RPGWatch Updates, Bug reports and Feature requests

As to why, I see regular attacks for mail accounts, so our mail server could be used for sending out spam mails.

I'm getting several "join the bitcoin money" spam mails - after a week or two with an odd almost absolute silence.
Sent by outlook.com , yahoo.com and googlemail.com accounts.
 
Joined
Nov 5, 2006
Messages
21,909
Location
Old Europe
It's easy to fake the address a mail was sent from. You need to check the actual headers of the e-mail to verify from which mail address they were really sent.
 
Joined
Aug 30, 2006
Messages
11,223
I'm getting several "join the bitcoin money" spam mails - after a week or two with an odd almost absolute silence.
Sent by outlook.com , yahoo.com and googlemail.com accounts.

It's easy to fake the address a mail was sent from. You need to check the actual headers of the e-mail to verify from which mail address they were really sent.

Its so frustrating when you get broken into and they take your contact list. They'll spoof you as their return address when sending it from another site and there's nothing you can do until enough people/sites flag you as spam - and hopefully they'll get the sender and not your address.

I think of it as a legacy problem with the internet as general - the return address should match the sender. I would like some consortium to come up with an email 2.0 that removed this option, but then I can think of some ways you would still need this.

I am not a star in analyzing log files, but I had the impression that the amount of attacks we had should not cause the site to stop functioning. It wasn’t a generic server issue as it had enough resources to work with and I could just log in as root. The only thing that happened was that 4 of the 8 threads we can run in parallel were at 100% causing PHP-FPM to stop functioning. I changed the configuration parameters and found a set that allowed the site to keep functioning even with all 8 threads at 100% and blocked some Lithuanian IPs in the process. That actually took more time than I thought as the way the documentation says it loads the various configuration files is not how it is implemented apparently. What was left at that moment was a brute force attack for a mysql injection from a single IP, which I blocked.

As to why, I see regular attacks for mail accounts, so our mail server could be used for sending out spam mails. I see about 100 tries a day to get direct access to the server and every now and then someone is doing brute force attacks to detect a mysql injection, which can also used to get access to the server. Up to now all without any success fortunately.

As far as the time it took to solve this, well I have a full-time job, so I could only work on it when I got home :)

You are still on MySQL? I had thought the vast majority of MySQL servers had switched over to MARIA by now.
 
Joined
Oct 19, 2006
Messages
5,212
Location
The Uncanny Valley
MariaDB does not by itself offer protection against sql injection, when you are executing queries. just like with MySQL you need to use wrapper functions that check the format of input.
Besides that MariaDB isn’t perse beter or worse than MySQL. It was forked from MySQL and although for a large part still compatible, there are differences and the differences between the two are increasing. The big plus for MariaDB is that it is FOSS and is not owned by a big company. mySQL is owned by Oracle and you can never be 100% sure that a free version is available for the duration. Then again you can’t be sure of a development team working on MariaDB forever either. The development team for MySQL is much larger than MariaDB, so it can be considered doubtful they will be able to keep MariaDB compatible for the new functionality added over time.
There are pros and cons for both, but I don’t consider MariaDB to be a must have and one being better than the other.
 
Joined
Aug 30, 2006
Messages
11,223
Nice banner, @Myrthos;, @Arhu; or whoever made it :thumbsup::thumbsup:

A pity it's not replicated all over the site.
 
Joined
Nov 15, 2013
Messages
3,753
Location
Brasil
Thanks. It is an automated process and the banner is replicated for both the news and forums pages, but I think why it doesn’t necessarily show, is a caching issue. Your browser isn’t told there is a new image, so takes the old image from the cache.
A quick fix on you end would be to clear the cached files for RPGWatch in your browser.
 
Joined
Aug 30, 2006
Messages
11,223
A CTRL + F5 fixed it for me :)

Another issue: whenever I try to acess indie.rpgwatch.com, I get

Error 526 Invalid SSL certificate

Any hints?
 
Last edited:
Joined
Nov 15, 2013
Messages
3,753
Location
Brasil
Oh.. think I forgot to update that one.
 
Joined
Aug 30, 2006
Messages
11,223
This is an unusual question - is it possible to do dice rolls?

I was thinking of something like [dice=3d16][/dice] could generate a reply from a bot
 
Joined
Oct 19, 2006
Messages
5,212
Location
The Uncanny Valley
I can't find a mod for it that is actually downloadable and also works on our version of the forums, so this doesn't look like it is happening in the short term.
 
Joined
Aug 30, 2006
Messages
11,223
I can't find a mod for it that is actually downloadable and also works on our version of the forums, so this doesn't look like it is happening in the short term.

OK thanks. Do you have a link to forum software you've been using? I've been curious to look under the hood lately.
 
Joined
Oct 19, 2006
Messages
5,212
Location
The Uncanny Valley
We use vBulletin. We also use an older version, 3.8
 
Joined
Aug 30, 2006
Messages
11,223
One of these days we will be moving to a new server. While preparing the new server I’ve also improved and increased the security, which will result in older browsers no longer functioning with RPGWatch. And old is really old as it includes anything before IE 9, Anything before Android 2.something and any gadget using Java 6 or earlier. Obviously this could also applies to older versions of Chrome, Firefox and others, but these are supposed to update automatically, so should cause no issue.

The Locus Inn has already moved (link at the very top) It is my first site that I don’t really maintain anymore, but it is still here because of nostalgia :)
If you can see that site, you are fine.

I don’t know when exactly the move will be, as there are still some site issues, because we also are also moving to PHP version 7.

Funny thing is that on an average day already now when it has not been made public yet, there are some 500 attempts to load pages that don’t exist (but are potential risky pages if they would exit and are not protected sufficiently) and there are some 600 attempts to log in on the server, all from various sources.
 
Joined
Aug 30, 2006
Messages
11,223
You'll have to put a bunch of fake credit card information into one of those pages. ;)

So I got a few notifications today about replies to my posts. I went to one but now there's no new ones. As near as I can tell, there's no way to get to the notification page unless there's new notifications! Is there any chance that notification text could be left up all the time and just say 0 when there's no new ones?
 
Joined
Aug 3, 2008
Messages
8,238
Location
Kansas City
Also at the right top, below the banner and your name, there is a notification link. If you click on that it will give you a drop-down box for PMs, Mentions and Quotes.
 
Joined
Aug 30, 2006
Messages
11,223
Ah right. I always leave at least one PM unread, so that it will always show.

The PM I can also read via the mail notification or I send a PM to myself :)
 
Joined
Aug 30, 2006
Messages
11,223
Back
Top Bottom