Due to several security issues and program vulnerabilities, ALL uploads (including avatars, attachments, photos in the image and classified section, etcetera) are off-limits. This should not last more than a day or so. If you have an avatar or image that you want to display, please LINK TO it for the time being.

I'm not sure about other websites, but we're being constantly targeted for hack attempts. As ridiculous as it sounds, we may just need to completely close uploads altogether. In that event, instead of uploading things like avatars to THIS server, you'd upload them somewhere else on the internet and simply LINK TO them. It's not really a big deal but I understand it's very convenient to simply upload them to cadillacowners.com...

We're experiencing quite a bit of SLOW load time due to hacking issues. It's been very difficult, time-consuming and costly for me to keep fighting these problems. There are many other things that I need to keep up on and if these issues can be resolved by simply NOT allowing uploads, then that may be my only choice...

Sorry for the inconvenience...

:eek: EEK!! If I knew this I never would have tried to change mine today. Hopefully in a day or 2 I can at least put one up that can stay forever if it has to...

doesnt sound bad , ive linked for avatars on other forums , no issue here ....

doesnt sound bad , ive linked for avatars on other forums , no issue here ....

I'm not a member of other forums, and you can't do it from imageshack because there is no hotlink posting option under "edit avatar." So now I'm stuck!

I at least want to get one avatar up there that can be permanant!! Please advise when we can do this Sal, even briefly...

that could be a problem

that could be a problem

I would have NO LIFE if I joined other forums, LOL!!

I just wish I knew about this BEFORE I tried to change it today, ESPECIALLY if we lose the ability to ever post another avatar alltogether!!..It sucks that it killed my existing avatar when I tried.

I'll go :cookoo: without my Vicky avatar, and I'll kick the azzes of each and every one of those daymn hackers!!!!

i havent visited most of the others in years .....i hang here , keep a window up for this place and watch tv ....email alerts cause me to come in a snoop , otherwise id be asleep ....

Avatars and attachments have been disabled. Any process which allows people to upload files has been disabled. People are uploading malicious scripts through holes in these systems. We're constantly under attack by two groups of people. One who apparently doesn't want us up and running anymore - and another from Egypt who keeps trying to deface our site with Anti-American propoganda. The Egypt group is, as well as the other, attempting to delete pieces of the database...

Avatars and attachments have been disabled. Any process which allows people to upload files has been disabled. People are uploading malicious scripts through holes in these systems. We're constantly under attack by two groups of people. One who apparently doesn't want us up and running anymore - and another from Egypt who keeps trying to deface our site with Anti-American propoganda. The Egypt group is, as well as the other, attempting to delete pieces of the database...

You would think people would have better things to do with their time. :confused:

I truely believe that, in time, other forum administrators will follow suit as it becomes more and more difficult to maintain a secure system. While it's very nice that exploits and vulnerabilities are pointed out as quickly as possible, sometimes they're not pointed out fast enough. Entire email lists can be compromised. Databases can be deleted leaving only the latest backup for retrieval. This is unacceptable and if simply removing avatars and attachments can make a world of a difference, I feel it's important to follow through.

There will be an alternative method to uploading images (for linking to in messages later) on today.

You would think people would have better things to do with their time. :confused:

I'm curious about the other group. The Egyptian thing is not new - other boards I'm on have been attacked by the same group. But what would the 'other' group's motive be for shutting us down?

Jim

My tin-foil-hat conspiricy theory is that GM and its dealers are behind it.

Anyway avitars are completely gone. IIRC mine was hosted on my own webspace (meaning it should have nothing to do with the file upload system here) and it's gone now. What's the story behind that?

Sal,

I would take this up with the FBI if you have not done so already. Also, you should see if your ISP can ban the attackers ISP company. You may beable to block that whole region. I've had problems with Google, Inc. and after a nice talk with them they've stopped pinging my forums.

Good luck.. I've had to deal with the same problems

Sorry, Dave. All avatars are turned off at the moment. I've got a security specialist working on everything and all might be back to normal later on this afternoon. However, I cannot afford this person on an ongoing basis. This is a one-time deal...

I need to make some sort of offering to dealers or SOMEONE to turn this into a business and earn revenue from it. It's becoming more and more of a full-time job maintaining this server and it's scripts. I have to quit my part-time job NOW or I'll never get anywhere. I can't afford to hire a server admin so I'm going to have to learn how to do that myself. And at the same time, I'm going to need to makeup for my part-time income loss.. Besides that, there aren't enough hours in the day to continue working full-time either. I've certainly rolled-up to a major bump in the road...

Maybe I have a misunderstanding on how servers work, but what kind of operating system is this particular server using? You don't have to answer that here, but my point is, that maybe using a Unix based server would be the better option. If the server is using a DOS based OS like Windows Server (very common and very vulnerable), then there is little wonder that it is being attacked...Unix based server operating systems (Linux Red-Hat perhaps?) just might be a better choice here...

We're not using Windows. :) It's the scripts that hackers are finding vulnerabilities through. Unfortunately, without scripts, we'd just have plain old html pages that nobody could do anything with but the webmaster. Running a forum like this is a security risk...

ANYWAY. Attachments are back.. Avatars should be back soon.. I'm working on it with someone who's very good at what he does and hopefully everything will be back to normal soon. However, I've been made no guarantees so I can't make any guarantees either...

Testing attachments...

We're not using Windows. :) It's the scripts that hackers are finding vulnerabilities through. Unfortunately, without scripts, we'd just have plain old html pages that nobody could do anything with but the webmaster. Running a forum like this is a security risk...

ANYWAY. Attachments are back.. Avatars should be back soon.. I'm working on it with someone who's very good at what he does and hopefully everything will be back to normal soon. However, I've been made no guarantees so I can't make any guarantees either...

Ahh...Thanks for the clarification.

So it's the forum program and the scripts within that are getting hacked? That might explain things...Sorry, I'm kinda new to the way servers work too. I am starting to run a little Linux server of my own and I still need to learn some things about all of this.

Lets infect those bastards with a virus! Any "professionals" among us?? :mad: :sneaky:

vBulletin isn't free software.. isn't Jelsoft doing anything to help with security?

Yes, actually. They are doing the best they can. With each discovered security vulnerability, they release a new version of their software (an update) which can be installed or applied to the code manually. Unfortunately, the exploits must be "discovered" to be secure. There are new vulnerabilities discovered quite frequently. Before they're discovered, we're wide-open for attacks that can bring the entire server down and delete everything on it.

We run several different scripts on this server. There are a lot of holes. This is a compromise you must make when offering a website where people can interact with. Every site out there with forums, classified scripts, image hosting, etcetera - is vulnerable to these types of attacks. Only the busiest sites are targeted, however...

Lets infect those bastards with a virus! Any "professionals" among us?? :mad: :sneaky:

No, but we shouldn't let that stop us.

so is this green underline thing gonna help with our situation or what?

If it earns any money - then maybe. At this point, I'm willing to try anything to get somebody onboard to keep this place secure.

If it earns any money - then maybe. At this point, I'm willing to try anything to get somebody onboard to keep this place secure.

i read the announcement but exactly how is it going to make us money? if someone buys something we get a kick back? well i guess thats the only way.

.... how is it going to make us money? if someone buys something we get a kick back? well i guess thats the only way.


The owner/sponsor of the link/banner ad can tell when a visitor to their page was directed there by another web page. Often what you have then is a situation where the sponsor of the add pays the site holder for each time someone clicks on the link/banner bringing the person who clicked on it to the sponsors page.

Ads suck, but the alternative, no forum, is worse.

K

So the original problem was that uploads were providing a way for malicious scripts to screw up the forum? And avitars were turned off as part of the uploads being turned off, and now all avitars (even ones hosted on other servers) are off even though attachment uploads are back on. Right?

I miss avitars.

Avatars will be back shortly. I'm just waiting for some final tests to be sure.. I'm 99% positive they'll be back in a few days...

now that they are back, how do we do the custom avatars? i cant seem to ge that up. i hit edit avatar and nothing on there has anything for custom avatars, are you still working on that?

now that they are back, how do we do the custom avatars? i cant seem to ge that up. i hit edit avatar and nothing on there has anything for custom avatars, are you still working on that?

Ya, I can't do custom either yet, but I'm sure he's working hard on it.:)

Miss Mulder is waiting her chance to be the next Ralph avatar.:highfive::sneaky:

Please PM me about this! PMs serve as my to-do list and I'm running out the door right now.. Sorry!

Please PM me about this! PMs serve as my to-do list and I'm running out the door right now.. Sorry!

You mean just pm you right now to sort of remind you about it later? OK, will do.;)

I know that I changed my avatar on the day we lost them so I thought that's why I lost the ability to use a custom now, but if Adam can't do it either, then others must not have the ability to change it either I guess.

Done. Supporting Members can upload custom avatars.

I have my custom avatar, but it was already there ebfore theyw ent, wil it stay?

Done. Supporting Members can upload custom avatars.
Oh my!! Ralphie has been waiting a looooooong time to hear that! Supermodel Karen Mulder thanks you and Ralphie sincerely thanks you.:D Extra Rep points for Sal tonite!!!:highfive::thumbsup:

MC, yup, it should stay.....

Yes and thank you! :)

ha freakin sweet. so only supporting members can use custom avatars now? i think that is a pretty good idea, glad i became one.

Strange that I can't put my name over the avatar like I used to, and I found the option to do it, but it won't stick. It's ok, and I could care less, I just thought I'd mention it, but I really don't care about the outcome........

Is the avatar size limit still 100 by 100 pixels? Just curious...

Still have my leftover avitar. I beat the system and stuck it to the man :p J/K Sal.

So if I want to change it, I can't host it myself anymore I have to do the supporting member thing?

Hey Sal:
If I promise to be a good boy, can I upload my avatar? :bouncy: Am really wanting to use my custom avatar.
What's the status in this, has it been disabled for good? :)

Hey Sal:
If I promise to be a good boy, can I upload my avatar? :bouncy: Am really wanting to use my custom avatar.
What's the status in this, has it been disabled for good? :)

Supporting members get custom avatars.