PDA

View Full Version : 2012-02-21: Site going offline temporarily later today



Hellfire_WZ
21st February 2012, 09:59 AM
Due to the latest string of attacks on the site, Rob will be taking WipeoutZone offline while the damage is assessed. Traffic will be redirected to the Facebook site while this is in effect.

Jav
23rd February 2012, 04:27 PM
Well, I'm not sure I like the new lay-out but I'm sure we'll get used to it... as always :P Nice to see it back online anyways

leungbok
23rd February 2012, 05:34 PM
Do the main site (vbulletin) secured now ? Or you'll still have to repair the site again and again ? :brickwall

Hellfire_WZ
23rd February 2012, 07:03 PM
The boards should have no more issues as it is a new install of vBulletin. Rob's still going over the main site before he puts it back online.

infoxicated
23rd February 2012, 07:31 PM
I just couldn't trust the code for the main site and I didn't have time to go through it and check the integrity.

I'll work on it and put it back up when I can be sure it's fixed.

I'm hoping this new version of the forum software will help fend off those that keep trying to bring it down.

Should probably have done the update before now, but I've been holding off on it for a while (two and a half years!), so now is as good a time as any.

Darkdrium777
23rd February 2012, 09:22 PM
If anything the theme needs higher contrast icons. It feels like everything is the same color right now and I have a hard time distinguishing between what's bumped and what's not.
Don't know if you were planning on doing something like that, but I'll see on my side as well.

Also this (http://www.wipeoutzone.com/forum/misc.php?do=showrules) is somewhat broken.

AG-SYSTEMS
23rd February 2012, 09:30 PM
Even though I've had none of my passwords broken, I changed my forum one and once the site itself is back up, I'm fixing that one too.

Darkdrium777
23rd February 2012, 09:50 PM
Here's a quick and dirty color mod to be more like the old VB3.

http://i.imgur.com/BntQT.pnghttp://i.imgur.com/uEgJo.png
http://i.imgur.com/qWYnD.pnghttp://i.imgur.com/DmeiG.png

Also there's probably a few things you'll want to disable in the image uploader/tag button in the reply box.

infoxicated
23rd February 2012, 11:25 PM
Yes. Sorry about the colors not being up to standard.

I was a bit busy migrating and re-indexing 10 years of forum posts! Takes a good six hours of processing time that does - who knew? ;)

Like I said, I'll get the theme sorted - doing anything "quick and dirty" is counter productive right now. That just means I'll need to do it again at some point and I don't really have time to waste on iterations of improvement. The main site has to be fixed first - then I'll get the theme done at the weekend if I have time.

Darkdrium777
23rd February 2012, 11:48 PM
Don't worry, I'm just giving feedback. I'm not expecting anything instantaneous. I understand this is a one man show.
But here's some idea for what you could do:

http://i.imgur.com/mcHWa.png (http://i.imgur.com/oQZZN.png)

I removed the "What's New" and "Forum" bar and moved the search there because "What's New" is the same as "New Posts" and "Forum" is the same as the little house icon right below and the banner link. Essentially I find that thing is useless lol
I don't know if what I propose is at all possible though. I mean, changing the background color to black sure is, but reorganizing the search bar location...

stin
24th February 2012, 08:59 AM
Wow!, this is totally different but I will get used to it. Eventually hopefully everything will be updated by Foxy due to his hardwork.:clap

However, hopefully that will stave off potienally hackers from our website.

stevie:)

Dark_Phantom_89
24th February 2012, 10:13 AM
Good to see the site back up and running. Great job to all involved. :+

I'm still familiarising myself with a lot of the new stuff. I'm very competent with VB Software, but I haven't used Version 4.1.10 before so I'm trying to figure out where everything is. I'm sure I'll get there in time!

vincoof
24th February 2012, 10:15 AM
I'm unsure if I prefer the new or the old forum layout since I almost didn't use the WoZ forums for years.

However, if the hack came from the site hosting, how security is improved by updating the forums ? I mean, if the hacker used the site host to create a forum admin account with the old forums, if he hacks the site host again what prevents him to creating an admin account for the new forums ?

Anyway, kudos for your hard work on this Rob (as well as to anyone helping) and keep up the good work.

infoxicated
24th February 2012, 11:33 AM
Ten years ago you were easier to please (http://www.wipeoutzone.com/forum/showthread.php?211-Very-nice-indeed&p=2596#post2596)! ;)

The initial hack came from the Dreamhost breach and, as far as I've been able to ascertain, the follow-up hacks came through shell scripts planted during the first hack. I say "hack", but, call me old school, I don't consider planting shell scripts when you have full FTP access particularly "hacky". It's more like they had the keys to the front door temporarily and whilst they were in there they unlocked the back door for future access. Hardly breaking and entering in the true "hacking a Gibson" sense! :D

The latest one came, I believe, through a Wordpress installation that I'd failed to update. I always keep my own WP installation up to date, but there's another site I run that hadn't got updated, so my fault really. The knowledge of what was on the same server as WipEoutZone meant that they could get in that way and then go after the site that would cause the most trouble. No sense in ruining a site run for a local voluntary group when you can wreak havoc for a busy online community, eh?

I wouldn't have minded a bit of a dialogue with the Tim Pernix guy, actually. Not that I believe his motives were particularly altruistic considering all the damage done from him screwing around with the vBulletin database. If it was just defacing the site with the intention of proving just how l33t he was and embarrassing the admin, then whatever floats your boat, but dicking with the database just caused a lot of pain and screwed over the community right as a new game was launching.

Still, I wouldn't have minded chatting to the guy just to see how the wind was blowing. Assuming everything's locked down now, he and his gang will be off finding new people to cause trouble for and WipEoutZone will be as insignificant to them as it was for the previous 11 years of its existence.

In the grand scheme of things, one security breach in 11 years isn't exactly a bad record and the fact we appeared to be victimised for a while is not something I take personally. I'm tired from the late nights spent trying to fix it and I have a bitch of a data bill from having to access the site whilst on holiday, but nobody got hurt and we're all still here. It's just another chapter in the history books of the site. :)

Updating the forums was something I've been meaning to get around to for two and a half years. We had a version 4 license and had been using version 3 the whole time because I couldn't be bothered with the hassle of the upgrade. When it got to the point where I wanted a completely clean install of the forums there was no sense in having a new install of version 3 again, so there you have it. There are things to fix, but in general it went quite smoothly.

Security is improved by being on the latest version of the forum, as v3 wasn't being actively improved anyway. It's also more secure by having none of the code for the main site being on the server any longer - it's all been deleted except for assets. I'll put it back once I'm content that it's clean and doesn't allow any cheap entry points for them.

Somewhat bizarrely this has been quite an educational experience for me as a web developer, so there are a couple of positive take-aways from the whole thing. :)

blackwiggle
24th February 2012, 01:36 PM
Some information about Pernix, the rare ultra plus armour of Runscape.
http://runescape.wikia.com/wiki/Pernix_armour

One of the Moderators of the Runescape forum is called TIM

Do the Zone & Runescape use the same facilities?

infoxicated
24th February 2012, 01:40 PM
I don't know, but one of the email addresses he used when he set up a forum admin account was admin@clawscape.org

Same deal, or just a scapegoat? ;)

UB3R~JKP
24th February 2012, 04:14 PM
Like the new skin. Breathes new life everywhere. :+

blackwiggle
24th February 2012, 09:25 PM
I don't know, but one of the email addresses he used when he set up a forum admin account was admin@clawscape.org

Same deal, or just a scapegoat? ;)

Don't know.
I got in a PSN message conversation with another gamer after playing a couple of rounds of UC3 online.
They asked what other online games I play......got on to talking about WO and the zone....talked about the site hacking, then out of nowhere this gamer suggested the Runescape connection.:?
I don't know if this gamer plays Runescape and has knowledge of other activities that they get up to?
I'd never heard of the game up until then.

After checking out some video footage of it in action it looks like a very rudimentary game, something only a diehard PC geek would play.
http://www.youtube.com/watch?v=mv2gSuyqijI

Darkdrium777
24th February 2012, 09:49 PM
Runescape is so boring that they hack other websites for fun.

vincoof
25th February 2012, 01:33 AM
Ten years ago you were easier to please (http://www.wipeoutzone.com/forum/showthread.php?211-Very-nice-indeed&p=2596#post2596)! ;)
oh noes ! Rob, you can't ! I know you're the admin here etc, but you just can't dig out this stuff ! Aww man... please gimme somewhere to hide...

Thanks for the (pretty detailed) clarification. The message shown by the hacker looked like he was a good samaritan which helped the Internet community by pointing out website flaws, but if he screwed up everything from the inside I guess he's just another jerk and by no means the hero he pretends to be. (Not that I believed he was a hero, but the message seemed fair in some way)

Whatsoever, cleaning up the (potentially unsafe) code and upgrading to the latest board version is always a good thing, and once again I'm glad you handled it so quickly. At least, this is something that didn't change in the last decade !

KUTGW

infoxicated
25th February 2012, 08:01 AM
Thanks Vinny... you haven't said if it works okay in Netscape 6 this time, though - to be honest I haven't checked the site in anything except Chrome! ;)

vincoof
25th February 2012, 10:44 AM
haha you sound like a girlfriend. you never forget stupid things other people have done, do you ?

I'm pretty sure you can "browse" the site logs and already know I'm not using N6 anymore. You're so mean to remind many the good old things that existed over the Internet !

I'm currently working on a web plugin which will be deployed broadly and we test many, many browser/OS compatibility, so I guess I could test WoZ on a wide variety of browser/OS but... believe me or not, Netscape 6 is not on the list :( And worse... Netscape 4 isn't either ! One told me that the end of the world was near, and it's probably one more proof of it x_x

infoxicated
25th February 2012, 11:04 AM
I don't know why I remembered you giving positive feedback. I think at the time I was getting a lot of comments that folk didn't like the smilies or the colours or whatever, and you posted with a positive comment and it just stuck in my mind. :)

When I'm finished with the main site I'll test it in different browsers - probably I'll go back to IE8 and test it in all the other modern ones. IE7 & 6 won't get a look in.

Funny to think that, back in the day, I swore by IE 5.5 because it got the box model absolutely right in principle. Then IE6 came along and making stuff for the web got a lot more complicated. :D

I don't think I've used a Microsoft browser as my main browser for seven or eight years, now.

apemax
25th February 2012, 11:27 AM
I'm glad to see the site is back up. I got bit worried when the website address was redirecting to the Facebook page. Well done to all involved.:)

Darkdrium777
25th February 2012, 02:08 PM
Well here's how it looks (i.imgur.com/Dz9BS.png) on Opera Mobile.
It's fine. I think you'll only have to test if you edit the default thing. The default should have already been tested by the VB team.

Frances_Penfold
26th February 2012, 07:37 AM
Well, for what it's worth, I like the new motif of the site. Thanks as always for keeping this place up-and-running, Foxxy :)

So, uh, is the "multi-quote this message" function new? 'Cuz that is cool as all heck.

Darkdrium777
26th February 2012, 12:54 PM
No, it was in the old one too. It used this icon (files.vbulletin.com/3.6/multiquote-k.png).

Sausehuhn
27th February 2012, 08:26 PM
By the way: My old bookmark still linked me the facebook page. That’s why I thought WOZ was down for about a week. Was it a cache issue or is there still some bad linking?

Darkdrium777
27th February 2012, 11:05 PM
Most likely cache. The redirects were working instantly for me as I kept clearing it after the relevant facebook posts.
You can go three ways to here right now:
http://www.wipeoutzone.com/forum/index.php
http://www.wipeoutzone.com/forum/
http://www.wipeoutzone.com/

Sausehuhn
28th February 2012, 01:37 PM
Okay, it must have been a cache issue then. Great to see the site back online. Kudos! :)

Darkdrium777
28th February 2012, 04:06 PM
Well it was actually redirecting to Facebook for about a week too, so if you are talking about that time then it was fine.
I assumed you meant it had just done it to you five minutes before you posted. In that case that wasn't fine.

Amaroq Dricaldari
13th May 2012, 05:52 AM
Will someone please tell me what the 'ranks' on this forum are, and how many posts you need for each rank?

stin
13th May 2012, 09:25 AM
0-9 New Pilot
10-49 Vector Pilot
50-149 Venom Pilot
150-299 Rapier Pilot
300-599 Phantom Pilot
600-1499 Extreme Pilot
1500-2999 Zone Pilot
3000-4999 Veteran Pilot
5000-9999(?) Legendary Pilot
10000+ Purist

stevie:)

Amaroq Dricaldari
13th May 2012, 05:43 PM
What? No Flash? Sure, it wasn't introduced until Pulse, but it is an essential speed class.

UnleashSonic
10th June 2012, 12:00 PM
So is the site ever going to be back up to it's legendary former self?

infoxicated
10th June 2012, 04:34 PM
Yeah, at some point. It's on my to-do list.

Lance
11th June 2012, 04:06 AM
"0-9 New Pilot
10-49 Vector Pilot
50-149 Venom Pilot
150-299 Rapier Pilot
300-599 Phantom Pilot
600-1499 Extreme Pilot
1500-2999 Zone Pilot
3000-4999 Veteran Pilot
5000-9999(?) Legendary Pilot
10000+ Purist
"

Oh, man, I don't think I'm ever gonna get to purist, considering my recent posting record.

MegaGeeza22
11th June 2012, 08:40 PM
Its nice to see a legend return to the forum! especially one who was before my time!
You should join a few bling brigade events if you still have Wipeout HD and have a few hours to spare... You will soon reach 10,000 posts lol.

Lance
11th June 2012, 11:38 PM
With a name like MegaGeeza, perhaps you are quite antique as well? :)

I never had Wipeout HD, one of the reasons I drifted away. No PS3, no PSP, etc. Just an accumulation of factors that gradually distanced me from the beloved WZ, which I've always considered to be the finest gaming site on the internet. My hours tend to be spent on writing, or playing tinwhistle or harmonica, or just sleeping or watching TopGear on YouTube, or something equally non-creative. The last games I really spent time on were Forza 3 and SoulCalibur 4.

vincoof
12th June 2012, 11:45 AM
So is the site ever going to be back up to it's legendary former self?
Short answer :

I'm still shooting for the end of this month.

infoxicated
12th June 2012, 03:28 PM
That was before I got some freelance work, though.

Freelance work takes precedence over anything else, considering it actually pays! :)

The trouble with the main site is that there are so many bits to fix and only so much willpower to tackle it.

I have done some work - honest. I even showed Charlie when he visited last month. I'll get round to the rest of it.

Well, either that or the domain for the site will expire in 36 days and it'll all disappear into internet limbo.

// it's funny because it could be true

UnleashSonic
16th June 2012, 05:11 AM
I won't hold my breath then, but it would be cool to see the site like it, apparently, used to be. I recently got back into WipEout, well, back into being obsessed with it anyways. Got a Vita solely for 2048, been playing it non-stop.