Due to the latest string of attacks on the site, Rob will be taking WipeoutZone offline while the damage is assessed. Traffic will be redirected to the Facebook site while this is in effect.
Printable View
Due to the latest string of attacks on the site, Rob will be taking WipeoutZone offline while the damage is assessed. Traffic will be redirected to the Facebook site while this is in effect.
Well, I'm not sure I like the new lay-out but I'm sure we'll get used to it... as always :P Nice to see it back online anyways
Do the main site (vbulletin) secured now ? Or you'll still have to repair the site again and again ? :brickwall
The boards should have no more issues as it is a new install of vBulletin. Rob's still going over the main site before he puts it back online.
I just couldn't trust the code for the main site and I didn't have time to go through it and check the integrity.
I'll work on it and put it back up when I can be sure it's fixed.
I'm hoping this new version of the forum software will help fend off those that keep trying to bring it down.
Should probably have done the update before now, but I've been holding off on it for a while (two and a half years!), so now is as good a time as any.
If anything the theme needs higher contrast icons. It feels like everything is the same color right now and I have a hard time distinguishing between what's bumped and what's not.
Don't know if you were planning on doing something like that, but I'll see on my side as well.
Also this is somewhat broken.
Even though I've had none of my passwords broken, I changed my forum one and once the site itself is back up, I'm fixing that one too.
Here's a quick and dirty color mod to be more like the old VB3.
http://i.imgur.com/BntQT.pnghttp://i.imgur.com/uEgJo.png
http://i.imgur.com/qWYnD.pnghttp://i.imgur.com/DmeiG.png
Also there's probably a few things you'll want to disable in the image uploader/tag button in the reply box.
Yes. Sorry about the colors not being up to standard.
I was a bit busy migrating and re-indexing 10 years of forum posts! Takes a good six hours of processing time that does - who knew? ;)
Like I said, I'll get the theme sorted - doing anything "quick and dirty" is counter productive right now. That just means I'll need to do it again at some point and I don't really have time to waste on iterations of improvement. The main site has to be fixed first - then I'll get the theme done at the weekend if I have time.
Don't worry, I'm just giving feedback. I'm not expecting anything instantaneous. I understand this is a one man show.
But here's some idea for what you could do:
http://i.imgur.com/mcHWa.png
I removed the "What's New" and "Forum" bar and moved the search there because "What's New" is the same as "New Posts" and "Forum" is the same as the little house icon right below and the banner link. Essentially I find that thing is useless lol
I don't know if what I propose is at all possible though. I mean, changing the background color to black sure is, but reorganizing the search bar location...
Wow!, this is totally different but I will get used to it. Eventually hopefully everything will be updated by Foxy due to his hardwork.:clap
However, hopefully that will stave off potienally hackers from our website.
stevie:)
Good to see the site back up and running. Great job to all involved. :+
I'm still familiarising myself with a lot of the new stuff. I'm very competent with VB Software, but I haven't used Version 4.1.10 before so I'm trying to figure out where everything is. I'm sure I'll get there in time!
I'm unsure if I prefer the new or the old forum layout since I almost didn't use the WoZ forums for years.
However, if the hack came from the site hosting, how security is improved by updating the forums ? I mean, if the hacker used the site host to create a forum admin account with the old forums, if he hacks the site host again what prevents him to creating an admin account for the new forums ?
Anyway, kudos for your hard work on this Rob (as well as to anyone helping) and keep up the good work.
Ten years ago you were easier to please! ;)
The initial hack came from the Dreamhost breach and, as far as I've been able to ascertain, the follow-up hacks came through shell scripts planted during the first hack. I say "hack", but, call me old school, I don't consider planting shell scripts when you have full FTP access particularly "hacky". It's more like they had the keys to the front door temporarily and whilst they were in there they unlocked the back door for future access. Hardly breaking and entering in the true "hacking a Gibson" sense! :D
The latest one came, I believe, through a Wordpress installation that I'd failed to update. I always keep my own WP installation up to date, but there's another site I run that hadn't got updated, so my fault really. The knowledge of what was on the same server as WipEoutZone meant that they could get in that way and then go after the site that would cause the most trouble. No sense in ruining a site run for a local voluntary group when you can wreak havoc for a busy online community, eh?
I wouldn't have minded a bit of a dialogue with the Tim Pernix guy, actually. Not that I believe his motives were particularly altruistic considering all the damage done from him screwing around with the vBulletin database. If it was just defacing the site with the intention of proving just how l33t he was and embarrassing the admin, then whatever floats your boat, but dicking with the database just caused a lot of pain and screwed over the community right as a new game was launching.
Still, I wouldn't have minded chatting to the guy just to see how the wind was blowing. Assuming everything's locked down now, he and his gang will be off finding new people to cause trouble for and WipEoutZone will be as insignificant to them as it was for the previous 11 years of its existence.
In the grand scheme of things, one security breach in 11 years isn't exactly a bad record and the fact we appeared to be victimised for a while is not something I take personally. I'm tired from the late nights spent trying to fix it and I have a bitch of a data bill from having to access the site whilst on holiday, but nobody got hurt and we're all still here. It's just another chapter in the history books of the site. :)
Updating the forums was something I've been meaning to get around to for two and a half years. We had a version 4 license and had been using version 3 the whole time because I couldn't be bothered with the hassle of the upgrade. When it got to the point where I wanted a completely clean install of the forums there was no sense in having a new install of version 3 again, so there you have it. There are things to fix, but in general it went quite smoothly.
Security is improved by being on the latest version of the forum, as v3 wasn't being actively improved anyway. It's also more secure by having none of the code for the main site being on the server any longer - it's all been deleted except for assets. I'll put it back once I'm content that it's clean and doesn't allow any cheap entry points for them.
Somewhat bizarrely this has been quite an educational experience for me as a web developer, so there are a couple of positive take-aways from the whole thing. :)
Some information about Pernix, the rare ultra plus armour of Runscape.
http://runescape.wikia.com/wiki/Pernix_armour
One of the Moderators of the Runescape forum is called TIM
Do the Zone & Runescape use the same facilities?
I don't know, but one of the email addresses he used when he set up a forum admin account was admin@clawscape.org
Same deal, or just a scapegoat? ;)
Like the new skin. Breathes new life everywhere. :+
Don't know.Quote:
Originally Posted by infoxicated
I got in a PSN message conversation with another gamer after playing a couple of rounds of UC3 online.
They asked what other online games I play......got on to talking about WO and the zone....talked about the site hacking, then out of nowhere this gamer suggested the Runescape connection.:?
I don't know if this gamer plays Runescape and has knowledge of other activities that they get up to?
I'd never heard of the game up until then.
After checking out some video footage of it in action it looks like a very rudimentary game, something only a diehard PC geek would play.
http://www.youtube.com/watch?v=mv2gSuyqijI
Runescape is so boring that they hack other websites for fun.
oh noes ! Rob, you can't ! I know you're the admin here etc, but you just can't dig out this stuff ! Aww man... please gimme somewhere to hide...Quote:
Originally Posted by infoxicated
Thanks for the (pretty detailed) clarification. The message shown by the hacker looked like he was a good samaritan which helped the Internet community by pointing out website flaws, but if he screwed up everything from the inside I guess he's just another jerk and by no means the hero he pretends to be. (Not that I believed he was a hero, but the message seemed fair in some way)
Whatsoever, cleaning up the (potentially unsafe) code and upgrading to the latest board version is always a good thing, and once again I'm glad you handled it so quickly. At least, this is something that didn't change in the last decade !
KUTGW
Thanks Vinny... you haven't said if it works okay in Netscape 6 this time, though - to be honest I haven't checked the site in anything except Chrome! ;)
haha you sound like a girlfriend. you never forget stupid things other people have done, do you ?
I'm pretty sure you can "browse" the site logs and already know I'm not using N6 anymore. You're so mean to remind many the good old things that existed over the Internet !
I'm currently working on a web plugin which will be deployed broadly and we test many, many browser/OS compatibility, so I guess I could test WoZ on a wide variety of browser/OS but... believe me or not, Netscape 6 is not on the list :( And worse... Netscape 4 isn't either ! One told me that the end of the world was near, and it's probably one more proof of it x_x
I don't know why I remembered you giving positive feedback. I think at the time I was getting a lot of comments that folk didn't like the smilies or the colours or whatever, and you posted with a positive comment and it just stuck in my mind. :)
When I'm finished with the main site I'll test it in different browsers - probably I'll go back to IE8 and test it in all the other modern ones. IE7 & 6 won't get a look in.
Funny to think that, back in the day, I swore by IE 5.5 because it got the box model absolutely right in principle. Then IE6 came along and making stuff for the web got a lot more complicated. :D
I don't think I've used a Microsoft browser as my main browser for seven or eight years, now.
I'm glad to see the site is back up. I got bit worried when the website address was redirecting to the Facebook page. Well done to all involved.:)
Well here's how it looks on Opera Mobile.
It's fine. I think you'll only have to test if you edit the default thing. The default should have already been tested by the VB team.
Well, for what it's worth, I like the new motif of the site. Thanks as always for keeping this place up-and-running, Foxxy :)
So, uh, is the "multi-quote this message" function new? 'Cuz that is cool as all heck.
No, it was in the old one too. It used this icon.
By the way: My old bookmark still linked me the facebook page. That’s why I thought WOZ was down for about a week. Was it a cache issue or is there still some bad linking?
Most likely cache. The redirects were working instantly for me as I kept clearing it after the relevant facebook posts.
You can go three ways to here right now:
http://www.wipeoutzone.com/forum/index.php
http://www.wipeoutzone.com/forum/
http://www.wipeoutzone.com/
Okay, it must have been a cache issue then. Great to see the site back online. Kudos! :)
Well it was actually redirecting to Facebook for about a week too, so if you are talking about that time then it was fine.
I assumed you meant it had just done it to you five minutes before you posted. In that case that wasn't fine.
Will someone please tell me what the 'ranks' on this forum are, and how many posts you need for each rank?
stevie:)Quote:
0-9 New Pilot
10-49 Vector Pilot
50-149 Venom Pilot
150-299 Rapier Pilot
300-599 Phantom Pilot
600-1499 Extreme Pilot
1500-2999 Zone Pilot
3000-4999 Veteran Pilot
5000-9999(?) Legendary Pilot
10000+ Purist
What? No Flash? Sure, it wasn't introduced until Pulse, but it is an essential speed class.
So is the site ever going to be back up to it's legendary former self?
Yeah, at some point. It's on my to-do list.
"0-9 New Pilot
10-49 Vector Pilot
50-149 Venom Pilot
150-299 Rapier Pilot
300-599 Phantom Pilot
600-1499 Extreme Pilot
1500-2999 Zone Pilot
3000-4999 Veteran Pilot
5000-9999(?) Legendary Pilot
10000+ Purist
"
Oh, man, I don't think I'm ever gonna get to purist, considering my recent posting record.
Its nice to see a legend return to the forum! especially one who was before my time!
You should join a few bling brigade events if you still have Wipeout HD and have a few hours to spare... You will soon reach 10,000 posts lol.
With a name like MegaGeeza, perhaps you are quite antique as well? :)
I never had Wipeout HD, one of the reasons I drifted away. No PS3, no PSP, etc. Just an accumulation of factors that gradually distanced me from the beloved WZ, which I've always considered to be the finest gaming site on the internet. My hours tend to be spent on writing, or playing tinwhistle or harmonica, or just sleeping or watching TopGear on YouTube, or something equally non-creative. The last games I really spent time on were Forza 3 and SoulCalibur 4.
Short answer :Quote:
Originally Posted by UnleashSonic
Quote:
Originally Posted by infoxicated