Jump to content

Forum Issues


Recommended Posts

The certificate is to encrypt sensitive data like credit card details but the website doesn't actually need it so I'm not sure why it's there.

 

The website redirect issue could be what Geoff mentioned in the other thread. But then it could be something else. The server we're on is crap so I wouldn't be surprised if it's related.

 

When/if it got hacked in to last time they didn't change the FTP password which is bad practice. I'm still not actually sure what happened then, all they said was the malicious script had been removed.

Link to comment
Share on other sites

Thanks everyone for looking at this issue and i can assure everyone soon we will have total control over wim web/ forum. At the moment i want to tell IT what they are doing wrong or what they arn't doing? so some questions...

1: What is the certificate for.

2: Has this anything to do with Zen

3: Has the web been hacked again and if so how are they getting in since the web site is static.

 

 

1. A certificate gives you encrypted information between you and the server you are talking to. When I connect to your server, there is a bit of a handshake going on and we swap information. Not all of this comes directly from your server, some of it comes from a certificate authority such as geotrust, digicert, etc. who you bought your certificate from and other bits from domain name servers verifying you are the correct servers I'm talking to. Once my browser is happy you've responded with your public key and the certificate matches, data will flow but is encrypted between the two so if you were watching it (say on a public wireless in MacDonalds for instance) you wouldn't see this writing as I send it to the site, you'd just see what appears as gobledygook and is decrypted both ends as they talk. Banking systems use the same method. You know that transmitting the data between each other is encrypted.

 

This is what the HTTPS is. This may not seem important but what if, say I sent a PM with some personal info in or posted some wording to the adult forum? I'd be glad people can't capture that. You'd be surprise how much data capturing is going on. Not just local wireless level but every router in between you and the receiver. 

 

All this means is that I'm definitely talking to your server and the data between us is encrypted. It doesn't mean other things aren't going on. It is simply verification and to prevent "man in the middle" attacks or seeing your data.

 

2. It's impossible to say as I don't know the level of control you have or if there are any reverse proxies, etc. in between you and the system. Do you have access directly with Apache or is it all through your panel?

 

3. Again impossible without seeing internally but alarms tend to ring on the providers side as there are lots of patterns indicating if you have. It could simply be an external embedded piece of code or reverse proxy issue as above for instance (the biggest is getting confused with setting up https redirect when it does it itself so an endless loop type thing). Lots of things could be the issue, not just being hacked. 

 

As for the site being static, it's irrelevant really. The only safe machine is one buried in 50ft of concrete with no wires or power attached and even then it's questionable! :-)

  • Like 2
Link to comment
Share on other sites

Great explanation Geoff :)

 

To further destroy the forum i notice all of my past youtube vids have gone?

That's just a knock on effect from these other issues. Once they're sorted they should show again.

Link to comment
Share on other sites

My own (rather bitter) experience of running forums on shared hosts isn't great - our own site www.omegaowners.com only lasted less than 3 weeks before our hosting company disconnected us when we launched in 2006.  Thats how it ended up on a dedicated server, and has always stayed that way...  ...and has remained very reliable considering we run it on a shoestring.

Link to comment
Share on other sites

Doesn't sound good sad.png ....Rich is about to move the forum away from Zen who are utter crap... I've never had any issues web or forum until IT at BlackBoots took control.... Personally i think they should stick to selling ice creams. thumbsdown_anim.gif

Link to comment
Share on other sites

Doesn't sound good sad.png ....Rich is about to move the forum away from Zen who are utter crap... I've never had any issues web or forum until IT at BlackBoots took control.... Personally i think they should stick to selling ice creams. thumbsdown_anim.gif

Is that outsourced, or do they have in-house peeps?

 

(assuming you can say on a public forum)

Link to comment
Share on other sites

I worked for a large company and got TUPEd out to an outsourcer for 10yrs, before getting TUPEd back into the original company.

 

In my experience, IT outsourcing never works effectively (or cheaply).

 

 

I'm surprised, given what I've seen of Blackboots and WIM's web presence, and the likely IT resources you're likely to have at HQ, you can't do this in-house by occasionally taking a little bit of time from one of the more IT literate staffers there :o

 

Obviously, there might be an awful lot more that I can't see.

 

 

I certainly run bro's business IT, including all PoS stuff (which I wrote) for his 2 shops, and all the backend servers (including web presence) and email on his own on-site servers.  And obviously run the Omega forum on my dedicate, on site servers. And obviously hold down a full time, pretty intense, IT job.

Link to comment
Share on other sites

BB use the IT for phones/ net and net related campaigns. My mistake was allowing wim to "tag along" and fall under their wing. To date Rich and I are taking back the control and undoing their censored.gif..... It wasn't far back they allowed to forum to stay down for a month?

  • Like 1
Link to comment
Share on other sites

It wasn't far back they allowed to forum to stay down for a month?

That is disgraceful.  Servers are generally reliable, modern server OS's are generally reliable, and modern forum software (assuming usual maintenence is done) is generally reliable.  And assuming you have good backups of the database and the web directory (for themes, attachments and so on, even if the server(s) caught fire, any hosting firm could bring up a new server for you within an hour or so, and allow another 2-4hrs to restore data.  I can't imagine your forum setup is in any way unusual.

 

It p**ses me off, as it gives us reprobates who work in IT a bad, lazy, incompitent name,

 

 

Rant over. I'll go and kick the cat or something to calm down.

Link to comment
Share on other sites

Kick the cat anyway smile_anim.gif...... I'm at the pinnacle to get all of wim's control back... The IT BB use is utter crap in my opinion who seem to treat wim as a low income scratch they would rather not itch unless we make a noise..... Crap thumbsdown_anim.gif 

Link to comment
Share on other sites

 

 

It wasn't far back they allowed to forum to stay down for a month?

That is disgraceful. Servers are generally reliable, modern server OS's are generally reliable, and modern forum software (assuming usual maintenence is done) is generally reliable. And assuming you have good backups of the database and the web directory (for themes, attachments and so on, even if the server(s) caught fire, any hosting firm could bring up a new server for you within an hour or so, and allow another 2-4hrs to restore data. I can't imagine your forum setup is in any way unusual.

 

It p**ses me off, as it gives us reprobates who work in IT a bad, lazy, incompitent name,

 

 

Rant over. I'll go and kick the cat or something to calm down.

IncompEtent ;)

 

I hope the cat escaped....!

 

Yes, I.T. can be a thankless task, but so necessary in today's modern lives.

Link to comment
Share on other sites

Tried to look at My Conversations and got this error:

 

 

 

Fatal error: Out of memory (allocated 47185920) (tried to allocate 88 bytes) in /data01/c4253105/public_html/forum/admin/sources/base/ipsMember.php on line 2799
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...