Website Outage

Read here first for rules, and keep an eye out for announcements.
User avatar
Adi'karta
Admin
Posts: 290
Joined: 25 Jan 2011 20:18
Location: Chicago, Illinois, USA
Contact:

Website Outage

Unread post by Adi'karta » 26 Jan 2012 00:05

As you may have noticed, we experienced another outage. I apologize sincerely for the inconvenience. Apparently some part of my website was compromised, and a self-replicating PHP script was injected onto my server. As a result, every page was infected with a PHP header that redirected every visitor who came from a search engine to a .pl domain name. This is referred to as "Black Hat Search Engine Optimization," and is an attempt to artificially inflate the Google Page Rank of the website that my pages were redirecting to. I blame this attack for the forum outage as well; it seems to have destabilized the forum's underlying software to the point where it would not properly display pages once a user was logged in.

I am taking additional steps to ensure the security of this site and find the vulnerability that was exploited, in order to prevent future attacks of this nature.

If you have any questions or suggestions, feel free to PM me or contact me by email. Thank you.

Best Regards,

MandoaOrg
Mandoa.Org - Bringing together the Mando'a Community.

User avatar
Adi'karta
Admin
Posts: 290
Joined: 25 Jan 2011 20:18
Location: Chicago, Illinois, USA
Contact:

Re: Website Outage

Unread post by Adi'karta » 26 Jan 2012 03:45

I have located a few possible sources for the initial attack that infected my files, and secured each of them with several different methods. As far as I am aware, no personal data was compromised from this forum, but I recommend password changes just in case.

I will be continually monitoring all log activity, updating security site-wide, and I am installing monitoring software that will notify me if another attack is attempted. Rest assured, I will not stop fighting these invaders. They are attempting to hijack this legitimate web community and leverage our resources to make money using illegal or immoral methods. I will not stand for this misuse.

Remain vigilant, vode.

Oya Manda!
Mandoa.Org - Bringing together the Mando'a Community.

Post Reply