Page 1 of 3 123 LastLast
Results 1 to 20 of 42

Thread: 2012-02-21: Site going offline temporarily later today

  1. #1
    Join Date
    Apr 2002
    Location
    London, UK
    PSN ID
    Hellfire_WZ
    Posts
    3,264

    Default 2012-02-21: Site going offline temporarily later today

    Due to the latest string of attacks on the site, Rob will be taking WipeoutZone offline while the damage is assessed. Traffic will be redirected to the Facebook site while this is in effect.

  2. #2
    Join Date
    Apr 2010
    Location
    Amsterdam, Netherlands
    Timezone
    GMT + 1
    PSN ID
    Javariko
    Posts
    462

    Default

    Well, I'm not sure I like the new lay-out but I'm sure we'll get used to it... as always Nice to see it back online anyways

  3. #3
    Join Date
    Jul 2008
    Location
    paris
    Timezone
    GMT + 1
    PSN ID
    leungbok - BADTEST
    Posts
    2,546

    Default

    Do the main site (vbulletin) secured now ? Or you'll still have to repair the site again and again ?

  4. #4
    Join Date
    Apr 2002
    Location
    London, UK
    PSN ID
    Hellfire_WZ
    Posts
    3,264

    Default

    The boards should have no more issues as it is a new install of vBulletin. Rob's still going over the main site before he puts it back online.

  5. #5
    Join Date
    Feb 2002
    Location
    Scotland
    PSN ID
    infoxicated
    Posts
    5,645

    Default

    I just couldn't trust the code for the main site and I didn't have time to go through it and check the integrity.

    I'll work on it and put it back up when I can be sure it's fixed.

    I'm hoping this new version of the forum software will help fend off those that keep trying to bring it down.

    Should probably have done the update before now, but I've been holding off on it for a while (two and a half years!), so now is as good a time as any.

  6. #6
    Join Date
    Jul 2007
    Location
    Montréal
    Timezone
    GMT -5
    PSN ID
    Darkdrium777
    Posts
    4,553

    Default

    If anything the theme needs higher contrast icons. It feels like everything is the same color right now and I have a hard time distinguishing between what's bumped and what's not.
    Don't know if you were planning on doing something like that, but I'll see on my side as well.

    Also this is somewhat broken.
    Last edited by Darkdrium777; 23rd February 2012 at 08:30 PM.

  7. #7
    Join Date
    Oct 2011
    Location
    Metarie, Lousisana.
    Timezone
    GMT -6
    PSN ID
    I don't have one at this time.
    Posts
    187

    Default

    Even though I've had none of my passwords broken, I changed my forum one and once the site itself is back up, I'm fixing that one too.

  8. #8
    Join Date
    Jul 2007
    Location
    Montréal
    Timezone
    GMT -5
    PSN ID
    Darkdrium777
    Posts
    4,553

    Default

    Here's a quick and dirty color mod to be more like the old VB3.




    Also there's probably a few things you'll want to disable in the image uploader/tag button in the reply box.

  9. #9
    Join Date
    Feb 2002
    Location
    Scotland
    PSN ID
    infoxicated
    Posts
    5,645

    Default

    Yes. Sorry about the colors not being up to standard.

    I was a bit busy migrating and re-indexing 10 years of forum posts! Takes a good six hours of processing time that does - who knew?

    Like I said, I'll get the theme sorted - doing anything "quick and dirty" is counter productive right now. That just means I'll need to do it again at some point and I don't really have time to waste on iterations of improvement. The main site has to be fixed first - then I'll get the theme done at the weekend if I have time.

  10. #10
    Join Date
    Jul 2007
    Location
    Montréal
    Timezone
    GMT -5
    PSN ID
    Darkdrium777
    Posts
    4,553

    Default

    Don't worry, I'm just giving feedback. I'm not expecting anything instantaneous. I understand this is a one man show.
    But here's some idea for what you could do:



    I removed the "What's New" and "Forum" bar and moved the search there because "What's New" is the same as "New Posts" and "Forum" is the same as the little house icon right below and the banner link. Essentially I find that thing is useless lol
    I don't know if what I propose is at all possible though. I mean, changing the background color to black sure is, but reorganizing the search bar location...
    Last edited by Darkdrium777; 23rd February 2012 at 10:52 PM.

  11. #11
    Join Date
    Mar 2002
    Location
    Central Scotland
    PSN ID
    stin_wz
    Posts
    3,777

    Default

    Wow!, this is totally different but I will get used to it. Eventually hopefully everything will be updated by Foxy due to his hardwork.

    However, hopefully that will stave off potienally hackers from our website.

    stevie

  12. #12
    Join Date
    Sep 2009
    Location
    South East England
    PSN ID
    Dark_Phantom_89
    Posts
    1,587

    Default

    Good to see the site back up and running. Great job to all involved.

    I'm still familiarising myself with a lot of the new stuff. I'm very competent with VB Software, but I haven't used Version 4.1.10 before so I'm trying to figure out where everything is. I'm sure I'll get there in time!

  13. #13
    Join Date
    Feb 2002
    Location
    Toulouse, France
    Posts
    541

    Default

    I'm unsure if I prefer the new or the old forum layout since I almost didn't use the WoZ forums for years.

    However, if the hack came from the site hosting, how security is improved by updating the forums ? I mean, if the hacker used the site host to create a forum admin account with the old forums, if he hacks the site host again what prevents him to creating an admin account for the new forums ?

    Anyway, kudos for your hard work on this Rob (as well as to anyone helping) and keep up the good work.

  14. #14
    Join Date
    Feb 2002
    Location
    Scotland
    PSN ID
    infoxicated
    Posts
    5,645

    Default

    Ten years ago you were easier to please!

    The initial hack came from the Dreamhost breach and, as far as I've been able to ascertain, the follow-up hacks came through shell scripts planted during the first hack. I say "hack", but, call me old school, I don't consider planting shell scripts when you have full FTP access particularly "hacky". It's more like they had the keys to the front door temporarily and whilst they were in there they unlocked the back door for future access. Hardly breaking and entering in the true "hacking a Gibson" sense!

    The latest one came, I believe, through a Wordpress installation that I'd failed to update. I always keep my own WP installation up to date, but there's another site I run that hadn't got updated, so my fault really. The knowledge of what was on the same server as WipEoutZone meant that they could get in that way and then go after the site that would cause the most trouble. No sense in ruining a site run for a local voluntary group when you can wreak havoc for a busy online community, eh?

    I wouldn't have minded a bit of a dialogue with the Tim Pernix guy, actually. Not that I believe his motives were particularly altruistic considering all the damage done from him screwing around with the vBulletin database. If it was just defacing the site with the intention of proving just how l33t he was and embarrassing the admin, then whatever floats your boat, but dicking with the database just caused a lot of pain and screwed over the community right as a new game was launching.

    Still, I wouldn't have minded chatting to the guy just to see how the wind was blowing. Assuming everything's locked down now, he and his gang will be off finding new people to cause trouble for and WipEoutZone will be as insignificant to them as it was for the previous 11 years of its existence.

    In the grand scheme of things, one security breach in 11 years isn't exactly a bad record and the fact we appeared to be victimised for a while is not something I take personally. I'm tired from the late nights spent trying to fix it and I have a bitch of a data bill from having to access the site whilst on holiday, but nobody got hurt and we're all still here. It's just another chapter in the history books of the site.

    Updating the forums was something I've been meaning to get around to for two and a half years. We had a version 4 license and had been using version 3 the whole time because I couldn't be bothered with the hassle of the upgrade. When it got to the point where I wanted a completely clean install of the forums there was no sense in having a new install of version 3 again, so there you have it. There are things to fix, but in general it went quite smoothly.

    Security is improved by being on the latest version of the forum, as v3 wasn't being actively improved anyway. It's also more secure by having none of the code for the main site being on the server any longer - it's all been deleted except for assets. I'll put it back once I'm content that it's clean and doesn't allow any cheap entry points for them.

    Somewhat bizarrely this has been quite an educational experience for me as a web developer, so there are a couple of positive take-aways from the whole thing.

  15. #15
    Join Date
    Oct 2006
    Location
    Sydney Australia
    Timezone
    GMT + 10
    PSN ID
    blackwiggle
    Posts
    4,114

    Default

    Some information about Pernix, the rare ultra plus armour of Runscape.
    http://runescape.wikia.com/wiki/Pernix_armour

    One of the Moderators of the Runescape forum is called TIM

    Do the Zone & Runescape use the same facilities?

  16. #16
    Join Date
    Feb 2002
    Location
    Scotland
    PSN ID
    infoxicated
    Posts
    5,645

    Default

    I don't know, but one of the email addresses he used when he set up a forum admin account was admin@clawscape.org

    Same deal, or just a scapegoat?

  17. #17
    Join Date
    Feb 2010
    Location
    Port Glasgow, Scotland!
    PSN ID
    UB3R-BR3NDAGE
    Posts
    931

    Default

    Like the new skin. Breathes new life everywhere.

  18. #18
    Join Date
    Oct 2006
    Location
    Sydney Australia
    Timezone
    GMT + 10
    PSN ID
    blackwiggle
    Posts
    4,114

    Default

    Quote Originally Posted by infoxicated View Post
    I don't know, but one of the email addresses he used when he set up a forum admin account was admin@clawscape.org

    Same deal, or just a scapegoat?
    Don't know.
    I got in a PSN message conversation with another gamer after playing a couple of rounds of UC3 online.
    They asked what other online games I play......got on to talking about WO and the zone....talked about the site hacking, then out of nowhere this gamer suggested the Runescape connection.
    I don't know if this gamer plays Runescape and has knowledge of other activities that they get up to?
    I'd never heard of the game up until then.

    After checking out some video footage of it in action it looks like a very rudimentary game, something only a diehard PC geek would play.
    http://www.youtube.com/watch?v=mv2gSuyqijI

  19. #19
    Join Date
    Jul 2007
    Location
    Montréal
    Timezone
    GMT -5
    PSN ID
    Darkdrium777
    Posts
    4,553

    Default

    Runescape is so boring that they hack other websites for fun.

  20. #20
    Join Date
    Feb 2002
    Location
    Toulouse, France
    Posts
    541

    Default

    Quote Originally Posted by infoxicated View Post
    oh noes ! Rob, you can't ! I know you're the admin here etc, but you just can't dig out this stuff ! Aww man... please gimme somewhere to hide...

    Thanks for the (pretty detailed) clarification. The message shown by the hacker looked like he was a good samaritan which helped the Internet community by pointing out website flaws, but if he screwed up everything from the inside I guess he's just another jerk and by no means the hero he pretends to be. (Not that I believed he was a hero, but the message seemed fair in some way)

    Whatsoever, cleaning up the (potentially unsafe) code and upgrading to the latest board version is always a good thing, and once again I'm glad you handled it so quickly. At least, this is something that didn't change in the last decade !

    KUTGW

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •