Technical Issues
Welcome Cyclones Fans! › Forums › Ute Hub Site › Technical Issues
- This topic has 9 replies, 8 voices, and was last updated 2 years, 11 months ago by idahoute.
-
AuthorPosts
-
-
Tony (admin)Keymaster
I realize the site performance the last few days hasn’t been very good. I’ve been working very hard looking into what’s going on. I’ve found several very bad things which I’ve been dealing with.
First off, my dedicated server has been hacked. I’ve been working for days to get rid of malicious files and hidden spam links (not on Ute Hub though).
In the last few days my SQL queries are exceeding 100% of the CPU power of the server. That’s the source of the slowdown. Not sure if that’s part of the hack or not, perhaps a bot hitting the server trying to hack it again, or a new development from a script update or change. I’ve spent hours and hours looking at logs and trying to figure out where the issue is coming from.
Lastly, I found some 200,000+ spam emails in the server’s outgoing queue. Somehow the hackers/bots managed to actually create fake email accounts and start sending out spam. I’ve cleared out all the fake accounts and deleted the 200K outgoing mails, but as far as I can tell some 100K were sent out before I caught it. I put limits on the number of email accounts and number of emails that can be sent out, so that if this happens again, they’ll not be able to send out thousands of spam emails.
Right now I feel like I’m fighting a forest fire with a squirt gun. I’m very frustrated. Things are running at the moment. I’ve scanned the server several times a day for the last couple of days and no hacked code has been found. Unfortunately the CPU usage is still pretty maxed. I’m hoping that the issue will go away when the bots move on to their next target, as has happened in the past.
-
Ute DubParticipant
On the bright side at least your name isn’t Gunner or Baylor trying to have a good time in Shreveport tonight.
-
MFuryParticipant
Tony – you’re a rock star. Thanks for putting up with this stuff. I wish I had the technical chops to help out on this.
-
-
ProudUteParticipant
Thanks, Tony. Sounds like a DoS attack. I dealt with a few of those in my preretirement career. We appreciate everything you do to keep this site running.
-
Tony (admin)Keymaster
Yes over the years we’ve had several DDoS attacks. One was so bad I had to shut the whole damn thing down for 3 days until it went away. China and the Czech republic are blocked now, which my not amount to much.
-
-
UtesbyfiveParticipant
Tony, you are putting in Yeoman’s service. You need a serious coder to help you. Put out a call and find some expert help.
-
Tony (admin)Keymaster
Yeah I’m mostly a front-end engineer, not an SQL/DB or networking engineer.
-
-
chinngiskhaanParticipant
Man, I thanks for not throwing in the towel on this whole thing Tony! You are a better Utah man than I
-
PlainsUteParticipant
Many thanks, Tony, for all you do to keep the site running. I know first hand keeping software running 24/7 is not easy, and troubleshooting can often be vexing and very time consuming.
Might consider blocking hormel.com to block the spam! 😉
Wish I had some practical advice in this specific area, but maybe some other fan can pitch in.
-
idahouteParticipant
Sorry to hear that Tony and that it’s taking up so much of your time. We sure appreciate all you do!! At least you got rid of hacks Pace and Cesar Chavez!
-
-
AuthorPosts
- You must be logged in to reply to this topic.