Odds and Ends: Site updates, opportunities, and more!
- Updates! -
The vacay is over and it's time to get back to work!
You didn't even know I took a vacay? Well, good. You shouldn't have to plan those things. When you need a break, you need a break. You don't have to ask anyone permission for that when you're an adult. It's one of the best benefits.
I had time to decompress, work on some projects that I've been neglecting, and get some R&R time. It's been nice.
Anywho, I'm re-energized and ready to roll and I hope you are too!
Did an interesting Twitter poll on what model of magick people prefer. What's yours?
A word about site security, what we do with your information, and other stuff.
Word on the street is that our website isn't very secure. The truth of the matter is very different, however. Let me, a professional web designer/developer, break down how our site protects you and your information.
First, we don't sell any of your information to anyone. It stays within a closed system that we control. The only analytics run are self-contained and platform based, within our system, and are not shared with anyone else. Your information goes to us, and that's it. If you want to purge your information for any reason, simply let us know and we'll erase it within 72-hours.
Second, we take site security seriously, with CDN protection, DDOS protection, and the use of SSL encryption. We regularly update our platform, and it's backed up hourly.
Here are just a few security features we employ within the site itself and the server on which it runs:
- Standardised permissions
Our platform does not run as
rootand autoconfigures all server directory permissions correctly according to OWASP Standards. The number of people that can access admin level privileges is tiny, and they are all vetted before we give them access.
- Brute force protection
User login attempts and password reset requests are all limited to 5 per hour per IP.
- Data validation and serialisation
Our platform performs strong serialisation and validation on all data that goes into the database, as well as automated symlink protection on all uploaded files.
- Encoded tokens everywhere
All user invitation and password reset tokens are base64 encoded with server-side secret. All tokens are always single use and always expire.
- Password hashing
Our platform follows OWASP authentication standards with all passwords hashed and salted properly using
bcryptto ensure password integrity.
- SQLi prevention
Our platform uses Bookshelf ORM + Knex query builder and does not generate any of its own raw SQL queries. Our platform has no interpolation of variables directly to SQL strings.
- XSS prevention
Our platform uses safe/escaped strings everywhere, including and especially in all custom theme templates.
As you can see, I take website security seriously, especially since, you know, I did it professionally for several years and still do.
If you're concerned about more magickal or esoteric things, yes, that was taken care of the moment I purchased the domain itself. We have a great encryption system in place there as well.
Ultimately, it's safe to say you're safe on our site. Anyone who wanted to break it open would have to do a LOT of expert work to get it done. We're not saying it's impossible, but it definitely wouldn't be a walk in the park.
Our one-year anniversary is coming up soon, and we'll be celebrating with a few special events on our Discord on October 29th!
We're going to hang out, chat with one another, and have some fun with some live music if everything goes as planned.
Here's a hint at who will be there:
More to come!
The ∞ Mysteries Deluxe Divination set is almost ready to go!
I got the prototype today, and it's looking great!
Now, I'm going to fine tune the system and provide a source book to help people with their divination using the set. I estimate this will be ready shortly before Christmas if you're interested in it.
Submissions are always open!
We are always looking for fresh takes on the occult from anyone out there that wants to share. Even though we are chaosmagick.com, we also welcome practitioners from any tradition or system to submit their work for publication.
The unique thing about chaos magick is that we welcome outside opinions on magick as we do not follow a traditional magickal path. CM is not a practice, it's a mindset of doing magick. So, we have a lot of different perspectives and welcome any that want to share theirs.
For the chaote, your perspective and take might be very useful indeed.
You can submit here:
Doctor V's Medicine Show
The podcast we used to do seemed kind of old hat to me. Everyone does a podcast, right? And while that's cool and all if you're doing one, I wanted to start something different. A show focused on the community, within the community, that we've created.
A live show, where people can come and talk to us, get involved with the show itself, and be a part of the action. Something akin to a live radio show, but on our Discord, which gives you multiple tools to make this happen.
That's what Doctor V's Medicine Show is all about. In real time, we interact with our audience. We don't hold back on our opinions. We let everyone have a say.
While I'm testing out this format right now, I hope it's successful and many more might want to try their hand at it on our server. Might be pretty cool to start a co-op style occult talk radio station.
The HYPERSTITIONS Project
We've gotten a few high-profile commitments to this project in the past few weeks, but we also want to encourage lesser-known occult creators to submit to the project.
It's looking like this will shape up to be a really nice project to be a part of and help others get a bit more exposure to their work in the long run.
We really want a diverse selection of work to be displayed with this project. We want creators of all stripes to take part in whatever way they feel the most comfortable. At the end of the 2023, we will release a collected edition of the work that was created for this project, in some really cool ways, and make it available for purchase to the public at large.
During the year, the project will live on the chaosmagick.com website for paid members to enjoy. Check out the submissions page for more information.
How you can help support independent occult publishing, even as a free member!
You may think being a free member in our community means you have nothing to offer us, but that's not true at all! If you'd like to help support our efforts, just share our articles on your favorite social media platform! That's literally all you have to do, and it helps us out immensely.
It's also not that expensive to help monetarily. For only $1.99 USD per month or $14.99 USD per year, you keep this project going. For your money, you get several additional perks that you only get as a paid member. Plus, we're always adding new stuff, too.
Where does your money go? Directly back into the community! We pay for the site, site upgrades, the Discord server, and any applications that are required to do what we do with the money we make off the site.