Year: 2014

New and secure website online

Post author By Roi
Post date August 1, 2014
No Comments on New and secure website online

A few day ago we activated a new theme on our website. Also we switched from http to https. The benefits are that we do not get spam comments so much anymore with the features of the new WordPress theme. Also if you use our (now completly working) online account management tools (register, change password, remove, transport pre-registration) and online clients (JWChat and Jappix) you will not have to send any data unencrypted over the internet.

We love to read what you think about the changes. ;-)

Tags Account, Security, Website

Maintenance Problems Transports

New SSL certificates

Because there are problems/bugs with ejabberd 13.x connecting to our transports we just replaced the certificate for our main virtual host jabber.hot-chilli.net. This host also does service our transports.

Until then we had used a certificate with the common name *.hot-chilli.net, now we have one with jabber.hot-chilli.net and *.jabber.hot-chilli.net common names which does not lead to the problem.

Some days ago we already replaced the *.hot-chilli.net due to the OpenSSL Heartbleed bug.

Tags Certificates, ejabberd, Heartbleed, Maintenance, OpenSSL, Problems, Prosody, Transports

Features

Hashed passwords for Prosody

Post author By Roi
Post date April 22, 2014
No Comments on Hashed passwords for Prosody

We just changed the Prosody authentication provider module to hashed SCRAM-SHA-1 passwords.

You most probably will not notice anything. But if your client does not support SCRAM-SHA-1 the password will be sent in plain, not DIGEST-MD5 like until now. So be sure you only use a TLS/SSL connection to the server to protect the password (and also all your other XMPP data like chat messages) inside an encrypted data stream. Some clients might show a warning that DIGEST-MD5 is not longer available on the server.

The next time you log in the password will be automaticly hashed with SCRAM-SHA-1 mechanism.