Suela, our registration system is under attack by someone who appears to be trying to exploit some security hole there. As far as we know, no hole exists, but the attempts keep on coming. I'd have given up long ago, which is why I wondered if we're missing something. Besides that, it frelling annoying. Whoever it is is chewing up user names faster than a cancelled Minearverse show.
Early: Where'd she go? Simon: I can't keep track of her when she's not incorporeally possessing a space ship. Don't look at me.
'Objects In Space'
Buffistas Building a Better Board ++
Do you have problems, concerns, or recommendations about the technical side of the Phoenix? Air them here. Compliments also welcome.
DXMachina - Aug 31, 2005 6:18:11 am PDT #470 of 4671
You always do this. We get tipsy, and you take advantage of my love of the scientific method.
Tom Scola - Aug 31, 2005 6:26:45 am PDT #471 of 4671
Mr. Scola’s wardrobe by Botany 500
Would it be possible to obfuscate the registration page a little, such as replacing the text with numeric entities, or mixing things up a little for each page view?
DXMachina - Aug 31, 2005 6:35:27 am PDT #472 of 4671
You always do this. We get tipsy, and you take advantage of my love of the scientific method.
I think all we really need to do to fight this particular script is just reject any user names or e-mail addresses that contain "@buffistas.org."
§ ita § - Aug 31, 2005 6:36:00 am PDT #473 of 4671
Well not canonically, no, but this is transformative fiction.
Would it be possible to obfuscate the registration page a little, such as replacing the text with numeric entities, or mixing things up a little for each page view?
Well, the attack is meant to hit e-mail form pages, which is one reason it's not working so well on the reg page. I don't think they mean to be registering. Obfuscation wouldn't be of further help.
DXMachina - Aug 31, 2005 6:37:38 am PDT #474 of 4671
You always do this. We get tipsy, and you take advantage of my love of the scientific method.
Which also makes me wonder why they haven't gone after www.buffistas.org/email.php.
§ ita § - Aug 31, 2005 6:42:46 am PDT #475 of 4671
Well not canonically, no, but this is transformative fiction.
Maybe it is obfuscated? I have no idea. It's not the brightest attack.
Consuela - Aug 31, 2005 7:25:40 am PDT #476 of 4671
We are Buffistas. This isn't our first apocalypse. -- Pix
reject any user names or e-mail addresses that contain "@buffistas.org."
So... they're trying to register as a Buffista with a Buffistas address? that... doesn't make a lot of sense.
§ ita § - Aug 31, 2005 7:26:51 am PDT #477 of 4671
Well not canonically, no, but this is transformative fiction.
Script kiddies never make sense -- it's not a person, probably, just a bot.
§ ita § - Aug 31, 2005 9:45:52 am PDT #478 of 4671
Well not canonically, no, but this is transformative fiction.
DX, the code should now block both usernames and registration addresses with buffistas.org in them.
DXMachina - Aug 31, 2005 9:55:59 am PDT #479 of 4671
You always do this. We get tipsy, and you take advantage of my love of the scientific method.
Cool. Now, if we could just flood the originating IP with messages that all say "GET OUT! GET OUT! GET OUT!" it'd be perfect.