Cadillac Owners Forum banner

1 - 20 of 42 Posts

·
Cadillac Maniac
Joined
·
13,753 Posts
Discussion Starter #1
Due to several security issues and program vulnerabilities, ALL uploads (including avatars, attachments, photos in the image and classified section, etcetera) are off-limits. This should not last more than a day or so. If you have an avatar or image that you want to display, please LINK TO it for the time being.

I'm not sure about other websites, but we're being constantly targeted for hack attempts. As ridiculous as it sounds, we may just need to completely close uploads altogether. In that event, instead of uploading things like avatars to THIS server, you'd upload them somewhere else on the internet and simply LINK TO them. It's not really a big deal but I understand it's very convenient to simply upload them to cadillacowners.com...

We're experiencing quite a bit of SLOW load time due to hacking issues. It's been very difficult, time-consuming and costly for me to keep fighting these problems. There are many other things that I need to keep up on and if these issues can be resolved by simply NOT allowing uploads, then that may be my only choice...

Sorry for the inconvenience...
 

·
Registered
Joined
·
16,105 Posts
Stoneage_Caddy said:
doesnt sound bad , ive linked for avatars on other forums , no issue here ....
I'm not a member of other forums, and you can't do it from imageshack because there is no hotlink posting option under "edit avatar." So now I'm stuck!

I at least want to get one avatar up there that can be permanant!! Please advise when we can do this Sal, even briefly...
 

·
Registered
Joined
·
16,105 Posts
Stoneage_Caddy said:
that could be a problem
I would have NO LIFE if I joined other forums, LOL!!

I just wish I knew about this BEFORE I tried to change it today, ESPECIALLY if we lose the ability to ever post another avatar alltogether!!..It sucks that it killed my existing avatar when I tried.

I'll go :cookoo: without my Vicky avatar, and I'll kick the azzes of each and every one of those daymn hackers!!!!
 

·
Cadillac Maniac
Joined
·
13,753 Posts
Discussion Starter #8
Avatars and attachments have been disabled. Any process which allows people to upload files has been disabled. People are uploading malicious scripts through holes in these systems. We're constantly under attack by two groups of people. One who apparently doesn't want us up and running anymore - and another from Egypt who keeps trying to deface our site with Anti-American propoganda. The Egypt group is, as well as the other, attempting to delete pieces of the database...
 

·
Moderator
Joined
·
5,826 Posts
Administrator said:
Avatars and attachments have been disabled. Any process which allows people to upload files has been disabled. People are uploading malicious scripts through holes in these systems. We're constantly under attack by two groups of people. One who apparently doesn't want us up and running anymore - and another from Egypt who keeps trying to deface our site with Anti-American propoganda. The Egypt group is, as well as the other, attempting to delete pieces of the database...
You would think people would have better things to do with their time. :confused:
 

·
Cadillac Maniac
Joined
·
13,753 Posts
Discussion Starter #10
I truely believe that, in time, other forum administrators will follow suit as it becomes more and more difficult to maintain a secure system. While it's very nice that exploits and vulnerabilities are pointed out as quickly as possible, sometimes they're not pointed out fast enough. Entire email lists can be compromised. Databases can be deleted leaving only the latest backup for retrieval. This is unacceptable and if simply removing avatars and attachments can make a world of a difference, I feel it's important to follow through.

There will be an alternative method to uploading images (for linking to in messages later) on today.
 

·
Registered
Joined
·
3,963 Posts
slk230mb said:
You would think people would have better things to do with their time. :confused:
I'm curious about the other group. The Egyptian thing is not new - other boards I'm on have been attacked by the same group. But what would the 'other' group's motive be for shutting us down?

Jim
 

·
Banned
Joined
·
7,971 Posts
My tin-foil-hat conspiricy theory is that GM and its dealers are behind it.

Anyway avitars are completely gone. IIRC mine was hosted on my own webspace (meaning it should have nothing to do with the file upload system here) and it's gone now. What's the story behind that?
 

·
Registered
Joined
·
531 Posts
Sal,

I would take this up with the FBI if you have not done so already. Also, you should see if your ISP can ban the attackers ISP company. You may beable to block that whole region. I've had problems with Google, Inc. and after a nice talk with them they've stopped pinging my forums.

Good luck.. I've had to deal with the same problems
 

·
Cadillac Maniac
Joined
·
13,753 Posts
Discussion Starter #14
Sorry, Dave. All avatars are turned off at the moment. I've got a security specialist working on everything and all might be back to normal later on this afternoon. However, I cannot afford this person on an ongoing basis. This is a one-time deal...
 

·
Cadillac Maniac
Joined
·
13,753 Posts
Discussion Starter #15
I need to make some sort of offering to dealers or SOMEONE to turn this into a business and earn revenue from it. It's becoming more and more of a full-time job maintaining this server and it's scripts. I have to quit my part-time job NOW or I'll never get anywhere. I can't afford to hire a server admin so I'm going to have to learn how to do that myself. And at the same time, I'm going to need to makeup for my part-time income loss.. Besides that, there aren't enough hours in the day to continue working full-time either. I've certainly rolled-up to a major bump in the road...
 

·
Registered
Joined
·
4,425 Posts
Maybe I have a misunderstanding on how servers work, but what kind of operating system is this particular server using? You don't have to answer that here, but my point is, that maybe using a Unix based server would be the better option. If the server is using a DOS based OS like Windows Server (very common and very vulnerable), then there is little wonder that it is being attacked...Unix based server operating systems (Linux Red-Hat perhaps?) just might be a better choice here...
 

·
Cadillac Maniac
Joined
·
13,753 Posts
Discussion Starter #17
We're not using Windows. :) It's the scripts that hackers are finding vulnerabilities through. Unfortunately, without scripts, we'd just have plain old html pages that nobody could do anything with but the webmaster. Running a forum like this is a security risk...

ANYWAY. Attachments are back.. Avatars should be back soon.. I'm working on it with someone who's very good at what he does and hopefully everything will be back to normal soon. However, I've been made no guarantees so I can't make any guarantees either...
 

·
Registered
Joined
·
4,425 Posts
Administrator said:
We're not using Windows. :) It's the scripts that hackers are finding vulnerabilities through. Unfortunately, without scripts, we'd just have plain old html pages that nobody could do anything with but the webmaster. Running a forum like this is a security risk...

ANYWAY. Attachments are back.. Avatars should be back soon.. I'm working on it with someone who's very good at what he does and hopefully everything will be back to normal soon. However, I've been made no guarantees so I can't make any guarantees either...
Ahh...Thanks for the clarification.

So it's the forum program and the scripts within that are getting hacked? That might explain things...Sorry, I'm kinda new to the way servers work too. I am starting to run a little Linux server of my own and I still need to learn some things about all of this.
 
1 - 20 of 42 Posts
About this Discussion
41 Replies
13 Participants
slk230mb
Top