Outage 9/24/2019

Hi All, Some of you may have noticed we had an outage yesterday for about 2 hours. We were attacked using what appeared to be a cross site scripting attack where they were able to download files to our server.

Due to the other security in place on the servers it doesn’t appear any data was breached from what I can tell in the logs. We’ve since taken steps to mitigate and hopefully eliminate this type of attack in the future. I apologize for the downtime, apparently someone doesn’t like us… :man_shrugging:

I hadn’t noticed, but wow…I’m glad it’s fixed!

Still in progress, I noticed more weirdness this morning.

I noticed that last night. We must be doing something right if people have heard of us enough not to like us - keep up the good work!

That’s exactly what I said! :slight_smile:

Thanks for the update. I didn’t know what to do with myself so I had to knit.

Made some changes to improve security, post here if you find weirdness.

Ha!! Good thing we can always keep ourselves occupied. :wink:

I just tried to start a new blog and things seemed to get stuck on “working”. I did a screen shot if you need it. Let me know.

duh. never mind. I think I was doing it wrong :frowning:

I’ve noticed occasionally when I post it’s getting stuck in “working” as well but when I refresh it’s there. I’m not sure which thing I enabled is causing that but I’ll dig into it, good to see that it’s not just me it’s happening to.

Lol! You crack me up.

My thoughts as well.

I noticed something wonky…it may be a cache issue on my side…when I look at photos that I have posted in my groups, I see the formatting, too.

Here’s an example:

https://fiberkind.com/sguncategorized/free-knitting-and-crochet-patterns/2258-knitting-patterns-free-forever/page10

Post #139

Here is what I see:

[ATTACH=JSON]{“alt”:“screenshot”,“data-align”:“none”,“data-size”:“full”,“title”:“Berroco.JPG”,“data-attachmentid”:28736}[/ATTACH]

I don’t think it is an issue on your end -
I see the same thing.

Ok, that’s likely due to the security stuff I enabled, I made it so the server can’t execute certain commands, I’ll see about backing things off now that I’ve mitigated the attack.

Slowly re-enabling the formatting features and keeping an eye open to make sure the patch resolved the issue.

Well done @Admin this must be exhausting for you to keep on top of. Thank you.

Thank you, @Admin !! Everything is working great now.

Perhaps the folks in the Old Place don’t like competition especially from folks they tossed out :slight_smile: