-12 14:26 UTC: Web service is back, everything else is down. Our disk arrays are degraded but properly running and currently rebuilding, at least data are safe. We lost a static switch and most of our single feed powered hosts are currently down.

Edit 2015-06-12 18:25 UTC: We weren't able to contact someone wanting to look at what's happening, we'll see what we'll be able to do tomorrow.

Edit 2015-06-13 15:35 UTC: Hourra!, our hoster went on site and managed to restart everything, our STS isn't dead finally, which is quite a good news. Everything should be back.

Air conditioning failure

Posted on Saturday 6 June 2015, at 17:49 UTC

We are currently experiencing an outage of some services due to air conditioning failure, we'll keep you in touch.

Edit: Repaired, everything should be back.

TuxFamily to improve its security

Posted on Wednesday 1 April 2015

TuxFamily never ceased to drum it, security, and especially I.T. security, is everyone's matter ! The various vulnerabilities disclosed all throughout the epic year 2014 definitely proved that a careful monitoring of the subject is essential.

Alas, this matter too often remains neglected by many hostees with regards to web applications installed at TuxFamily's (blog engines, bugtrackers, Mediawiki, Drupal, WordPress, PunBB, etc.). Yet no one can deny that an outdated application is a vector to send massive amounts of spam as well as hosting phishing pages or even exploit local vulnerabilities that just ask to be discovered, published and exploited (not necessarily in this order)!

On the other hand, TuxFamily's resources, particularly human ones, remain limited: a single person hobbles along with the platform administration (as a benevolent on free time, of course) while the moderation process is statistically handled by 1.27 persons exactly. BEA figures, February 2015. Anyway, it has become vital to take action.

That's the reason why your beloved hosters are currently designing a tool basically named vhffs_rotvacuum. It will run every week on the plateform in order to detect and desactivate webspaces whose software may not be up-to-date.

Fully aware that such a change cannot be brought so suddenly, its deployment shall happen in several steps:

  • Apr 2015: simple notification to the owner of concerned group/project
  • May 2015: webspaces not updated are disabled after a grace delay of 15 days after security updates are published
  • Jun 2015: deletion of webspaces considered outdated, grace delay kept at 15 days
  • Sep 2015: grace delay will be lowered to 7 days for standard security updates, 1 day for critical ones.

The TuxFamily team kindly reminds you that their set of services does not include full-fledged backups.

We sincerely hope these measures will help keep the maintenance workload of the platform at its lowest and, hence, ensure its durability.

The TuxFamily.org team

Edit: Of course it was our yearly April fool joke ;-)

RSS Feed