Scape Scape:
DrCaleb DrCaleb:
I just hate wasting 20 years of data.
I get that but even Pharmanet goes only 6 months/1 year before it archives. I am not saying we need to pull the plug on the site outright but the day to day functions are compromised and a reason for that is the site is not being kept up to date.
The code is compromised, the data is not. CKA is already virtualized in the cloud, which is half the battle. I've done this process a few times. Spin up a new web server and DB server (Linux!!) and take last nights backup and restore them to the new DB server. Point the old Web server at the new DB server, delete the vulnerable server. That's one vector taken care of - SQL injection and poisoning.
Get a new package for the front end, and put it on the web server. I suggest Mastadon, because it it open source and far more secure than phpBB. Mastadon also gives access to other Mastadon servers by authenticating against one server, and without sharing information between them. It allows a wider, secure experience. There is also more than just CKA that needs to be transitioned. Trev has more than one site on this server.
Then it's a matter of customizing the web server to meet needs. This would move the data, while dumping the poisoned code. There is of course, a lot more to the process, but this is the basic algorithm I've used for other sites. Trimming down data and old user accounts can of course be part of the process, but they don't have to affect moving to a more secure and robust set up.