Page MenuHomePhabricator

Changing the URL for the Wikimedia Shop
Closed, ResolvedPublic

Description

The Wikimedia Shop is going to be renamed to the Wikipedia store. Right now its URL is http://shop.wikimedia.org. I would like it to be named http://store.wikipedia.org. How can this be changed?

Event Timeline

There are a very large number of changes, so older changes are hidden. Show Older Changes

I called digicert and shopify support to have the request canceled.

Sorry about that @vshchepakina

@Dzahn bummer! let's keep it store.wikimedia.org then. Can store.wikipedia.org be still redirected to store.wikimedia.org?

Dzahn reopened this task as Open.Mar 25 2015, 11:08 PM

@vshchepakina

http://store.wikipedia.org/ is a working redirect, just to http://shop.wikimedia.org because that's the main shop URL.

http://store.wikimedia.org/ currently just gets us the same as https://www.wikimedia.org/ but we could just make that a redirect to shop.wikimedia.org.

Or did you mean to change the main shop URL to store.wikimedia.org? I'm afraid then we'll have to ask shopify again about changing the SSL cert.

How about we just add the additional redirect so that http://store.wikimedia.org/ also works but we leave the actual shop URL unchanged?

here are the existing redirects:

Shop redirects

funnel shop.wiktionary.org shop.wikimedia.org
funnel store.wiktionary.org
shop.wikimedia.org
funnel shop.wikiquote.org shop.wikimedia.org
funnel store.wikiquote.org
shop.wikimedia.org
funnel shop.wikibooks.org shop.wikimedia.org
funnel store.wikibooks.org
shop.wikimedia.org
funnel shop.wikinews.org shop.wikimedia.org
funnel store.wikinews.org
shop.wikimedia.org
funnel shop.wikisource.org shop.wikimedia.org
funnel store.wikisource.org
shop.wikimedia.org
funnel shop.wikiversity.org shop.wikimedia.org
funnel store.wikiversity.org
shop.wikimedia.org
funnel shop.mediawiki.org shop.wikimedia.org
funnel store.mediawiki.org
shop.wikimedia.org
funnel shop.wikimediafoundation.org shop.wikimedia.org
funnel store.wikimediafoundation.org
shop.wikimedia.org
funnel shop.wikipedia.org shop.wikimedia.org
funnel store.wikipedia.org
shop.wikimedia.org
funnel shop.wikipedia.com shop.wikimedia.org
funnel store.wikipedia.com
shop.wikimedia.org

@Dzahn I really prefer store.wikimedia.org, especially since we can't have store.wikipedia.org as the main URL. Any chance you could contact Shopify again?

Change 199791 had a related patch set uploaded (by Dzahn):
shop redirects: store instead of shop

https://gerrit.wikimedia.org/r/199791

Change 199796 had a related patch set uploaded (by Dzahn):
shop URL: change 'shop' to 'store'

https://gerrit.wikimedia.org/r/199796

@Dzahn I really prefer store.wikimedia.org, especially since we can't have store.wikipedia.org as the main URL. Any chance you could contact Shopify again?

Victoria, yes, i will contact them. Also uploaded new patches for the redirect and DNS changes. (they need to be coordinated with the other changes).

@Krenair @MZMcBride @csteipp ok?

As long as it's the "Wikimedia Store"

It's still completely unclear to me why any rename makes sense here. Is there some problem with "Wikimedia Shop" and shop.wikimedia.org? If so, this task should explain what the problem is so that we can evaluate it and come to a reasonable solution. Until there's clarification, I don't think this ticket should be acted upon at all.

matmarex removed a subscriber: Security.Mar 26 2015, 7:59 AM

@Victoria, could you reply to MZMcBride why it should be renamed? There seems to be no consensus here and i would like to avoid telling them to change the cert once again before there is agreement here.

The branding has already been updated, there's a Twitter account "wikipediastore", etc., so all that remains to be done is changing the canonical URL. I can't speak for Victoria, but I'm guessing that this rename is due to the greater brand recognition of the Wikipedia brand and due to the store mainly selling Wikipedia products. In any case, it's up to the shop team to pick the name for the thing :)

They can name it whatever they want, but wikipedia.org subdomains must run Wikimedia-approved-and-changeable code on WMF-owned hardware.

That said, it's not a good decision to name it "Wikipedia Store" as they are not allowed to run store.wikipedia.org as a proper (canonical) site - it can only be a redirect to somewhere which they can serve (say, store.wikimedia.org) from a third-party (*.wikimedia.org is not trusted by our software like *.wikipedia.org is for SUL, as we already have other third-party-hosted stuff there, e.g. status. and to some extent wikitech-static.).

Ah, I see. So, to recap -- the concern is:

  1. We set user authentication cookies on the wikipedia.org domain (not its subdomains like en.*);
  2. We don't do the same for sites like commons.wikimedia.org (there we set the cookie on commons.*, etc.)

In this configuration, putting potentially dangerous code on store.wikipedia.org would mean that any vulnerability in said code could be exploited to steal user credentials. Have I got that right?

If so, I'm not sure there is a good option here other than 1) going back to the old name, or 2) hosting it on a completely separate domain name.

Krenair added a comment.EditedApr 3 2015, 9:40 PM

Vulnerability in the code, or the (unknown, unidentified, non-NDA) people who administrate whatever server it runs on, yes. I wouldn't want my Wikimedia login cookie being sent there if I happened to visit one day. See @jeremyb and @csteipp's comments earlier

A possibly terrifying third option is to setup a cookie stripping reverse proxy that we run on shop.wikimedia.org and then have that proxy to whoever is running it...

/me runs away

Terrifying options may warrant some consideration, but I'll loop back with Victoria that this may be trickier than anticipated. @csteipp any thoughts on how security issues could be mitigated, and/or the suggestion above?

A possibly terrifying third option is to setup a cookie stripping reverse proxy that we run on shop.wikimedia.org and then have that proxy to whoever is running it...

/me runs away

That would keep the cookie away from their server (so a compromised store wouldn't be able to sniff the cookies), but won't save us from xss on their store site (which we have no review/controls for), doing all sorts of stuff to us.

Ah, I see. So, to recap -- the concern is:

  1. We set user authentication cookies on the wikipedia.org domain (not its subdomains like en.*);
  2. We don't do the same for sites like commons.wikimedia.org (there we set the cookie on commons.*, etc.)

    In this configuration, putting potentially dangerous code on store.wikipedia.org would mean that any vulnerability in said code could be exploited to steal user credentials. Have I got that right?

    If so, I'm not sure there is a good option here other than 1) going back to the old name, or 2) hosting it on a completely separate domain name.

That's pretty much it.

Terrifying options may warrant some consideration, but I'll loop back with Victoria that this may be trickier than anticipated. @csteipp any thoughts on how security issues could be mitigated, and/or the suggestion above?

There is probably a way we could safely setup a reverse proxy to do this. It would be a significant amount of work, and would be pretty fragile.

In addition to cookie stripping, we would need strong parameter whitelists (basically run mod_security on it) to attempt to mitigate xss vectors. We have to be ok with turning off the proxy if we find vulnerabilities on their site until they fix them. We would need an egress filter on the proxy too which does some amount of javascript parsing, to ensure that scripts on their site can't change the javascript domain. We would possibly want to inject CSP/XFO/nosniff headers into the response. We would need CORS blacklisting on all of our wikis where we already have *.wikipedia.org whitelisted. That's the stuff I can think of off the top of my head.

After all that, I would still anticipate this would be something like SVG files-- we make it pretty safe, but it's going to be a constant stream of issues that we have to deal with long term.

If so, I'm not sure there is a good option here other than 1) going back to the old name, or 2) hosting it on a completely separate domain name.

Until someone can find a good reason to change the domain/store name or until someone can explain a single problem we're actually solving here (as opposed to the new problems we're considering creating here...), option 1 sounds pretty good to me!

Option 2 is obviously better than the fragile horror proxy madness, but that's not really saying much. Off-hand, it looks like wikipediastore.org is available.

That said, I've repeatedly mused about the idea of using the wikis and the existing (quite robust) payment processing system that's already in place for making donations to the Wikimedia Foundation as an alternative to Shopify. This leverages existing infrastructure and solves other issues such as interface translation and content management, which we do passably well using wikis. This is to say, I'd much rather see technical resources invested in (for example) making the shop available in more languages than I would seeing additional time wasted on renaming the shop for questionable benefit.

Err, the 'name' is one thing that I guess we can keep discussing however I was under the impression that Victoria had already said she understood the problem with store.wikipedia.org and now was just asking that we switch shop.wikimedia.org to store.wikimedia.org .... I feel like we're re-hashing an argument that is no longer needed....

@Dzahn I really prefer store.wikimedia.org, especially since we can't have store.wikipedia.org as the main URL. Any chance you could contact Shopify again?

That said if the decision was to re-think the decision then ignore me :)

Ah, thanks for pointing that out, James. Daniel asked me about this ticket and I assumed (given the ticket description and Daniel's explanation) that the proposal is still to rename to store.wikipedia.org. If store.wikimedia.org as the canonical URL is fine, that addresses the security concern and there should be no major blockers to change from shop.wikimedia.org to store.wikimedia.org. Renames are fun :-)

In any case, it's up to the shop team to pick the name for the thing :)

In consultation with the Wikimedia community. Did I miss a discussion?

The Wikimedia Shop was co-owned by the Wikimedia Foundation and the Wikimedia community. This has been made clear many times, but if you need a concrete example, here's an easy one: https://meta.wikimedia.org/wiki/Talk:Wikimedia_merchandise#Shop_Advisory_Committee.

Your comment seems to suggest that because the person has changed on the Wikimedia Foundation side of the relationship, the Wikimedia community side's opinion no longer matters. Respectfully, that view is crazy and isn't aligned with Wikimedia's values of shared ownership and responsibility.

And so I'm left wondering, yet again, what the motivation for rebranding the Wikimedia Shop as the Wikipedia Store is.

James is correct: We understand that we cannot use store.wikipedia.org, and we are OK with that. Now we are just asking we switch from shop.wikimedia.org to store.wikimedia.org, as we think Store sounds more consistent with the idea of a more complete brand.

*Can we have an ETA for this change?*

@MZMcBride: Sorry if this was unclear: The reason for a name change is visibility and branding. The rename is part of a bigger revamp the Store is going through, including new merchandise, new social media efforts, new community engagement projects and a brand new website.

In order for the Store to be successful and provide rewards to the community it needs to actually be able to reach supporters and promote sales. The name Wikipedia has a greater brand recognition, and we believed it would help with promoting the Store in many different channels. Rest assured that the impact and goal of the Store will not change: it remains supporting contributors of all sister projects :) This is just meant to be a cosmetic change so that we could be found more easily by supporters and wouldn't cause confusion because they don't recognize the name Wikimedia. Does that make sense? What we hoped the new name would improve is the visibility amongst the readers who are not familiar with Wikimedia but want to support our mission.

Also, we do look forward to collaborating more with the community, and actually need a lot of help! We have received a few merchandise suggestions, but we could really benefit from some technical support and other operational help to take the Store to the next level. We will post requests in a few village pumps and on meta soon.

Ppena added a subscriber: Ppena.Apr 7 2015, 5:22 PM
Andrew added a subscriber: Andrew.Apr 7 2015, 10:13 PM

I have resumed the process with shopify, this time asking to add 'store.wikimedia.org' to the cert. I will update here as events warrant.

Andrew added a comment.Apr 9 2015, 4:05 PM

I've confirmed the change with digicert. Shopify says:

"We'll add in store.wikimedia.org, but you'll need to confirm it one more time. It'll likely be done next week since the batches are sent out on Tuesdays and Thursdays."

Unfortunately they're not allowing us to overlap the names, so shop.wikimedia.org will start throwing cert warnings as soon as the change happens.

Shopify said "You can point your CNAME for store to c.ssl.shopify.com.."

but we have not used this before, the CNAME we have is for "shopwikipedia.myshopify.com."

so it seemed odd that would change and we asked.

The response is:

Thanks for the clarification. Andrew confirmed store.wikimedia.org earlier this week, so we associated the checkout SSL with c.ssl.shopify.com. There are a few CNAMEs for the custom SSL, where as, on the general plans you point your CNAME to your .myshopify.com. Doing this would move you to checkout.shopify.com for checkout though.

Whenever you're ready point your CNAME for store to c.ssl.shopify.com. We're going to be keeping the checkout SSL on both store.wikimedia.org and shop.wikimedia.org so you can go back and forth if you would like :).

Change 203497 had a related patch set uploaded (by Dzahn):
change store to a CNAME for c.ssl.shopify.com.

https://gerrit.wikimedia.org/r/203497

Change 203497 merged by Dzahn:
change store to a CNAME for c.ssl.shopify.com.

https://gerrit.wikimedia.org/r/203497

Change 199796 abandoned by Dzahn:
shop URL: change 'shop' to 'store'

https://gerrit.wikimedia.org/r/199796

so shopify said "whenever you're ready point your CNAME for store to c.ssl.shopify.com." and that we should use the _new_ CNAME for store.wm and we can have both without certificate errors, which is cool.

since that meant not having to touch the existing shop.wm i just did it and changed the entry for store as instruced. unfortunately this gave me a page saying "Sorry, this shop is currently unavailable" and i didn't want to leave it like this over the weekend, so i reverted that and mailed shopify.

now, also see T96182, which says " A Record to point to our new IP address: 23.227.38.32" in contradiction to what Andrew and myself have been told before by Shopify. an A record wasn't mentioned at all before, instead a CNAME and a new CNAME different from the existing one.

Change 196605 merged by Dzahn:
drop shop & store entries from most projects

https://gerrit.wikimedia.org/r/196605

Change 199791 abandoned by Dzahn:
shop redirects: store instead of shop

https://gerrit.wikimedia.org/r/199791

Let's just drop everything but 2-3 domains, I'd say....

@Dzahn I agree that we should simplify the entries..

meanwhile i have done this part and dropped the shop AND store entries from most domains, of course except wikimedia.org and wikipedia.org

Change 204558 had a related patch set uploaded (by Dzahn):
remove dropped shop/store redirects

https://gerrit.wikimedia.org/r/204558

Change 204559 had a related patch set uploaded (by Dzahn):
shop/store: switch redirects to store.wikimedia

https://gerrit.wikimedia.org/r/204559

Change 204629 had a related patch set uploaded (by Dzahn):
shop/store: set CNAME for store c.ssl.shopify.com

https://gerrit.wikimedia.org/r/204629

Dzahn added a comment.EditedApr 16 2015, 9:07 PM
for your new domain store.wikimedia.org, you'll need to change your CNAME for store to 
c.ssl.shopify.com.
Currently it's an A record, which is 208.80.154.224.

You need to change this to a CNAME not an A record. So CNAME for store to c.ssl.shopify.com. 

Once you've done this we can enable it properly on our end.

Change 204629 merged by Dzahn:
shop/store: set CNAME for store c.ssl.shopify.com

https://gerrit.wikimedia.org/r/204629

Dzahn added a comment.EditedApr 16 2015, 9:14 PM

We have made the switch above per instructions from shopify. I have mailed Effie so that they can properly enable it on their end now.

http://store.wikimedia.org/

The existing http://shop.wikimedia.org is untouched.

JohnLewis removed JohnLewis as the assignee of this task.Apr 17 2015, 1:25 PM

@vshchepakina It works for me now! Check out http://store.wikimedia.org/ it is not a redirect anymore but i can see the shop, yay. The old URL also still works. Should we redirect from the old to the new URL already?

@Dzahn yay!! Thank you so much everyone for making it happen!!!! I really appreciate all of your help!!!!!

What's left to do here? Does @Dzahn's comment need to be answered first?

@vshchepakina, both URLs work now. neither is a redirect to the other.
Dzahn wanted to know about what to do with the old URL. can we redirect it
already or is there some reason to wait?

@jeremyb or we can just leave it as it is and call it resolved? hmm not sure

@Dzahn @Krenair @jeremyb sorry about that! Yes, could the old URL be redirected to the new http://store.wikimedia.org/ please?

actually shopify said not to change the CNAME for the old shop URL. to make it a redirect we would have to. i'm inclined to not do them and call it resolved for now, realizing that tickets can be reopened if needed. ok?

Change 204810 had a related patch set uploaded (by Dzahn):
shop/store: switch old URL to cluster for redirect

https://gerrit.wikimedia.org/r/204810

@Dzahn @Krenair @jeremyb sorry about that! Yes, could the old URL be redirected to the new http://store.wikimedia.org/ please?

ok, i'm uploading 2 patches for that, one DNS change and one Apache change.

They are waiting in code review now and need Apache deployment. Robh said to put it on the Deployment Calendar and we should probably not do it on a Friday unless emergency.

This comment was removed by Dzahn.
lcawte removed a subscriber: lcawte.Apr 18 2015, 7:20 PM

@Dzahn I am doing the store announcement tomorrow and I was hoping to have a proper URL by now. Is there any chance it can be done by tomorrow?

@vshchepakina

yes, it is on the deployment calendar for today now. in a 14:00–15:00 PDT slot.

https://wikitech.wikimedia.org/wiki/Deployments#Monday.2C.C2.A0April.C2.A020

i'll update after that

Change 204558 merged by Dzahn:
remove dropped shop/store redirects

https://gerrit.wikimedia.org/r/204558

Change 204559 merged by Dzahn:
shop/store: switch redirects to store.wikimedia

https://gerrit.wikimedia.org/r/204559

[tin:~] $ apache-fast-test T92438 mw1022
testing 7 urls on 1 servers, totalling 7 requests
spawning threads..


http://shop.wikimedia.org
 * 301 Moved Permanently http://store.wikimedia.org/
http://shop.wikipedia.org
 * 301 Moved Permanently http://store.wikimedia.org/
http://store.wikimedia.org
 * 200 OK 6136

deploying, tagged puppet run on appservers is now changing the config across all appservers

Change 204810 merged by Dzahn:
shop/store: switch old URL to cluster for redirect

https://gerrit.wikimedia.org/r/204810

 curl -vvv http://shop.wikimedia.org

<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://store.wikimedia.org/">here</a>.</p>

@vshchepakina it's done. we made the switch for the redirect. it might be cached in some places but soon the redirect should work. i tested it on a server and locally on my laptop.

Dzahn closed this task as Resolved.Apr 20 2015, 10:21 PM

works for me now. you may have to restart your browser to see it.

@Dzahn there is a domain problem!!! Go to the store, add items to the cart, click checkout and it redirects you to the main page. What is going on?!:(((

Hey @vshchepakina! I just added items and clicked checkout, and it's taking me to a checkout.shopify.com URL.

@Dzahn shop.wikimedia.org just kept pulling the website back to that url so I had to delete it.

what does "had to delete it" mean?

@jeremyb We deleted the url (shop.wikimedia.org) that was redirecting the cart page back to itself. It was creating a loop.

Who deleted it from where? your web browser?

Were you able to replicate this behavior on multiple devices?

We deleted it from the Shopify admin. And yes, I can replicate this behavior on multiple devices.

jeremyb added a comment.EditedApr 21 2015, 4:42 AM

ok, and now everything's good?

Oh! So this was a setting in the shop admin ui, right? I did not make any changes there, i only focused on the redirect on our servers. I assumed that the necessary shop config changes were made by shopify when they said to switch DNS over "any time".

Is everything ok now?

Everything is ok! The store is up and running!

Dzahn changed the task status from Resolved to Declined.Apr 21 2015, 5:10 PM

Great! Happy we can call it resolved then in time.

jeremyb changed the task status from Declined to Resolved.Apr 21 2015, 5:19 PM

This is not declined. :)

That was a mistake, i did not mean to change it to declined. Thanks for fixing it.

Restricted Application added a project: Traffic. · View Herald TranscriptJun 7 2017, 6:53 PM