TPW Server IssuesLime -- Sunday, March 23, 2003 -- 05:54:35 AM
(All users will see what tags exist for a thread. Please tag carefully!)
It was the nameserver issue again. I don't know why ICANN is bothering me. They are now insisting that everything be public info.
But I can't figure out why the "hello" file is coming up. Any thoughts?
Easiest way to avoid having all your contact info available via a whois search is to opt for private registration. That way you are still the registrant and owner, but all your data is held by Domains By Proxy (or whatever the company is, Domains By proxy is the one I've seen) and it's their data that shows on WHOIS. They'll release to something like law enforcement under appropriate circumstances, but they're not handing it over to any random internet weirdo. Costs a few dollars a year, but a lot of people think it's worth it.
I'm puzzled by why the hello file suddenly started showing up now, given that the nameserver problem shouldn't have had any effect on file existence or file contents.
What would make that show up? I don't have time to check.
I'm still getting it--will it percolate through?
And hi, and THANKS!
Rebooting server--should be right back up.
Sorry about the problem. This one was all my fault, but the situation was compounded by the various issues.
Problem 1: People can't get into the site because of the hack. Cliff, TwoStep, and a couple others are still out.
Problem 2: Because of db memory problems, I am unable to get into the admin panel. This means I can't reset passwords, change user names, anything like that. What I have to do is log off and send a password reset to your userid.
Moreover, the change Lime made, which was a good one, requires you to give the profile address to change the password. But if you don't give me your profile address, Lime's change will not approve the password reset.
So I started going directly into the database to look up people's passwords. This is insane, but perfectly safe.
Earlier in the week, when I did this, I used my own dbid, which has its own password.
When I went back this morning to try and get Cliff's email, I couldn't get in to the database. Password was wrong. OH MY GOD. THE HACKERS ARE BACK. I went in and looked at it and it was this COMPLETELY DIFFERENT PASSWORD THAT I DIDN'T RECOGNIZE.
Panic. So I reset the password to what it should be. Except I wasn't. I had gone into a different id, the id that drives all of TPW, because I am clearly a frigging moron. So I had reset the password on the ENTIRE TPW application. And then I went to work, while all you guys instantly got a WRONG PASSWORD message.
When I got to work and saw this, I couldn't figure out at first why this was wrong. Suddenly, I hit myself on the head with the whiteboard (confusing the hell out of the kids) and went searching in my email files where, glory be, I had sent myself an email with the correct password over a year ago. Reset it and all is well.
Problem #1 and #2 are still very real. Apologies for compounding the situation. And Lime, forgive me for the panicked PLEASE HELP ME emails, but when you have time, if you could take a look at the memory issue in Prob #2, I will send you a monster Christmas gift.
You're welcome! Of course, people could always show their appreciation for my stupidity by subscribing.
Okay, I've been cleaning out user tables of dummy users (created by annoying automated programs) and a memory problem with the database has gone away. This may mean that a bunch of stuff that hasn't been working (quietly failing) will now start working. For example, it appears that inactive threads are getting folded in again.
I was as careful as I could be in just deleting junk users, but I had to do it manually to, literally, thousands of tables, and despite double and triple checking, something could have gone wrong. If you know anyone whose userid has suddenly disappeared, tell them the simplest thing to do is probably create the userid again and accept my profound apologies. I might be able to retrieve it on backup, but I wouldn't count on it.
The database issue is getting out of control. I'm not sure if we're being attacked by fake user creators (I get a bunch all the time) or if the system is just too big. I need to figure out what to do.
(Deleted message originally posted by RamblingRose on Thursday, January 17, 2013 -- 08:04:54 PM.)
Sorry for the delay in getting this back up. There was a database problem, and so I rebooted, which usually clears the problem. Then the server came back up, but there was some other problem and I couldn't get anyone's attention. I was teaching and couldn't get back to scream at someone right away.
The underlying problem may still be there, so if it happens again I won't reboot.
I got server not found on IE, but server didn't respond on Firefox. I think that was the problem in rebooting, the thing that they fixed. I shouldn't have any issues with DNS.
For a drive by hack, it seems remarkably low key and low impact. Not that I'm asking for escalation, mind you.