[Canadaka]

Scanning access logs, I found the IP of the most recent hacker 212.133.223.33, banning it.

[DrCaleb]

Scape Scape:

DrCaleb DrCaleb:

I just hate wasting 20 years of data.

I get that but even Pharmanet goes only 6 months/1 year before it archives. I am not saying we need to pull the plug on the site outright but the day to day functions are compromised and a reason for that is the site is not being kept up to date.

The code is compromised, the data is not. CKA is already virtualized in the cloud, which is half the battle. I've done this process a few times. Spin up a new web server and DB server (Linux!!) and take last nights backup and restore them to the new DB server. Point the old Web server at the new DB server, delete the vulnerable server. That's one vector taken care of - SQL injection and poisoning.

Get a new package for the front end, and put it on the web server. I suggest Mastadon, because it it open source and far more secure than phpBB. Mastadon also gives access to other Mastadon servers by authenticating against one server, and without sharing information between them. It allows a wider, secure experience. There is also more than just CKA that needs to be transitioned. Trev has more than one site on this server.

Then it's a matter of customizing the web server to meet needs. This would move the data, while dumping the poisoned code. There is of course, a lot more to the process, but this is the basic algorithm I've used for other sites. Trimming down data and old user accounts can of course be part of the process, but they don't have to affect moving to a more secure and robust set up.

[DrCaleb]

Canadaka Canadaka:

Scanning access logs, I found the IP of the most recent hacker 212.133.223.33, banning it.

Turkey.

[Strutz]

Canadaka Canadaka:

I got the site back working. Sorry I was on vacation in New Zealand and missed some messages.

New Zealand! I'm betting you had an awesome time.


Nice to see this site back up and running. For how long this time we shall see.

[herbie]

DrCaleb DrCaleb:

Scape Scape:

DrCaleb DrCaleb:

I just hate wasting 20 years of data.

I get that but even Pharmanet goes only 6 months/1 year before it archives. I am not saying we need to pull the plug on the site outright but the day to day functions are compromised and a reason for that is the site is not being kept up to date.

The code is compromised, the data is not. CKA is already virtualized in the cloud, which is half the battle. I've done this process a few times. Spin up a new web server and DB server (Linux!!) and take last nights backup and restore them to the new DB server. Point the old Web server at the new DB server, delete the vulnerable server. That's one vector taken care of - SQL injection and poisoning.

Get a new package for the front end, and put it on the web server. I suggest Mastadon, because it it open source and far more secure than phpBB. Mastadon also gives access to other Mastadon servers by authenticating against one server, and without sharing information between them. It allows a wider, secure experience. There is also more than just CKA that needs to be transitioned. Trev has more than one site on this server.

Then it's a matter of customizing the web server to meet needs. This would move the data, while dumping the poisoned code. There is of course, a lot more to the process, but this is the basic algorithm I've used for other sites. Trimming down data and old user accounts can of course be part of the process, but they don't have to affect moving to a more secure and robust set up.

Why I gave up running my own serverbank...take my money GoDaddy, let me earn it from people who can't find their Windows start button...

[DrCaleb]

You aren't wrong. But Shopify is a better investment.

[herbie]

Yes. Shop online.
They delivered my new anvil, overnight from China for free to my cabin up the logging road from Bunghole BC.
And it was only $3.99

I miss those calls at work "What's wrong with your internet now?" from people sitting in the dark because the power's out for the last 6 hours....

[DrCaleb]

Or the guy who says 'Did you get my email that email wasn't working'?

[herbie]

You made me feel better.
I thought it was just my town full of idiots.
They're everywhere

The Triumph of the Ignoroids

[Strutz]

Things are still fucked up on this site. Look at the hits on the home page for news articles even yesterday.

[DrCaleb]

Little DDOS yesterday, and this morning. Keeps things fresh.

[Strutz]

DrCaleb DrCaleb:

Little DDOS yesterday, and this morning. Keeps things fresh.

Why would anyone bother attacking this site? It's not like it's a goods or services site that would have an effect on customers and personal information.

[DrCaleb]

Strutz Strutz:

DrCaleb DrCaleb:

Little DDOS yesterday, and this morning. Keeps things fresh.

Why would anyone bother attacking this site? It's not like it's a goods or services site that would have an effect on customers and personal information.

Shits and giggles. They stopped someone from doing something.

Irrelevant that it wasn't anything important anyhow.

[Strutz]

DrCaleb DrCaleb:

Strutz Strutz:

DrCaleb DrCaleb:

Little DDOS yesterday, and this morning. Keeps things fresh.

Why would anyone bother attacking this site? It's not like it's a goods or services site that would have an effect on customers and personal information.

Shits and giggles. They stopped someone from doing something.

Irrelevant that it wasn't anything important anyhow.

Awwwww... and they don't even get a ribbon or medal for it...

[herbie]

Because most of us haven't drank the Kool-Aid?
Pretty diverse political views, many of us remain 'traditional' conservatives who believe fiscal responsibility and slow steady progress rather than 'wokeism' and marching backwards are the actual political issues.