Gravatars Are Gone
-
-
Nobody ever screws up. It's inhuman to ever make a mistake.
Just kidding, I don't care that much. Shit happens. I think we're all smart enough to do multi factor authentication with email among other layers sooo we're good.
-
-
Where is the vulnerability at? Is it in the NodeBB plugin or in Gravatar?
-
@dafyre said in Gravatars Are Gone:
Where is the vulnerability at? Is it in the NodeBB plugin or in Gravatar?
The plugin.
-
@scottalanmiller said in Gravatars Are Gone:
@dafyre said in Gravatars Are Gone:
Where is the vulnerability at? Is it in the NodeBB plugin or in Gravatar?
The plugin.
Cool. I'm assuming it has been reported?
-
@dafyre said in Gravatars Are Gone:
@scottalanmiller said in Gravatars Are Gone:
@dafyre said in Gravatars Are Gone:
Where is the vulnerability at? Is it in the NodeBB plugin or in Gravatar?
The plugin.
Cool. I'm assuming it has been reported?
Yes, and there was a PR issued within minutes and the plugin got pulled within a few hours. but we were already off of gravatar and it has caused so many issues (and complaints) that now that we made the leap off of it AND that we have CloudFlare, the value to keeping Gravatar seems low. So we are not going back down that path.
-
@scottalanmiller said in Gravatars Are Gone:
@dafyre said in Gravatars Are Gone:
@scottalanmiller said in Gravatars Are Gone:
@dafyre said in Gravatars Are Gone:
Where is the vulnerability at? Is it in the NodeBB plugin or in Gravatar?
The plugin.
Cool. I'm assuming it has been reported?
Yes, and there was a PR issued within minutes and the plugin got pulled within a few hours. but we were already off of gravatar and it has caused so many issues (and complaints) that now that we made the leap off of it AND that we have CloudFlare, the value to keeping Gravatar seems low. So we are not going back down that path.
Out of curiosity... How does Cloudflare help with that? Does it cache the images, etc?
-
@dafyre said in Gravatars Are Gone:
Out of curiosity... How does Cloudflare help with that? Does it cache the images, etc?
Yes, it acts as a content delivery network for the static content out in front of the "real" server and it caches globally so people get the image content from local servers with low latency and high bandwidth instead of pulling it all from the single site in New York. So it lowers the load on the server while providing a better experience for the end users. Gravatar does the same kind of thing, it is a content delivery network, but CF does it better and more easily and is a bigger scale so it all works out well.
-
I've noticed a marked improvement this morning. I was AFK over the weekend and didn't get to fumble around as much as usual.
-
@dafyre said in Gravatars Are Gone:
I've noticed a marked improvement this morning. I was AFK over the weekend and didn't get to fumble around as much as usual.
The CF cache has warmed up which is helping.
-
test
-
-
This post is deleted! -
Is it just me or are the smile faces freaking huge now?
I don't mind so much, but it's kind of ridiculous.
-
@DustinB3403 said in Gravatars Are Gone:
Is it just me or are the smile faces freaking huge now?
I don't mind so much, but it's kind of ridiculous.
reload your page.
-
@JaredBusch said in Gravatars Are Gone:
@DustinB3403 said in Gravatars Are Gone:
Is it just me or are the smile faces freaking huge now?
I don't mind so much, but it's kind of ridiculous.
reload your page.
Thank you for that.
-
This post is deleted! -
So I guess, what? We get one year of free credit monitoring?
-
@DenisKelley said in Gravatars Are Gone:
So I guess, what? We get one year of free credit monitoring?
Monitoring, just to let you know it's stolen.. Not to help do anything about it afterwards hahah.
