Hip hip HOORAY!
Hip hip HOORAY!
Hip hip HOORAY!!!
Willow: You know what they say. The bigger they are... Anya: The faster they stomp you into nothin'.
'The Killer In Me'
Buffistas Building a Better Board ++
Do you have problems, concerns, or recommendations about the technical side of the Phoenix? Air them here. Compliments also welcome.
Jesse - Sep 13, 2012 2:48:22 pm PDT #3261 of 4673
Sometimes I trip on how happy we could be.
Liese S. - Sep 13, 2012 3:31:06 pm PDT #3262 of 4673
"Faded like the lilac, he thought."
Okay, okay, we better move the Scola-worship back to Natter or somewhere before ita ! gets back and thinks all these posts are things she needs to resolve. (Me too, not coming down on anyone here.)
Rob - Sep 18, 2012 6:45:26 am PDT #3263 of 4673
post-mortem later
So what happened?
Tom Scola - Sep 18, 2012 2:42:45 pm PDT #3264 of 4673
Remember that the frontier of the Rebellion is everywhere. And even the smallest act of insurrection pushes our lines forward.
Hackers got in again, via Plesk.
They modified the /etc/php.conf and /etc/httpd/conf/httpd.conf file so that PHP would insert malicious code into people’s browsers whenever a PHP page was visited. Fortunately, the hijacked PHP would not execute and instead would fail immediately. Unfortunately, this caused the entire site to go down—probably a better outcome than the alternative.
Scanning the system afterwards, I found the only other changes to the system at the time of the attack were to some Plesk internals. At the very least, Plesk needs to be wiped out and reinstalled from scratch.
At this point, I would recommend moving to a whole new server, with an up to date version of Plesk, and an up to date OS (we’re running CentOS 4.9). If iStrata can’t provide us this, then we should switch hosting.
§ ita § - Sep 18, 2012 3:31:33 pm PDT #3265 of 4673
Well not canonically, no, but this is transformative fiction.
If we're starting from scratch, any reason to stay? It is more exhausting moving across the state instead of down the hall, but we will have to pick up everything and find its place in the new digs, and I suspect we will have to pay them for any help they give us.
Mostly I blanch at the change of address part of the metaphor.
Rob - Sep 18, 2012 3:41:57 pm PDT #3266 of 4673
I agree with Tom.
Although the iStrata guys were really good when I rented my server seven or eight years ago, they haven't kept up with the times. There's no reason to get an actual physical server these days when a virtual server could easily handle the board's load.
We might even be able to run the entire thing out of the Amazon EC2 free tier for a year.
If not, the Linode guys are highly regarded.
§ ita § - Sep 18, 2012 4:27:23 pm PDT #3267 of 4673
Well not canonically, no, but this is transformative fiction.
You agree with me too, right? Validate meeeeeeeee.......
Just kidding.
I'd rather not go with Amazon for reasons I have no right to impose on the board, so only if it's perfectly reasonable and equally viable.
Popping something up in the cloud sounds like a good and safe option. We shouldn't be in the OS administration business. Just keeping the php running and not php itself. Not even the mySQL, if we can avoid it. But certainly not Linux.
Lee - Sep 18, 2012 9:59:15 pm PDT #3268 of 4673
The feeling you get when your brain finally lets your heart get in its pants.
I feel like one of Gary Larson's dogs.
Liese S. - Sep 19, 2012 8:28:19 am PDT #3269 of 4673
"Faded like the lilac, he thought."
I agree with ita on the Amazon for Reasons.
I also agree with Tom & Rob.
I am pretty agreeable at the moment. But yeah, if you're going to have to cut bait anyway, I'd say move. This is the second time, and I see no reason why there won't continue to be additional times, unless iStrata gets more current. And the next time, it may not be so innocuous.
However, I am not the we doing the work, so you guys should do as you see fit.
Rob - Sep 19, 2012 11:06:27 am PDT #3270 of 4673