Wildguzzi.com
General Category => General Discussion => Topic started by: Luap McKeever on August 06, 2016, 09:33:51 PM
-
For a minute there, I thought the MGX debut in Sturgis was bringing in all types of new people. Then, I noticed them all coming from strange IP ranges. Tracked them down to the Ukraine, France and Russia. At around the same time, I get email notifications and text messages that the server was under attack. Man, that MGX is causing quite a stir all over the world :evil: That was no small hack attempt by any measure.
Long story short, the new security measures in place on the server worked like a dream. What took less than an hour to clean up tonight used to take almost 4 hours. Knocking on wood, but zero down time in almost 3 years is a good thing...
Now, back to your regularly scheduled programming :thumb:
PS. My new favorite email address that was tried tonight to sign in was "letmeknowyoulikemea nd_myqwertyiiouplkj hgsadfa_so@you.su.uk"
-
Good news Luap and good job keeping us hack-resistant! It's rewarding when something you invest in pays off. Go have a beer or two and let us know if you run short of funds.
-
YEP.....THANX FOR KEEPING THE WHEELS SPINNING
-
When I worked in the industry I thought those events were the most fun. Glad you outthunk them!
-
(http://i1299.photobucket.com/albums/ag77/Penderic/Penderic002/club%20membership_zpsp8lj2vcp.jpg)
:tongue: I tried to warn em!
-
Mahalo Luap! :thumb: (Thanks in Hawaiian) :drool:
-
(http://thumb.ibb.co/i7rmFa/14774283.jpg) (http://ibb.co/i7rmFa)
Thanks, Paul B :boozing: :boozing: :boozing:
-
I hope the extra interest boosts the brand and not just internet spam. :thumb:
-
I hope the extra interest boosts the brand and not just internet spam. :thumb:
Poetry :cool:
-
From Ukraine, France, and Russia. Interesting grouping of locations if this was coordinated.
-
:thumb:
you.su.uk
Awesome . LOL!
-
They know not with who they screweth !
Dusty
-
Good to see the new defenses doing their job!
BTW, as with any special event, everyone should be aware of phishing via spam - if you get messages with clicky links that claim to be about the Olympics, even if they appear to be from people you know, there's a fair chance they're an attempt to get you to visit an exploit website.
-
I lost count but if this took down the forum. It would have been a 7th time. After this many times Luap has been learning to see the attacks before they happen.
-
I lost count but if this took down the forum. It would have been a 7th time. After this many times Luap has been learning to see the attacks before they happen.
7 times in 18 years...Still pretty good track record. I actually thought it was more than that. I never counted (on purpose).
The old phpbb days caused me a lot of grief. This 'Simple Machines' platform is so much better. Kinda like a Guzzi....simple, easy, stout, reliable. :thumb:
-
As an administrator for the California 1400 Forum, I along with the other two administrators have been dealing with this sort of threat for over three or four months. We have learnt a lot about identifying these perpetrators, and after an initial purge of around 150 intruders, regularly delete and ban multiple several more daily.
We don't even understand why these people do this, what gain could they possibly have? Often checking their email address with on-line Botscout websites is the easiest way to identify them.
As well as the countries you've mentioned above, also be suspicious of any from India and China. Their user names will often have numerous characters making little sense. Names based on the phonetic alphabet is also a giveaway.
Sometimes we have to email potential members to check on their genuine interest in Moto Guzzi motorcycles, this hopefully will avoid banning suspicious but genuine applicants.
Keep up the good work, Luap!
-
Tell them that to confirm you need a phone number.
-
also be suspicious of any from India and China.
I've pretty much blocked all the IP's from China to even see or find Wildguzzi when searching from within WHM. I even had my wife test it when she was there last year from 3 different cities. She couldn't even see us. I figure if someone from China wants in...Oh well, too bad. I just don't care after putting up with over 1,000 hack attempts per day for three weeks straight last year :evil:
Honestly, I'd like to do that with some other countries too, but it would put quite a strain on the server checks and scripts. It's the same way China blocks a lot of American sites.
-
Tell them that to confirm you need a phone number.
That's actually not a bad idea. But I do force new users to email me after registering letting me know they're human. It works good. But, 1 in 200 will still get in and I'll have to kick em out after they try spamming members.
-
Doesn't mean that you have to call them but it does make them think. How name and address with phone number??? They would have to give up personal info. Whether you verify or not is the website's choice to screen scammers. A short disclaimer on valid registration may be included.