Sincere Apologies - please read

Rick Couchman · November 03, 2022, 12:41:16 PM

We have been hacked three times in the past 3 days. I did everything I could to remedy it. My host, Siteground, did everything they could. Our friend Jeff Lewis looked at it and didn't have a good solution - and neither did his techie friends.

So I resorted to deleting everything off the TMLfans servers, except for the forums. And was forced to do a backup from BEFORE the issues started. A week ago. So we lost all posts from the last week. I hated doing that - but it was the only thing I could try.

Sorry! Go Leafs go!

herman · November 03, 2022, 12:49:08 PM

No need to apologize, Rick. Thanks for all the hard work.

If only the Leafs could erase the last week or two of their season...

Frank E · November 03, 2022, 12:51:16 PM

This past week was some of my best work ever. RIP Frank E posts.

Rick Couchman · November 03, 2022, 12:52:24 PM

These freaking hackers are such asses. Destruction for no reason. This was one of the hacks. They used a script to change every board, topic and post title to this. Pure evil. Why the Habs? I'd rather they chose any other team - or a porn name. Anything but the stupid Habs!

Bender · November 03, 2022, 12:56:59 PM

What I don't understand is why Tmlfans and why now? Is it related to the server change? I mean, you'd think they'd have enough security... So bizarre.

Rick Couchman · November 03, 2022, 01:03:21 PM

Quote from: Bender on November 03, 2022, 12:56:59 PMWhat I don't understand is why Tmlfans and why now? Is it related to the server change? I mean, you'd think they'd have enough security... So bizarre.

I really don't know. It's the same server, we just upgraded the SMF forum software (three weeks ago when we had the long outage). I have other websites on my server and they only hit the TMLfans area. Bizarre indeed.

herman · November 03, 2022, 01:13:05 PM

They must've slipped a backdoor in there to inject a SQL script; I assume all post, thread, board titles are stored in a database table and just that column got replaced with the same statement each time.

Bill_Berg_is_pissed_off · November 03, 2022, 01:25:24 PM

It's probably some Canadians fan. You can tell by the poor grammar.

CarltonTheBear · November 03, 2022, 01:33:02 PM

Quote from: herman on November 03, 2022, 01:13:05 PMThey must've slipped a backdoor in there to inject a SQL script; I assume all post, thread, board titles are stored in a database table and just that column got replaced with the same statement each time.

Yeah I thought it was weird that that's all that was being affected.

Rick Couchman · November 03, 2022, 01:37:23 PM

Quote from: herman on November 03, 2022, 01:13:05 PMThey must've slipped a backdoor in there to inject a SQL script; I assume all post, thread, board titles are stored in a database table and just that column got replaced with the same statement each time.

I agree. That's why I resorted to using a backup from a week ago. My assumption is that Mr Hacker found access and uploaded something in the past three days. I've shut every possible backdoor that I could find.

We wait and see and cross fingers collectively. What a headache. This hacker is a small, idiotic, imbecile with no life.

herman · November 03, 2022, 01:43:21 PM

Block all attachments and make sure every user entry field gets sanitized before the server runs

It doesn't seem like the database credentials were compromised

bustaheims · November 03, 2022, 01:50:17 PM

Friggin' Habs fans.

Dappleganger · November 03, 2022, 02:06:35 PM

Quote from: bustaheims on November 03, 2022, 01:50:17 PMFriggin' Habs fans.

I didn't know they could write let alone code.

azzurri63 · November 03, 2022, 06:37:42 PM

Quote from: Bill_Berg_is_sad on November 03, 2022, 01:25:24 PMIt's probably some Canadians fan. You can tell by the poor grammar.

I was thinking the same thing lol.

Zee · November 04, 2022, 10:03:18 AM

No need to apologize Rick, this Habs fan who did this is a huge loser.