Next:
Mississippi Valley State @  Utah
ESPN+

Technical Issues

Welcome Cyclones Fans! Forums Ute Hub Site Technical Issues

Viewing 6 reply threads
  • Author
    Posts
    • #162056
      14
      Tony (admin)
      Keymaster

      I realize the site performance the last few days hasn’t been very good. I’ve been working very hard looking into what’s going on.  I’ve found several very bad things which I’ve been dealing with. 

      First off, my dedicated server has been hacked. I’ve been working for days to get rid of malicious files and hidden spam links (not on Ute Hub though). 

      In the last few days my SQL queries are exceeding 100% of the CPU power of the server. That’s the source of the slowdown. Not sure if that’s part of the hack or not, perhaps a bot hitting the server trying to hack it again, or a new development from a script update or change. I’ve spent hours and hours looking at logs and trying to figure out where the issue is coming from.

      Lastly, I found some 200,000+ spam emails in the server’s outgoing queue. Somehow the hackers/bots managed to actually create fake email accounts and start sending out spam.  I’ve cleared out all the fake accounts and deleted the 200K outgoing mails, but as far as I can tell some 100K were sent out before I caught it. I put limits on the number of email accounts and number of emails that can be sent out, so that if this happens again, they’ll not be able to send out thousands of spam emails. 

      Right now I feel like I’m fighting a forest fire with a squirt gun. I’m very frustrated. Things are running at the moment. I’ve scanned the server several times a day for the last couple of days and no hacked code has been found. Unfortunately the CPU usage is still pretty maxed.  I’m hoping that the issue will go away when the bots move on to their next target, as has happened in the past. 

    • #162057
      14
      Ute Dub
      Participant

      On the bright side at least your name isn’t Gunner or Baylor trying to have a good time in Shreveport tonight. 

      • #162058
        14
        MFury
        Participant

        Tony – you’re a rock star. Thanks for putting up with this stuff. I wish I had the technical chops to help out on this.

    • #162060
      7
      ProudUte
      Participant

      Thanks, Tony.  Sounds like a DoS attack.  I dealt with a few of those in my preretirement career.  We appreciate everything you do to keep this site running.

      • #162067
        3
        Tony (admin)
        Keymaster

        Yes over the years we’ve had several DDoS attacks. One was so bad I had to shut the whole damn thing down for 3 days until it went away. China and the Czech republic are blocked now, which my not amount to much.

    • #162062
      1
      Utesbyfive
      Participant

      Tony, you are putting in Yeoman’s service. You need a serious coder to help you. Put out a call and find some expert help.

      • #162065
        4
        Tony (admin)
        Keymaster

        Yeah I’m mostly a front-end engineer, not an SQL/DB or networking engineer. 

    • #162078
      2
      chinngiskhaan
      Participant

      Man, I thanks for not throwing in the towel on this whole thing Tony! You are a better Utah man than I

    • #162082
      2
      PlainsUte
      Participant

      Many thanks, Tony, for all you do to keep the site running. I know first hand keeping software running 24/7 is not easy, and troubleshooting can often be vexing and very time consuming.

      Might consider blocking hormel.com to block the spam! 😉

      Wish I had some practical advice in this specific area, but maybe some other fan can pitch in.

    • #162083
      1
      idahoute
      Participant

      Sorry to hear that Tony and that it’s taking up so much of your time. We sure appreciate all you do!! At least you got rid of hacks Pace and Cesar Chavez!

Viewing 6 reply threads
  • You must be logged in to reply to this topic.