Yesterday, we sent out notifications to all our clients that are affected by the Let's Encrypt mass revocation of SSL certificates. In this post, we'll share the details how we found those certificates. Now, the morning after, we're well rested and in good shape to do a proper write-up on the matter.
The team at Let's Encrypt, the free certificate authority, has identified an issue that might have lead to unauthorized certificate issuance. Because it's hard to determine which sites have been abused, they have no other choice but to revoke all certificates that may have been maliciously issued. The result is a massive 3,048,289 certificates that will be revoked within the next 24 hours. We've just finished alerting all our users that are affected by this.
We're super proud to show the new us - we have a brand new logo, an entirely new style and a new website. In this post, we'll show you all the changes!
We've just released a new feature: maintenance windows! You can now place your site in maintenance which will mute all notifications during that period.
The team at Chrome has announced their plans for handling mixed content last week on their blog. We'll highlight the most important details and what the potential impact is.
We recently launched our new Status Page feature. Under the hood, it's using the Caddy proxy server and Laravel's subdomain routing to serve the right status page on the right domain. With this technology stack, we can automatically generate, configure & renewe the SSL certificates for custom domains of our clients. In this post we'll deep dive in to our current setup.
We're proud to introduce a new major feature to all our Oh Dear users: Status Pages! All our users will now find a Status Pages feature in their dashboard, in the top level navigation. It allows you to create one or more status pages to keep your users informed in case of downtime or emergency. We're not limiting the amount of status pages you can create. You're free to create 1 or 100, it's all up to you.
We're excited to announce that we've shipped some nice improvements to our broken links & mixed content checks. These checks both make use of the crawler that powers those features. When we first launched Oh Dear!, we decided to limit the crawls to the first 1.000 unique pages we find. This was mostly a protection for infinite loops, since those are really hard to detect.
You can use our API to trigger an on demand run of both the uptime check and the broken links checker. If you add this to, say, your deploy script, you can have near-instant validation that your deploy succeeded and didn't break any links & pages. Our API allows you to trigger an on demand run for every check we do. But, it's an API - so it requires a set of IDs. First, let's find the different checks your site has.
We've added a setting that allows you to choose if we should crawl all internal URLs or the external URLs too.
