Add better readme and setting up guide

[imrehg]

Expand the readme with proper setup instructions.

[cybershambles]

Thanks for your support so far.

Looking forward to some more documentation, but I've got most of the functionality working.

I really really want to get the twitter auto reporting working.. so I can run the scan as a crontab on a weekly basis and update the twitter automatically.

I'd like the runjob results to automatically run the generatesummary and push the resulting json to the web folder automatically. Makes the flow easier... thanks

[imrehg]

For twitter the scripts use twython and that was probably the most annoying part to set up, will trace my steps back and that's got to be part of the docs. In the meantime you can mostly check their documentation too, that has everything, and have to add the details to the script.conf in the Twitter section:

[Twitter]
appkey=
appsecret=
token=
tokensecret=

To run the two scripts one after the other, you can just add them into the same command. My crontab is something like this, running the scan at 11pm each day, then if it exited without problem run the gensummary:

0 23 * * * cd /path/to/twbankssl/ ; ./runjobs.py -q && ./generatesummary.py -t -r web/twbankssl.xml > web/ssltest.json ;

I'd take the -t out if twitter is not set up, and can adjust where to output the json, e.g. go directly into a directory accessible by the web server.

[cybershambles]

Thanks for your support so far.

We've got the twitter updates working as shown https://twitter.com/httpswatchau but we seem to be missing the updates for changes in the results.

Are we missing anything?

[imrehg]

Looking at the updates on your feed, my guess would be that the missing changes would all involve a grade 'X' (either improving from X or falling down to X). Since 'X' is the catch-all for errors of the scans too, Twitter updates exclude those changes. Otherwise you might and up with the SSLLabs Test site being down and (in your case) posting 500+ updates to twitter, then another 500+ when the service comes back up...

The relevant section in the code: https://github.com/imrehg/twbankssl/blob/4ad27f765cbf5539757339a3d6b2c44880930835/generatesummary.py#L222-L223

If you don't want this safety measure, just comment out these two lines.

[cybershambles]

SSL Summary on 2015-04-24 -> A: 51 (6%); B: 105 (12%); C: 44 (5%); F: 67 (8%); X: 591 (68%); T: 6 (1%); SSL Summary on 2015-04-27 -> A: 51 (6%); B: 104 (12%); C: 40 (5%); F: 70 (8%); X: 593 (69%); T: 6 (1%)

I just figure it looks like... b:-1 c:-4 f:+3 x:+2

there should be three changes from b/c to f?

[cybershambles]

Agreed. Looking at the code.. https://httpswatch.com.au/easteregg/index.html https://httpswatch.com.au/easteregg/ssltest.json

Looking at those graphs, there is a lot of up and down movement on things Id expect to be flatlining.

"wayback": ["X", "X", "X", "X", "X", "X", "X", "X", "X", "X", "X", "X", "X", "X", "X", "X", "X", "X", "X", "X", "X", "X", "X", "X", "X", "X", "X", "X", "X", "X", "X", "X", "X", "X", "X", "X", "X", "X", "X", "X", "X", "X", "X", "X", "X", "X", "X", "B", "X", "B", "X", "X", "X", "X", "X", "X", "B", "X", "X", "B"],

It looks like some of the scans are failing and returning X's and then returning to the B... hopefully this becomes more stable and we can catch these results changing.