Some bunch of #%&$s hacked our website

[Javaness]

Some rotten toads hacked the IGA website.
Why do people have to do that. I have had to spend 3 hours now getting it cleaned and reinstalled etc before it can be unsuspended.
RAGE


PS: Anyone know where to find the A-Team?

[kirkmc]

Some rotten toads hacked the IGA website.
Why do people have to do that. I have had to spend 3 hours now getting it cleaned and reinstalled etc before it can be unsuspended.
RAGE


PS: Anyone know where to find the A-Team?

3 hours? You don't have backups? If you back up regularly, it should take you a very short time to reload everything. Just sayin'...

[cdybeijing]

Some rotten toads hacked the IGA website.
Why do people have to do that. I have had to spend 3 hours now getting it cleaned and reinstalled etc before it can be unsuspended.
RAGE


PS: Anyone know where to find the A-Team?

3 hours? You don't have backups? If you back up regularly, it should take you a very short time to reload everything. Just sayin'...

Kick a man while he's down, why don't you?!

[TMark]

Kicking a man when he is up is rather difficult; the best time is when he down. Backup early, backup often. Any computer professional should know that.

Best wishes.

[Fedya]

3 hours? You don't have backups? If you back up regularly, it should take you a very short time to reload everything. Just sayin'...

I'm surprised you didn't tell him this wouldn't have happened if he'd been using a Mac.

[kirkmc]

3 hours? You don't have backups? If you back up regularly, it should take you a very short time to reload everything. Just sayin'...

I'm surprised you didn't tell him this wouldn't have happened if he'd been using a Mac.

Nothing to do with Macs. I manage a bunch of web sites and forums (all on hosted Linux servers). I have daily backups of the SQL databases, and regular backups of all files. If something like this happens, just delete everything and reload the backups.

Of course, you need to find how the hackers got in, which is a more serious problem. If you're using a CMS, you look for vulnerabilities; if not, there's a problem with your host.

[vash3g]

AGA is looking for a new webmaster, maybe they can help you find one too... ^_^

[wms]

And the three hours thing might mean with backups. KGS does a nightly backup to my server at home, but I have several gigabytes of database and a few hundred GB of game records. Plus there's a lot of configuration involved. If I had to start from a freshly formatted disk with just the OS (which is always best after being hacked), it would probably take me a solid day of hard work to get things working, then another day or two to get all the games put back.

[Numsgil]

but I have several gigabytes of database and a few hundred GB of game records.

Are the game records not stored in a database? I ask purely from curiosity

[Javaness]

3 hours is roughly the entire timeframe for the trouble.
Discovering the website has some problem, figuring out what on earth is going on, finding out how to actually get some support from your hosting company, working out what to do (because it is not my job), doing it..

[wms]

but I have several gigabytes of database and a few hundred GB of game records.

Are the game records not stored in a database? I ask purely from curiosity

No, they are not. Multi-kbyte blocks of data can go into a database as BLOBs or TEXTs, but usually a plain file system is more efficient (especially if the files are rewritten frequently, as is the case for in-play KGS game records). After all, a file system *IS* a database, in that it maps file names to streams of data, and it does that extremely efficiently.

In addition to the runtime efficiency issues, having them as separate files makes it a lot easier to work with the backups; backing up 40 million smallish files, only a few thousand of which change or get added every day, is pretty easy. Backing up a 350GB database is a lot more effort.

[wessanenoctupus]

hey there Mr.WMS

could you put up a torrent of the KGS database

it might be fun to look at.

[kirkmc]

hey there Mr.WMS

could you put up a torrent of the KGS database

it might be fun to look at.

"It might be fun?" 350 GB to download just because "it might be fun"? Geez...

[Mehmet]

How is it easy to hack a web site? Do you have a firewall?

I'm not a expert but do your web site use other than 8080 port? Close any other unused ports.

[Li Kao]

How is it easy to hack a web site? Do you have a firewall?

I'm not a expert but do your web site use other than 8080 port? Close any other unused ports.

One of the most common types of attack is exploiting a known whole in standard web-applications like CMS, forums,...