It's still slow on this end too. Pages take from 30 secs up to a minute to load.
It's still slow on this end too. Pages take from 30 secs up to a minute to load.
Still too slow for me to use.
Coders rule nr 1: Face ur bugz.. dont cage them with code, kill'em with ur cursor.
Oh its frustrating I agree... But look on the bright side for us admins: no SPAM! YAY!
I once tried to change the world. But they wouldn't give me the source code. Damned evil cunning.
Yeah, but you could have much bigger problems brewing if vB is not patched to fix the vulnerability. Given the type of attacks you are experiencing, it looks like they are trying to exploit this vulnerability or one like it.
Usually, the way these things go, a vulnerability is discovered by an automated scanner targeting a specific piece of site software, then, once found, it gets put on a list that gets shared on various hacker underground sites (potentially even sold), then the criminals take over and start attacking the site, looking for private information to exploit. Even if the vulnerability gets patched, the attacks may take a few days to a week to subside. The only thing that can be done is make 100% sure the webserver and associated app software is fully patched, clean/scan the server for rogue processes and rootkits, disable attacked facilities, and block DoSing IP addresses.
Just figure it should be asked, was there any chance of a data breach during the "event"? If so, we all probably should change our passwords, and be on the lookout for any phishing attempts sent to our emails.
Hi Murmandamus!
I don't think you should worry about your passwords. I couldn't retrieve them if I wanted to so I'd assume you are still safe there. I know with the current issues plaguing the PSN where your mind is thinking, but it's not that WE were haked, I think it was more about A Small Orange, the company that we host under being attacked and forced to go down. It could be a load of spam bots tried to come after us, but then again it's still the same amount of spam we've been receiving since before the slowdowns.
I'd like to tell everyone what exactly was going on, but truth be told I don't even know. Dom (savage) has asked the hosting company what is going on and they seem to want to blame some kind of plug-in we didn't even have. I'm not too happy with the hosting company and they way they've been handling this incident and others in the past to tell you the honest truth and I'm considering a move once I financially take it over myself. I've had nothing but good experiences from DoDaddy and I host Pascal Gamer and Red Ant Games both with them so I'd be willing to try them on for PGD in the future providing I can get the domain redirected properly without a bucket-load of headaches.
GoDaddy also has unlimited bandwidth as a part of it's core hosting features so this would take care of that issue as well.
Jason McMillen
Pascal Game Development
Co-Founder
Actually, you can, and so can anyone else who gets ahold of your database. While it is true that the passwords cannot be reversed, they can be brute-forced, the only difficulty being how slow the hashing process is. Plus, having emails harvested for spam is not much better. Fortunately, I have a solution for that already, but not everyone does.Originally Posted by WILL
The main reason I brought it up is that it is generally a good idea to disclose the possibility/probability of a data breach occurring, because it lets your users be proactive in protecting themselves. If you tell me that, after your (hopefully expert) forensic analysis, the probability is nil or very low, then I won't worry about it. But if you think you found material evidence that it did occur, it is always the best policy to let your users know ASAP. It isn't bad on you to do so, even if it really didn't happen. But, if it did, and you don't tell us, that isn't too cool.
No, it's just the way I think, since one of the hats I wear is an IT Security Analyst.I know with the current issues plaguing the PSN where your mind is thinking, but it's not that WE were haked
I'm sorry to hear that. Usually, small hosting providers provide much better service than the larger ones (of course, this coming from a small hosting providerI'd like to tell everyone what exactly was going on, but truth be told I don't even know. Dom (savage) has asked the hosting company what is going on and they seem to want to blame some kind of plug-in we didn't even have. I'm not too happy with the hosting company and they way they've been handling this incident and others in the past to tell you the honest truth and I'm considering a move once I financially take it over myself. I've had nothing but good experiences from DoDaddy and I host Pascal Gamer and Red Ant Games both with them so I'd be willing to try them on for PGD in the future providing I can get the domain redirected properly without a bucket-load of headaches.
What issue are you referring to? The slowdown? I don't think that will make any difference. "Unlimited bandwidth" just means that they won't bill you if you go into many terabytes of usage, not that said usage won't take your site down handily. Most providers won't charge you for bandwidth from DDoS attacks and such, as long as you didn't cause it, so I don't think that would be an issue.GoDaddy also has unlimited bandwidth as a part of it's core hosting features so this would take care of that issue as well.
Anyway, I am not intending to be critical of you here; I'm just being a concerned (and informed) user and, ultimately, just trying to help.
Yeah, but you could have much bigger problems brewing if vB is not patched to fix the vulnerability. Given the type of attacks you are experiencing, it looks like they are trying to exploit this vulnerability or one like it.
Usually, the way these things go, a vulnerability is discovered by an automated scanner targeting a specific piece of site software, then, once found, it gets put on a list that gets shared on various hacker underground sites (potentially even sold), then the criminals take over and start attacking the site, looking for private information to exploit. Even if the vulnerability gets patched, the attacks may take a few days to a week to subside. The only thing that can be done is make 100% sure the webserver and associated app software is fully patched, clean/scan the server for rogue processes and rootkits, disable attacked facilities, and block DoSing IP addresses.
Posting Permissions
Reply With Quote
Bookmarks