Back to blog index

Switched to HTTPS

This should have happened last year, but I ended up doing 3 changes at the same time which caused things to be more complicated than needed. This is what happened:

  • Switched to a brand new updated server. The old one had been struggling with updates since 2010!!
  • Switched thumbnails to be stored in S3 and served through CDN (same with static files)
  • Enabled Https

Difficulties came in many flavors.

Switching to a new server

The old server was running on Ubuntu 10.04!! so I'm not letting the OS get so outdated again. That caused the app to be running on Python2.6, which was annoying.

Additionally, there was a weird mix of dependencies because they needed to be available in such an old OS, so moving to a current release meant having to make sure things worked with updated versions of apps and dependencies.

It's refreshing to be running now on more modern libraries, OS and Python version.

Moving thumbnails storage

The thumbnails used to be stored in the app server's hard drive, which made moving servers problematic because it relied moving these files every time. All the other files had been stored remotely except the thumbnails, they work with a cache mechanism that made things tricky to just drop and regenerate.

Creating thumbnails is expensive and slow, so it had to be an Indiana Jones switch with some code to fallback on the older versions in case the S3 file isn't available and make a quick copy behind scenes.

Still, the move had some bumps so I needed to make sure all thumbnail files were readable, so that was hundreds of thousands of Http HEAD requests.

Also, happy to be serving those through a CDN, right now they're under the ugly cloudfare URL, which I don't care much for, but I'll see to move that to something nicer, maybe media.bratabase.com again. Not in a hurry.

Switch to HTTPS

At long last after being threatened by browsers and seeing those pesky warnings in Firefox. It was due time. I'm using Letsencrypt, and that was not working correctly on such an old server, so I needed make the move.

After the migration happened, while I verified the thumbnails, I had the site running under www2 to make sure things were working fine, tuning a bunch of parameters, fixing many hard coded http references until it was all working fine. The complex picture upload mechanism proved to need better parametrization to work correctly with the http to https switch.

So, we're now all migrated, the old server is still up but let's hope we don't need to touch that and turn it off soon to stop paying for it.

June 3, 2018
comments powered by Disqus