GF Attacked

[Demon_Skeith]

Yesterday about, around 11:50 PM someone launch an attack on the website through our wiki. This promoted quick response from our host to stop it but ended up putting the site into a account suspend page for about 10 minutes. As far as I know no data was stolen or altered/deleted.


Learning what happened and the source, I checked out the wiki to see it full of spam and my admin account unreachable (both in signing in and trying to recover my password.) so the wiki project I've slowly put some work into is suspended till further notice.

 

[Yoshi]

Let me take a look at it.

 

[hissae2]

Wow, good to hear the forum is okay.

 

[froggyboy604]

Sounds like a security hole from an unpatched version of the Wiki software. Have you been quickly updating the Wiki CMS to the latest version as new versions are released?

 

[Demon_Skeith]

I haven't updated anything on the wiki for a little while now.


but that aside, I found out from my host that the attack didn't use the software, what the attacker did was this:

It's not a flaw in the software per-say but the way the user was requesting pages.

My host has made the needed adjustments to their firewall to prevent this from happening again in the future.

 

[Marc]

Good to hear everything is back to normal.

 

[Ikram45]

It is good to hear everything is normal and no data is lost. How is the WiKi progress going?

 

[Demon_Skeith]

How is the WiKi progress going?

100% canceled and trashed.

 

[Ghost Smoke]

Dude that's pathetic I hate people who have nothing better to do than mess with your site! That's why I try to back up anything I have that's important but to good hackers that will never matter they'll get your info if they want it. Regaurdless of wether you backing up or not! Try making a webmaster account that is hidden so you have an alternative to get on here if they get your main admin account!