Pop up ads
No, this is a real virus which is trying to drop down onto every visitors machine. It has been around for a while and most virus checkers will catch it but that is no reason to do nothing. I know Bruce is away and Nige is in Tibet or somewhere but I have offered my help 24 hours ago and nothing at all?
The simple thing to do for now would be to create a very simple html page explaining that the site has temporarily been taken down and place that in the root of the site while everthing else is moved down into a subdirectory until someone can fix it.
My set up is already issuing a warning about visiting the site, advising that the site has a history of hosting malware.
I, and many others, link back here and as of now we are linking to a known bad neighbourhood which is not good, especially as CDGC is on a shared IP address with several other sites. There are many links in the CDGC forum and it is quite a hassle finding all of them and removing them but I guess I have to now.
The simple thing to do for now would be to create a very simple html page explaining that the site has temporarily been taken down and place that in the root of the site while everthing else is moved down into a subdirectory until someone can fix it.
My set up is already issuing a warning about visiting the site, advising that the site has a history of hosting malware.
I, and many others, link back here and as of now we are linking to a known bad neighbourhood which is not good, especially as CDGC is on a shared IP address with several other sites. There are many links in the CDGC forum and it is quite a hassle finding all of them and removing them but I guess I have to now.
Please don't assume nothing is/has been done.... also please don't assume 24 hours is a long time for a site run by volunteers the server administrator of which is out of the country!
A little background.....
The forum and bdga site run on the same host within the same hosting space. An exploit was used to infect every single php file on the server with code that called upon a third party (evil) site. After initial investigation and attempts to contact administrator for a restore from backup had failed the site was downloaded, cleaned (by which I mean manuallyish removing the offending code from over 600php files!) and reuploaded.
The Joomla site (main BDGA site) was the likely culprit and was immediately patched to the latest version within that fork! Unfortunately this was obviously not enough and it got reinfected.
Subsequently the BDGA site has now been disabled with all scripts redirecting to a holding page (which will be updated with some basic detail soon). The forum has currently been allowed to continue, however if it turns out the phpbb code is being exploited this will have to be taken off line as well.
Going forward
Despite uneducated claims to the contrary updating the current BDGA site from Joomla 1.0.x to 1.5.x is a BIG job. There are many extra addons and modules that will simply not work, let alone the job of moving the content. The site is over 5 years old now (I believe) and has had little attention during that period.
This is however a requirement now, but should not be expected in the coming days.
Likewise moving the forum to the latest phpBB version 3, whilst much more possible, is still a fair amount of work to bed in. This will however be undertaken asap.
Now that's quite enough of my work time been spent on this.... I'll think I'll go and do what I'm actually paid for!
A little background.....
The forum and bdga site run on the same host within the same hosting space. An exploit was used to infect every single php file on the server with code that called upon a third party (evil) site. After initial investigation and attempts to contact administrator for a restore from backup had failed the site was downloaded, cleaned (by which I mean manuallyish removing the offending code from over 600php files!) and reuploaded.
The Joomla site (main BDGA site) was the likely culprit and was immediately patched to the latest version within that fork! Unfortunately this was obviously not enough and it got reinfected.
Subsequently the BDGA site has now been disabled with all scripts redirecting to a holding page (which will be updated with some basic detail soon). The forum has currently been allowed to continue, however if it turns out the phpbb code is being exploited this will have to be taken off line as well.
Going forward
Despite uneducated claims to the contrary updating the current BDGA site from Joomla 1.0.x to 1.5.x is a BIG job. There are many extra addons and modules that will simply not work, let alone the job of moving the content. The site is over 5 years old now (I believe) and has had little attention during that period.
This is however a requirement now, but should not be expected in the coming days.
Likewise moving the forum to the latest phpBB version 3, whilst much more possible, is still a fair amount of work to bed in. This will however be undertaken asap.
Now that's quite enough of my work time been spent on this.... I'll think I'll go and do what I'm actually paid for!
-
TheGroover
- Posts: 477
- Joined: Mon Nov 07, 2005 8:26 am
- Location: Oxford
- Contact:
Please don't be offended or think I don't appreciate that the forum is run by volunteers, I do exactly the same for several fora and websites.
My point was not that 24 hours was too long as such, but that it was long enough for serious damage to occur to users, the BDGA and the sport at large. I was simply expressing my anguish at the situation given that I had offered my assistance and heard nothing and the measures that have now been taken, which I recommended, could be actioned in minutes.
Also it has been 24 hours since I offered to help by either taking down the site my self or to advise anyone who had access on what best to do not 24 hours since the threat started.
I thank you for taking it down now!
My point was not that 24 hours was too long as such, but that it was long enough for serious damage to occur to users, the BDGA and the sport at large. I was simply expressing my anguish at the situation given that I had offered my assistance and heard nothing and the measures that have now been taken, which I recommended, could be actioned in minutes.
Also it has been 24 hours since I offered to help by either taking down the site my self or to advise anyone who had access on what best to do not 24 hours since the threat started.
I thank you for taking it down now!
Evening all
Just wanted to back Charlie up here... I got infected by the virus/malware thingy I suspect and talked to both Charlie and Westie about it yesterday. I also had a right b0££icking by my boss for nearly screwing up the works system as well!
We all know we do all we do on a voluntary basis but when something urgent needs attention, it needs attention urgently! The virus has been around for quite a long time now. i know Charlie wasnt being rude or impatient, just concerned.
thanks for getting it sorted... i am banned from work!!!
Just wanted to back Charlie up here... I got infected by the virus/malware thingy I suspect and talked to both Charlie and Westie about it yesterday. I also had a right b0££icking by my boss for nearly screwing up the works system as well!
We all know we do all we do on a voluntary basis but when something urgent needs attention, it needs attention urgently! The virus has been around for quite a long time now. i know Charlie wasnt being rude or impatient, just concerned.
thanks for getting it sorted... i am banned from work!!!
BDGA #259
PDGA #8840
-------------------------------------------------------
Croydon DGC: Hyzer Cup Champions 08/09 and 2013/14
PDGA #8840
-------------------------------------------------------
Croydon DGC: Hyzer Cup Champions 08/09 and 2013/14
Site's now back up and running in a slightly vanilla fashion. Thanks to Jon for sorting things while I was chucking plastic in the Himalayas 
Looks like the issue was arising from the Joomla install, which is now updated to the latest stable version - as Jon alluded to, that's no quick and easy job, and some functionality has fallen by the wayside for the time being. For all intents and purposes, though, it's fixed.... The forum will also be updated in due course. Not all of us have thumb-twiddling jobs, so it's down the to-do list a ways!
Now, everyone go get Firefox and NoScript....
Looks like the issue was arising from the Joomla install, which is now updated to the latest stable version - as Jon alluded to, that's no quick and easy job, and some functionality has fallen by the wayside for the time being. For all intents and purposes, though, it's fixed.... The forum will also be updated in due course. Not all of us have thumb-twiddling jobs, so it's down the to-do list a ways!
Now, everyone go get Firefox and NoScript....
Re: Pop up ads
As you can see, we've migrated the forum to a new version and have hopefully fixed the back end issue, so the BDGA site *should* be fully up and running again now.
I can only apologise to anyone who was adversely affected by this, as an IT security professional I can tell you that this kind of thing is a non-stop arms race; you can't win, you just have to fight a constant rear-guard battle, which we will try to be better at.
The Board is investigating options for purchasing some web security services, which should do 2 things; 1 - spot we have an issue faster, 2 - provide a remediation service that isn't dependant on our volunteer's availability.
I can only apologise to anyone who was adversely affected by this, as an IT security professional I can tell you that this kind of thing is a non-stop arms race; you can't win, you just have to fight a constant rear-guard battle, which we will try to be better at.
The Board is investigating options for purchasing some web security services, which should do 2 things; 1 - spot we have an issue faster, 2 - provide a remediation service that isn't dependant on our volunteer's availability.
[Standard post disclaimer] My posts are never intended to undermine the work of the Board or individuals putting in effort to grow the sport, they are my honest thoughts on the best ways to grow the game
BDGA: 145
PDGA: 8824
BDGA: 145
PDGA: 8824
Re: Pop up ads
cool, so does this this now make it possible for the bdga forum to work with forum runner app?
um,,,, ah,,,, um,,, a,,, um,, ah,,,
Re: Pop up ads
Ahhhhh, change. I hate change. Sends my borderline OCD nuts.
Seriously, though, well done to those involved in resolving the issue.
Seriously, though, well done to those involved in resolving the issue.
Re: Pop up ads
Fingers crossed this time....! There's a few different scripts on the BDGA site, most of which have now been updated to the latest versions, so here's hoping it 's finally fixed!
I think the feed address may have moved, too - it's now at http://bdga.org.uk/forum/feed.php for those who need it.
Enjoy
I think the feed address may have moved, too - it's now at http://bdga.org.uk/forum/feed.php for those who need it.
Enjoy
Re: Pop up ads
www.bdga.org.uk is still infecting pc's. I think it should be taken down until a fix can be found.
[url=http://www.shropdisc.co.uk/]Disc Golf In Shropshire[/url]
[color=red] BDGA # 266
[url=http://www.pdga.org/tournament/playerstats.php?PDGANum=8833&year=2007]PDGA # 8833[/url]
[/color]
[color=red] BDGA # 266
[url=http://www.pdga.org/tournament/playerstats.php?PDGANum=8833&year=2007]PDGA # 8833[/url]
[/color]
Re: Pop up ads
It's like groundhog day round here!
[url=http://www.shropdisc.co.uk/]Disc Golf In Shropshire[/url]
[color=red] BDGA # 266
[url=http://www.pdga.org/tournament/playerstats.php?PDGANum=8833&year=2007]PDGA # 8833[/url]
[/color]
[color=red] BDGA # 266
[url=http://www.pdga.org/tournament/playerstats.php?PDGANum=8833&year=2007]PDGA # 8833[/url]
[/color]