[EdLeake]

Just to keep people in the loop, if you've been noticing any performance issues of late it's likely a result of the recent attacks. Fortunately we're hosted on a fast server and it handled the heavy load very well.

There's been a constant stream of around 100-120 concurrent connections to the admin interface trying to 'brute force' attack, essentially using a computer algorithm to 'guess' the password.

The attacking network has been identified, it was routing through a compromised IIS server in London. It was also proxied through another server/node in the Netherlands and we've traced it to the root. We've taken steps to not only block but also counter this action using a third party network.

As of a few hours ago the attacks have stopped. Therefore performance should be back to normal.

If anyone notices anything odd, or any out of place changes, please post in here or PM me.

[Vintyd]

Good job will let you know if I notice anything odd

[Kaz_219]

I kept getting the error page over the last few days but it's not happened yet. I'll let you know if it stays away

[Sailor]

Nice, prompt action, Ed.

This post has been edited by Sailor: 02 July 2013 - 11:10 PM

[carl6r4]

Excellent work /> but I have also been getting the error loading page quite a lot. I'll let you know if it continues happening mate />

Edited: error page when posting this

This post has been edited by carl6r4: 03 July 2013 - 01:09 AM

[simonhonda]

Hack attempts? Admit it ED you was playing PAC MAN />

[rustybullets]

Hi Ed,
Still seem to be getting the error loading page about as often as before.
90% of the use from laptop, but do get it on the phone aswell.
But don't have tapatalk, and tend to use full browser on phone anyway. />

[EdLeake]

I just checked the logs and the tapatalk 'bits' are still present in the database.

From what I can tell its trying to write to a table that doesn't exist and is causing errors. Further investigation required then!

[Kozy]

EdLeake, on 02 July 2013 - 08:54 PM, said:

As of a few hours ago the attacks have stopped. Therefore performance should be back to normal.

[EdLeake]

Sorry, I meant performance not that database error.

Unfortunately there were 2 problems, 1 very much still exists.

I've got a guy working on it because I've run out of ideas - databases are not my forte!

[Kozy]

Sounds like a reet ballache.

[Shiny]

EdLeake, on 03 July 2013 - 09:11 AM, said:

Sorry, I meant performance not that database error.

Unfortunately there were 2 problems, 1 very much still exists. />

I've got a guy working on it because I've run out of ideas - databases are not my forte!

Quite often get the Database Error when submitting a post, this has gone on for a few month though. Is this the problem the chap is also looking at?

Also for some reason a /> occurs next to a smiley each time it is quoted in a reply

This post has been edited by Shiny: 03 July 2013 - 10:26 AM

[EdLeake]

Shiny, on 03 July 2013 - 10:26 AM, said:

EdLeake, on 03 July 2013 - 09:11 AM, said:

Sorry, I meant performance not that database error.

Unfortunately there were 2 problems, 1 very much still exists. />/>

I've got a guy working on it because I've run out of ideas - databases are not my forte!

Quite often get the Database Error when submitting a post, this has gone on for a few month though. Is this the problem the chap is also looking at?

Also for some reason a /> occurs next to a smiley each time it is quoted in a reply />

Yeah that's separate from this thread.

Initially it looked like tapatalk has buggered something and remnants still remain. It's also causing the trailing slash and close bracket on smiley faces.

[rustybullets]

Maybe completely unrelated to this,

but have noticed over the past couple of days, that when you click 'view new content', and then open a thread, it always takes you back to the first post?

It always used to remember the last post where you'd read, and opened the thread up at that point again, but it's not doing it now. />

[EdLeake]

Just tried on pc, ipad and android phone and it works as expected for me?

Are you having that problem on one particular device? Might be a cookie issue, clear local cache.

[rustybullets]

Noticed it at work, and same again at home. />

One is vista, one's xp, both using mozilla.


Scrub that!!
Cleared the cache and it's working again!! />

This post has been edited by rustybullets: 03 July 2013 - 05:57 PM

[bails]

Mine has started taking me back to post number 1 today too

[Kozy]

What are the hackers hoping to gain? Don't really understand it...

[simonhonda]

Kozy, on 03 July 2013 - 08:56 PM, said:

What are the hackers hoping to gain? Don't really understand it...

Free access to our problems section

[EdLeake]

Kozy, on 03 July 2013 - 08:56 PM, said:

What are the hackers hoping to gain? Don't really understand it...

Forum takedown and takeover.

Switch the forum off, **** it up, steal member information (email addresses) and leave it in a mess for someone to fix!

A lot of hackers just do it for 'fun'.

We looked at a number of hacking blogs posting about how to compromise this forum software and worked a few fixes in to counter these methods. Amazes me that this information is so brazen and openly available. It's theft, it's vandalism and it's against the law.