Categories
Security Website

New and secure website online

A few day ago we activated a new theme on our website. Also we switched from http to https. The benefits are that we do not get spam comments so much anymore with the features of the new WordPress theme. Also if you use our (now completly working) online account management tools (register, change password, remove, transport pre-registration) and online clients (JWChat and Jappix) you will not have to send any data unencrypted over the internet.

We love to read what you think about the changes. ;-)

Categories
Maintenance Problems Transports

New SSL certificates

Because there are problems/bugs with ejabberd 13.x connecting to our transports we just replaced the certificate for our main virtual host jabber.hot-chilli.net. This host also does service our transports.

Until then we had used a certificate with the common name *.hot-chilli.net, now we have one with jabber.hot-chilli.net and *.jabber.hot-chilli.net common names which does not lead to the problem.

Some days ago we already replaced the *.hot-chilli.net due to the OpenSSL Heartbleed bug.

Categories
Features

Hashed passwords for Prosody

We just changed the Prosody authentication provider module to hashed SCRAM-SHA-1 passwords.

You most probably will not notice anything. But if your client does not support SCRAM-SHA-1 the password will be sent in plain, not DIGEST-MD5 like until now. So be sure you only use a TLS/SSL connection to the server to protect the password (and also all your other XMPP data like chat messages) inside an encrypted data stream. Some clients might show a warning that DIGEST-MD5 is not longer available on the server.

The next time you log in the password will be automaticly hashed with SCRAM-SHA-1 mechanism.

Categories
Downtimes Maintenance

Upgrade to Prosody 0.9.4

We upgraded the Jabber server to Prosody 0.9.4 this morning, see the changelog.

Categories
Downtimes Maintenance

Upgrade to Prosody 0.9.2

We just upgraded the Jabber server to Prosody 0.9.2, see the changelog.

The most important bugfix is the bug related to zlib compression used with encrypted connections. It seems that this is finally fixed! :-)