Results 1 to 22 of 22

Thread: Downtime drama last week, registration problems, missing Contact Us link

  1. #1
    Ex-admin Korn's Avatar
    Join Date
    Apr 2004
    Location
    Europe
    Posts
    4,826

    Default Downtime drama last week, registration problems, missing Contact Us link

    Hi all,
    you probably noticed that the forum was hacked last week. Many other forums were hacked by the same people too. The hackers had been able to not only "hack" the forum front page, and place some text and images about the situation in Syria there, but also created a number of admin accounts. I asked the server people to replace the contents of the forum with an one day old back-up, but since that took some time, I managed to remove the stuff they had put on the front page and remove the fake admin accounts (which they most likely hadn't ben able to do anything with. I also installed a so called 'patch'; that is - I replaced some files in the forum software with some newer files which should increase the security level. Then I had to leave for some work.

    When I came back the site was hacked again! Or - so I thought. But what happened was that the server company had finally replaced what I had done with a backup which was so fresh that it contained the "hack" (the text/images about the situation in Syria) and the fake admin accounts. In addition all this had generated some database errors. And that's only half the story...

    The problems seem to have been solved, the database errors are gone, and I apologise for having the forum closed while some of this happened. I just didn't want to risk more problems. The main downside to all this (except that such stuff takes time) is that the server company replaced the forum with a several days old backup, meaning that circa three days of posts have disappeared. I've asked them to do something with the situation, but it seems that they aren't going to do it. Likewise, some members who had registered and was waiting for having their account approved have been deleted - please just re-register.

    The hackers were online only for a few minutes, so I don't think there's more damage done than what we've seen already. But please let me know if you come across anything suspicious or unexpected when using the forum!
    I will not eat anything that walks, swims, flies, runs, skips, hops or crawls.

  2. #2
    Bad Buddhist Clueless Git's Avatar
    Join Date
    Sep 2010
    Location
    Milton Keynes
    Posts
    1,089

    Default Re: Downtime drama last week

    Yeah, I saw that - Thought you'd gone all political and joined Al-Queda or something Korn
    All done in the best possible taste ...

  3. #3
    Pea-utiful... Peabrain's Avatar
    Join Date
    Dec 2012
    Location
    UK
    Posts
    358

    Default Re: Downtime drama last week

    Thanks Korn, for being so quick and thorough in your dealings with it. Big respect!

  4. #4
    Abe Froman Risker's Avatar
    Join Date
    Sep 2005
    Location
    Winchester, England
    Posts
    3,265

    Default Re: Downtime drama last week

    Hacking is not a good method of campaigning.
    "I don't want to live on this planet any more" - Professor Hubert J. Farnsworth

  5. #5
    Cacique's Avatar
    Join Date
    Mar 2012
    Location
    Florida
    Posts
    146

    Default Re: Downtime drama last week

    Yeah, my girlfriend and I saw it and said the same thing. Not winning themselves any points.

  6. #6
    Ex-admin Korn's Avatar
    Join Date
    Apr 2004
    Location
    Europe
    Posts
    4,826

    Default Re: Downtime drama last week, registration problems, missing Contact Us link

    I'm still looking into some issues we have, and have discovered that it has not been possible to us the Contact US for non-registered members for a couple of weeks or so. I also found that one of the 3rd part products we use resulted in two links at the bottom of the page to a web hosting company.

    I also wonder if many of you have had database error messages while using the forum... anyone?

    The Contact Us link should be visible for all visitors now, please use it if you are not a member and want to report problems with the registration process (or something else). Thanks.
    I will not eat anything that walks, swims, flies, runs, skips, hops or crawls.

  7. #7

    Join Date
    Oct 2010
    Location
    Petaling Jaya, Malaysia
    Posts
    772

    Default Re: Downtime drama last week, registration problems, missing Contact Us link

    I am now finally able to read this thread. Before, I always got a blank page. So far, so good.
    The bad is that, when I try to open the forum from my company intranet, I get the message "Blocked by Surf Protection. Malicious Websites not allowed".

    And when I use the link http://www.veganforum.com/forums/ ("Recent activity" or so, was one of the most practical searches on the forum before), I now get an off-site link. Last week I still got the hacked page.

    :-(

    Hope that helps.

    Regards,
    Andy

  8. #8
    Ex-admin Korn's Avatar
    Join Date
    Apr 2004
    Location
    Europe
    Posts
    4,826

    Default Re: Downtime drama last week, registration problems, missing Contact Us link

    I now get an off-site link
    Loads of forums have been hacked over the last weeks, and there's more cleaning up to de done on our site as well. But which off-site link do you get?
    Any others with the same or similar problems?
    I will not eat anything that walks, swims, flies, runs, skips, hops or crawls.

  9. #9
    Pea-utiful... Peabrain's Avatar
    Join Date
    Dec 2012
    Location
    UK
    Posts
    358

    Default Re: Downtime drama last week, registration problems, missing Contact Us link

    One particular post will not allow me to reply to it (http://www.veganforum.com/forums/sho...829#post722829), maybe there's more but I haven't been posting much anyway.

    May I say again, thank you Korn for being so wonderful with dealing with this whole debacle.

  10. #10
    Ex-admin Korn's Avatar
    Join Date
    Apr 2004
    Location
    Europe
    Posts
    4,826

    Default Re: Downtime drama last week, registration problems, missing Contact Us link

    Thanks, Peabrain.
    If others have problems posting in the same thread, please let me now (eg. in this thread or in a private message).
    I will not eat anything that walks, swims, flies, runs, skips, hops or crawls.

  11. #11
    Abe Froman Risker's Avatar
    Join Date
    Sep 2005
    Location
    Winchester, England
    Posts
    3,265

    Default Re: Downtime drama last week, registration problems, missing Contact Us link

    Works ok for me
    "I don't want to live on this planet any more" - Professor Hubert J. Farnsworth

  12. #12
    baffled harpy's Avatar
    Join Date
    Apr 2004
    Location
    UK
    Posts
    6,655

    Default Re: Downtime drama last week, registration problems, missing Contact Us link

    Yesterday McAfee Site Advisor was saying this site was unsafe - haven't tried via PC today though

  13. #13
    Ex-admin Korn's Avatar
    Join Date
    Apr 2004
    Location
    Europe
    Posts
    4,826

    Default Re: Downtime drama last week, registration problems, missing Contact Us link

    Don't be surprised if the forum will be closed for some days in order to look closer at the side effects of what the hackers did not long ago...
    I will not eat anything that walks, swims, flies, runs, skips, hops or crawls.

  14. #14

    Join Date
    Oct 2010
    Location
    Petaling Jaya, Malaysia
    Posts
    772

    Default Re: Downtime drama last week, registration problems, missing Contact Us link

    Quote Korn View Post
    But which off-site link do you get?
    Hi Korn, I just got:
    ************************************************** (<---- removed by Korn for security reasons. Thanks for posting the link, Andy!)

    Regards,
    Andy

  15. #15
    Ex-admin Korn's Avatar
    Join Date
    Apr 2004
    Location
    Europe
    Posts
    4,826

    Default Re: Downtime drama last week, registration problems, missing Contact Us link

    Thanks. I have now found out why you get that link; it's a side effect of the forum having been hacked last month. For security reasons, I'll remove your the link from your previous post... stay tuned. I'll most likely just close the forum for a short period while sorting out the remaining problems we have.
    I will not eat anything that walks, swims, flies, runs, skips, hops or crawls.

  16. #16
    Ex-admin Korn's Avatar
    Join Date
    Apr 2004
    Location
    Europe
    Posts
    4,826

    Default Re: Downtime drama last week, registration problems, missing Contact Us link

    Update: the software has been updated, some files have ben removed, and two out of the three sites I used to check if our site is declared "safe" said that it's OK; but there's still some work to do. The main thing the hackers are the donation system, in that I can't edit the settings there. I removed all donation options whenI discovered that.

    So - please stay tuned. When the vBulletin company (those who make the software) says that we have fixed the problems we've had, I'll let you know in this thread.If you come across anything which appears suspicious - please let me know in a PM here or in an email to korn@v.... (etc). . My suggestion is that you don't post any new messages until I have posted in this thread that the side effects of the hacker attacks has been solved.

    Sorry for the inconvenience and thanks for the patience.
    I will not eat anything that walks, swims, flies, runs, skips, hops or crawls.

  17. #17
    Pea-utiful... Peabrain's Avatar
    Join Date
    Dec 2012
    Location
    UK
    Posts
    358

    Default Re: Downtime drama last week, registration problems, missing Contact Us link

    Korn, you are wonderful and I think I can speak for all of us in sharing the deepest gratitude for putting in all this work! You rock!

  18. #18
    Ex-admin Korn's Avatar
    Join Date
    Apr 2004
    Location
    Europe
    Posts
    4,826

    Default Re: Downtime drama last week, registration problems, missing Contact Us link

    Thanks, but honestly, I wish I was a lot wonderful-ler when it comes to dealing with hackers.

    Here's an overview of what should be done after a hacker attack...
    http://vbtechsupport.com/2355/
    ....a little while ago (after after veganforum and many other forums were hacked last month). In short: it's a lot of work, and some of it is definitely beyond my knowledge.
    I will not eat anything that walks, swims, flies, runs, skips, hops or crawls.

  19. #19
    Ex-admin Korn's Avatar
    Join Date
    Apr 2004
    Location
    Europe
    Posts
    4,826

    Default Re: Downtime drama last week, registration problems, missing Contact Us link

    Update: most sites which check other sites for malicious code now list our forum as safe. McAfee Site Advisor seems to an/the exception. The hackers had installed their hack as a plugin... I have now removed the elements of that plugin one by one, and from what I can see, the problems I had encountered in the admin control panel are now gone. But don't trust that everything is OK quite yet! There could be more problems, and it seems quite clear what the hackers wanted to achieve... more about that soon.
    I will not eat anything that walks, swims, flies, runs, skips, hops or crawls.

  20. #20

    Default Re: Downtime drama last week, registration problems, missing Contact Us link

    Hi Korn,

    Wow! Well done on figuring it all out and thank you! I haven't had any problems but will keep my eyes open and let ya know, thanks again : )

  21. #21
    Ex-admin Korn's Avatar
    Join Date
    Apr 2004
    Location
    Europe
    Posts
    4,826

    Default Re: Downtime drama last week, registration problems, missing Contact Us link

    Again, I don't know if there could be more problems after the hacking episode. Except that McAfee's site advisor still says that "When we visited this site, we found it exhibited one or more risky behaviors", I'm not aware of any problems users of this forum may get, so please - if you have any problems - please let me know eg. in an email using the Contact Use link at the bottom of this page or just email me at korn@ve... etc. Maybe McAfee wants to feel safe for a number of says before they declare the site safe again - I'll look into that.


    It's interesting that while hackers had left links to both Egypt and Syria, the only thing they really seem to have wanted to damage is our donation system. I have now removed to annual donations with auto-renewal, meaning that all the "paid subscriptions" set up to this forum now are deactivated (and I can't deactivate them again). Not that I think that someone would hack a veganforum to try to get into our donation system, because pretty much every other site on internet one potentially could hack into would be a lot more profitable - but at least "Team Hacker Egypt", "C99madShell" and the third name which I can't remember the name of right now and even fewer reasons than before to try to attack the forum again.

    Since registration has been disabled (and will be disabled for a while) and donations are stopped, the hackers - if they for some reasons are against people going vegan - have had a small victory. But if they think the forum will shut down as a result of their behaviour, they are wrong.
    I will not eat anything that walks, swims, flies, runs, skips, hops or crawls.

  22. #22

    Default Re: Downtime drama last week, registration problems, missing Contact Us link

    Quote Korn View Post
    if they think the forum will shut down as a result of their behaviour, they are wrong.
    : )

Similar Threads

  1. Forum downtime
    By Korn in forum Forum info
    Replies: 0
    Last Post: Jan 19th, 2012, 01:12 PM
  2. Replies: 10
    Last Post: Apr 6th, 2009, 06:42 PM
  3. Replies: 1
    Last Post: Apr 22nd, 2004, 06:00 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •