Well Hello!
over 7 hours work but we are back.. No hiding anything so here is the full run down of what happened. Excuse the technical terms and the rambling but im a bit drained so I will try and keep it simple
At approx 18:00 the site was attacked by a DDOS
This caused a server error allowing a group of hackers called the 2600uk KREW access to the servers root. They installed 2 scripts and tied them into the system files of the forum with the vision of causing a bit of mayhem. Unluckily for them the countermeasures installed on the database rejected the attack but somehow they still managed to cause some damage to the database. Google spiders crossed the damaged files on a scan and thats why they suddenly locked the site out. I have since been in contact with google and they are now happy to revoke the lockout.
I have also informed our host and they are now investigating the problem.
The repair...
I take backups of the site to make sure in a total disaster we can be up and running as soon as possible. Now rather than just loosing 7 days of info I patched in part of the backup to repair damaged sections and then tied them into the main database. I have removed the damaged scripts and removed the hackers scripts.
I have made sure we are running the most up to date modern server modules and software to make sure we hopefully imune to this happening again.
The forum is currently running a debug mode. This is for me to let you guys "test" the forum and let me monitor any faults that may occur. I hope they wont but when you have been staring at pages of PHP code for a good few hours I might have missed something.
I have tested the major things but I cant check every single link on the site so thats where the debugging and you guys come into play. The forum will be slightly slower for a few days while this is running.
Good to have you back as it has been a rather lonely place!!
Rob
over 7 hours work but we are back.. No hiding anything so here is the full run down of what happened. Excuse the technical terms and the rambling but im a bit drained so I will try and keep it simple
At approx 18:00 the site was attacked by a DDOS
This caused a server error allowing a group of hackers called the 2600uk KREW access to the servers root. They installed 2 scripts and tied them into the system files of the forum with the vision of causing a bit of mayhem. Unluckily for them the countermeasures installed on the database rejected the attack but somehow they still managed to cause some damage to the database. Google spiders crossed the damaged files on a scan and thats why they suddenly locked the site out. I have since been in contact with google and they are now happy to revoke the lockout.
I have also informed our host and they are now investigating the problem.
The repair...
I take backups of the site to make sure in a total disaster we can be up and running as soon as possible. Now rather than just loosing 7 days of info I patched in part of the backup to repair damaged sections and then tied them into the main database. I have removed the damaged scripts and removed the hackers scripts.
I have made sure we are running the most up to date modern server modules and software to make sure we hopefully imune to this happening again.
The forum is currently running a debug mode. This is for me to let you guys "test" the forum and let me monitor any faults that may occur. I hope they wont but when you have been staring at pages of PHP code for a good few hours I might have missed something.
I have tested the major things but I cant check every single link on the site so thats where the debugging and you guys come into play. The forum will be slightly slower for a few days while this is running.
Good to have you back as it has been a rather lonely place!!
Rob
Last edited: