Domain Webmaster: Logging, Privacy and Features

by Hadriel 11 Replies latest forum suggestions

  • Hadriel
    Hadriel

    Question for the webmaster and authors of this site.

    To what degree is logging kept on your server?

    Has there been any consideration to move the server/host to for example the Netherlands or Iceland etc for added privacy rather than a U.S. based host such as is the case now (currently in Mountain View, CA)?

    Any thought on allowing users to tag other users (e.g. @SomeUserHandle) and have this ping the user either by email, pm or a toast notification (this would be handy to me)?

    May apologies if these questions have been addressed before...yeah I was lazy and didn't search :(

    Be clear site works great just a few thoughts that might take it even more next level.

  • Simon
    Simon
    Question for the webmaster and authors of this site.

    I'll do my best to help :)

    To what degree is logging kept on your server?

    Regular logging is used to measure traffic using Google Analytics and there's also server logs which is more for my debugging / diagnostic use and also to help detect and prevent abuse (e.g. Denial of Service attacks, rogue bots & scrapers etc...)

    Has there been any consideration to move the server/host to for example the Netherlands or Iceland etc for added privacy rather than a U.S. based host such as is the case now (currently in Mountain View, CA)?

    No, I think it's pointless and is an imaginary veneer of security to be honest imagining that the US government (I presume?) couldn't get your data anyway or that the WTS couldn't take action in any country. It's hosted with Google and they have a pretty good reputation. Any sensitive content is encrypted and the next version will use SSL / HTTPS throughout so all communication to and from the site will be encrypted as well.

    Any thought on allowing users to tag other users (e.g. @SomeUserHandle) and have this ping the user either by email, pm or a toast notification (this would be handy to me)?

    Yes, I've been looking into this very thing. I also want to provide more of a 'dashboard' where you'll be able to see new and interesting topics based on things you and others have liked, things where you have been mentioned and topics you have taken part in that have been updated. More customized views to give you what you most likely want, faster.

    May apologies if these questions have been addressed before...yeah I was lazy and didn't search :frowning:
    Be clear site works great just a few thoughts that might take it even more next level.

    No worries, I'm always happy to get feedback and feature requests!

    Depending on other projects I have to spend time on (boo to real work!) I'm hoping to get a major new update out in the next 2-3 months which should be faster and slicker and make adding more new features in future much easier.

  • Hadriel
    Hadriel

    Sounds good although I disagree on the "veneer" perspective. I have a fair amount of experience in this regard.

    Privacy laws are significantly more stringent in certain countries.

    As to logging what I typically do is remote log to encrypted host then periodically shred directories in a rotation of sorts.

    Essentially the most you'll ever have logged is a couple days. Anything malicious you'll know about it. You don't need days of that around to troubleshoot in the majority of cases.

    Anyway I was just curious. Thx!

  • Hadriel
    Hadriel
    love the site btw. simple elegant works perfect!
  • Phaedra
    Phaedra
    Simon the great!
  • Simon
    Simon
    Privacy laws are significantly more stringent in certain countries.

    True, but it depends on what you think the 'threats' are. It's not like we're storing medical files or banking info and have minimal personally identifiable information (often none) so it's not a huge concern - most visitors are North American so for latency alone it makes sense to host it here plus Google's cloud makes sense to me for various technical reasons (and they have support for various privacy laws / directives).

    As for shredding logs etc... again, we're not storing medical files or banking info. When I've worked at bank and pharmaceutical companies things like this were much higher on the agenda. The access logs are still stored securely and only accessible by me and only record that a web request was made to the site for a page or asset. Hardly stuff of 007 :)

    For a site like this the biggest threat for a small few is probably being 'outed' as being a member. There are various protections in place to make this a little more difficult than on some forums (e.g. not allowing embedding of images which could provide easy access to IP addresses and thus identification) but we're not wiki-leaks ... we try to make sure we will not expose any user data but personal information control is the ultimate responsibility of individuals - I can't and wouldn't want to control what links people click on or where they access sites from.

  • Hadriel
    Hadriel

    As to shredding it is easy to setup and logs absolutely could pose a threat to identity. If you don't keep them around long if you ever receive a court order for any reason you're in the clear as there's nothing to get really.

    It's fine tho man was just curious since this is my world. Ignore me ha ha.

    I know you know this but what makes this forum great is that it's inline. next post, next post, next post. Rather than the bb forums where there's so much nesting. Seems great in theory but I hated it then still hate it.

    Holler if you ever need a hand or anything. glad to help do this stuff all day every day.

    BTW what wysiwyg is this editor? I use Redactor a lot. kinda like this one.

  • berrygerry
    berrygerry

    No, I think it's pointless and is an imaginary veneer of security to be honest imagining that the US government (I presume?) couldn't get your data anyway or that the WTS couldn't take action in any country.

    Sorry Bud - many wise international companies use Canadian servers because of our privacy laws.

    http://www.huffingtonpost.ca/2014/04/03/canada-us-privacy-laws_n_5083034.html

  • Hadriel
    Hadriel

    @berrygerry

    Currently Iceland is my fav.

  • berrygerry
    berrygerry
    No worries, I'm always happy to get feedback and feature requests!
    One of the biggest changes from the old site to this one is the lack of being able to link to a post (not a thread, but a post).

    The old site allowed this.

    The revised site does not, UNLESS you catch the post in the last three posts made.

    As a random example, reddit, good old site, allows you to "permalink" - eg. https://www.reddit.com/r/exjw/comments/4040qz/hail_jehovah_beer/cyrfi3g

    The old JWN site also had this capacity.

    If caught at the time (eg. http://www.jehovahs-witness.com/topic/6036754616287232/letter-my-sibling?page=1#5797523729940480 ) or at the last three posts, it can still be done.

    But, if older than three posts, there is no way for the ordinary user to link to a specific post.

    For research and reference dudes, this is a must-have on forums.

    Bring it back.

Share this

Google+
Pinterest
Reddit