Site Problems?

Old 97

Old 97

Team Owner
Joined
Apr 24, 2016
Messages
1,269
Points
343
Was it just me or was the site down for a bit again?
I just got the jitters thinking I might have to get a life again for awhile!
 
Yep, server is/was getting attacked. The outage for the last few hours was us trying to clean up the mess.. I'm not sure if it's still getting attacked or if the current slowness is just a result of me cleaning out a bunch of temp files.
 
fury said:
Yep, server is/was getting attacked. The outage for the last few hours was us trying to clean up the mess.. I'm not sure if it's still getting attacked or if the current slowness is just a result of me cleaning out a bunch of temp files.
Click to expand...

Those *****. My heart skipped a beat.
 
fury said:
Mine did too. Server started doing weird stuff like it did that morning a couple months ago when the database drive died...I started wibbling
Click to expand...

That's the first thing I thought when I saw the familiar bad gateway message.. "Damn Fury is gonna be devastated."
 
I need to figure out why a bunch of empty PHP session files are getting created in /tmp... 0-byte session files are surely completely useless o_O
 
fury said:
Yep, server is/was getting attacked. The outage for the last few hours was us trying to clean up the mess.. I'm not sure if it's still getting attacked or if the current slowness is just a result of me cleaning out a bunch of temp files.
Click to expand...
Im interested in learning who you pissed off enough to have them attempt a denial of service attack on a lowly racing forum.
 
DanicaFreak said:
hackers do DDOS attacks for the fun of it on many sites.
Click to expand...
When a few other guys & myself managed some gaming forums where online war was a high possibility, forum trashing & closings were expected. 3rd party attacks were abnormal unless we unknowingly pissed of an ally of an enemy, etc...

Here, I dont see that being realistic.
 
fury said:
It's not someone directly attacking Racing Forums, they're attacking one of the other sites on the server and everyone else suffers as well.
Click to expand...
Unfortunate

How secure are your servers? It may be a little concerning for members here if they use a legit email address for a log in or a repetitive password & the site is indirectly under threat of breach.

Correct me if Im wrong
 
ChexOrWrex said:
Unfortunate

How secure are your servers? It may be a little concerning for members here if they use a legit email address for a log in or a repetitive password & the site is indirectly under threat of breach.

Correct me if Im wrong
Click to expand...
The type of threat the server is/was under (I think the threat has subsided for now, but I'm often wrong) does not indicate an attempt to break their way in to get databases and whatnot, they're just mad at being banned from a game and they're expressing their frustration the only way script kiddies know how, "wah, I can't play, so I'm going to try to take the thing down". If they were wanting to break in to get databases and whatnot, then they'd probably be trying to be more sneaky about it.

The server is regularly auto-updated and rebooted to ensure security vulnerabilities are closed ASAP. Various services on the server are protected by fail2ban, which blocks people that it detects are attempting to brute-force logins (and is great fun when somebody forgets their password to log into the server). There is no access to the database server through the internet. And XenForo uses a salted SHA256 hash for passwords. So, it's about the best we know how to secure it at the moment. If you have any more tips, I'm all ears :beerbang:

However, I would point out that if anyone is using the same password at this site as they are at any other, they should probably change that password, regardless of any security measures in place on this server.

I highly recommend LastPass as a password manager, it helps keep track of all your passwords, generate secure new ones, check to see whether any of your emails are in compromised databases, and remind you to change your passwords if they are the same. Free, or $12/year for premium. Premium gets you syncing across browser and mobile.

Also, any email accounts should be protected by 2-factor authentication where possible. Gmail has pretty good 2-factor authentication. You can have an authenticator app on your phone display a code, or have a code sent to your cell via text message, and you have to have that code when you log in (not just your password, but this random one-time code). That secures your email account much better than just a password.

After having had 2 of my email accounts raped and pillaged all for the sake of stealing my Twitter handle and selling it to someone for like $75, I had to get much better at protecting my stuff than just having good passwords...
 
fury said:
The type of threat the server is/was under (I think the threat has subsided for now, but I'm often wrong) does not indicate an attempt to break their way in to get databases and whatnot, they're just mad at being banned from a game and they're expressing their frustration the only way script kiddies know how, "wah, I can't play, so I'm going to try to take the thing down". If they were wanting to break in to get databases and whatnot, then they'd probably be trying to be more sneaky about it.

The server is regularly auto-updated and rebooted to ensure security vulnerabilities are closed ASAP. Various services on the server are protected by fail2ban, which blocks people that it detects are attempting to brute-force logins (and is great fun when somebody forgets their password to log into the server). There is no access to the database server through the internet. And XenForo uses a salted SHA256 hash for passwords. So, it's about the best we know how to secure it at the moment. If you have any more tips, I'm all ears :beerbang:

However, I would point out that if anyone is using the same password at this site as they are at any other, they should probably change that password, regardless of any security measures in place on this server.

I highly recommend LastPass as a password manager, it helps keep track of all your passwords, generate secure new ones, check to see whether any of your emails are in compromised databases, and remind you to change your passwords if they are the same. Free, or $12/year for premium. Premium gets you syncing across browser and mobile.

Also, any email accounts should be protected by 2-factor authentication where possible. Gmail has pretty good 2-factor authentication. You can have an authenticator app on your phone display a code, or have a code sent to your cell via text message, and you have to have that code when you log in (not just your password, but this random one-time code). That secures your email account much better than just a password.

After having had 2 of my email accounts raped and pillaged all for the sake of stealing my Twitter handle and selling it to someone for like $75, I had to get much better at protecting my stuff than just having good passwords...
Click to expand...

As a tech geek (low level) I enjoy reading furys posts. Keep up the good fight
 
fury said:
The type of threat the server is/was under (I think the threat has subsided for now, but I'm often wrong) does not indicate an attempt to break their way in to get databases and whatnot, they're just mad at being banned from a game and they're expressing their frustration the only way script kiddies know how, "wah, I can't play, so I'm going to try to take the thing down". If they were wanting to break in to get databases and whatnot, then they'd probably be trying to be more sneaky about it.

The server is regularly auto-updated and rebooted to ensure security vulnerabilities are closed ASAP. Various services on the server are protected by fail2ban, which blocks people that it detects are attempting to brute-force logins (and is great fun when somebody forgets their password to log into the server). There is no access to the database server through the internet. And XenForo uses a salted SHA256 hash for passwords. So, it's about the best we know how to secure it at the moment. If you have any more tips, I'm all ears :beerbang:

However, I would point out that if anyone is using the same password at this site as they are at any other, they should probably change that password, regardless of any security measures in place on this server.

I highly recommend LastPass as a password manager, it helps keep track of all your passwords, generate secure new ones, check to see whether any of your emails are in compromised databases, and remind you to change your passwords if they are the same. Free, or $12/year for premium. Premium gets you syncing across browser and mobile.

Also, any email accounts should be protected by 2-factor authentication where possible. Gmail has pretty good 2-factor authentication. You can have an authenticator app on your phone display a code, or have a code sent to your cell via text message, and you have to have that code when you log in (not just your password, but this random one-time code). That secures your email account much better than just a password.

After having had 2 of my email accounts raped and pillaged all for the sake of stealing my Twitter handle and selling it to someone for like $75, I had to get much better at protecting my stuff than just having good passwords...
Click to expand...
Good read, thanks
 
fury said:
There is no access to the database server through the internet.
Click to expand...
And by that I mean you can't directly access it through the internet--none of the database users have internet permissions, only local permissions. Of course, if you get in via SSH, you can access the database locally (as if you were physically logged into the computer with a keyboard, mouse, and monitor). So, again, fail2ban comes to the rescue there and stops people from trying to brute force. And I can review failed login attempts and stuff to see if anyone in particular is getting targeted. Right now, from the looks of it, it's limited to the usual scattershot attempts to bruteforce the logins for root, and various other random usernames that don't exist. This is stuff that every server on the internet has to deal with and is not something specific to ours. Fun fact: you can't even log in as root directly on this server--you have to get in as one of the admin-type users first and then put on your super suit. So I laugh at their pitiful attempts to brute force their way into root.
 
ChexOrWrex said:
Im interested in learning who you pissed off enough to have them attempt a denial of service attack on a lowly racing forum.
Click to expand...

I don't think this place is the only forum under attack. another race forum I frequent has also been returning "database error" messages.

don't expect it to be a racing type forums related issue. but those are pretty much the only forums I spend time at.

fury: don't understand how this software/servers/computers/hackers work. but am glad you do. just wish there was a way to "delete" those who think taking out websites, and the hard work and money that they take, is a game.
 
You must log in or register to reply here.
Back
Top Bottom