Jump to content
Admin

Forum upgrade

Recommended Posts

Today, 1-23-2014, mid-morning, the forum was upgraded.  Please report if you see any problems.  We don't often do updates, as they sometimes cause more problems than they fix.  "If it ain't fixed, don't broke it".  In this case, it's been about two years and there were several bug and security patches waiting... with the recent comments about forum oddities, it was time.  

Share this post


Link to post
Share on other sites

I just got hit by another URL4SHORT link on my ipad, i suspect it was infested with malware (one of those "legit" looking sites but it's not quite right).

Share this post


Link to post
Share on other sites

I've seen some of those, too... Although they seem to come up when I click a search result that goes to ctflier. Some sort of search engine poisoning.

Share this post


Link to post
Share on other sites

I've seen some of those, too... Although they seem to come up when I click a search result that goes to ctflier. Some sort of search engine poisoning.

 

It's a type of malware that probably broke through a security hole in this forum and embedded itself in some scripts or the database, since the forum wasn't kept up to date. With all due respect to the admins, it's good practice to apply security patches the moment they come out, because spammers will review security patches, create crawler scripts, and turn them loose hunting for out of date forums to try and crack. As a suggestion, any versioning information should be turned off to the public (right now this board reports version 3.4.6).

 

 

As posted in another thread:

 

 

I'm occasionally getting redirected to various http://url4short.info pages when opening ctflier.com webpages from search engines. Having previously worked in the IT field, this immediately threw up red flags, so I tested with several devices and went into security lockdown on my systems. I have not been able to locate anything on any of my devices (but are exhibiting the same symptoms). I then went searching for vulnerabilities that may have existed recently in IP.Board that may have led to either a code or sql injection.

 

This came up: http://peter.upfold....url4short-mess/

 

This also might be the source of why ctflier.com was flagged as suspicious.

 

Share this post


Link to post
Share on other sites

Once in a while, but rarely, I will see Google search hits get redirected.  I've reported it to the host, again.  There may be some old posts, that contain the injected code.  It would be nice if we could re-create the problem.  I can never do it.

Share this post


Link to post
Share on other sites

Using Google Chrome, if you type ctflier, and then click CT Flier Forum, it will happen almost every time.

 

I just tried that and got the redirect and an .exe file downloaded without requesting it.

Share this post


Link to post
Share on other sites

Once in a while, but rarely, I will see Google search hits get redirected.  I've reported it to the host, again.  There may be some old posts, that contain the injected code.  It would be nice if we could re-create the problem.  I can never do it.

 

The type of problem is addressed here: http://peter.upfold.org.uk/blog/2013/01/15/cleaning-up-the-ip-board-url4short-mess/

 

It's not easily replicated because it's a type of malware that doesn't want to be found. By making it happen randomly, it makes it much harder to replicate the process and hunt down.

 

Use a browser on a computer that you don't log in on your admin account with on a system with a different IP, search for "ctflier.com" on google, and click a topic link. You might have to do it for a few tries, but it should occur.

Share this post


Link to post
Share on other sites

They ran a cleansing routine and said no signs of a hack exist (any more).  We'll see.  Apparently, the only way it can get in is through a compromised admin password.... so those are being changed.

Share this post


Link to post
Share on other sites

Just type 'ctflier' into the address box, it will bring up the site readily, under Firefox.

 

 

It's still bad practice to let malware go.

Share this post


Link to post
Share on other sites

We don't have a website forum, so I am posting this here.

It looks like we just got hit by a database rollback. My guess is the problems that have been seen in the last 24 hours has resulted in the need of restoring a backup that is 2 days old. I lost my nice post about air density :(

 

EDIT: Admin, when you edit my posts like below, it's always polite to say "Edit by admin" ;)

 

There is an area under "Forum news and info" titled "current known issues"...

 

Yes, because of a hardware failure and replacement, some posts from the 28th were lost.  Feel free to post them again. :(

Share this post


Link to post
Share on other sites

The forum was upgraded today... minor update with some security and aesthetic fixes.  I saw no changes with postings or loss of any data...

Share this post


Link to post
Share on other sites

The forum was upgraded today... minor update with some security and aesthetic fixes.  I saw no changes with postings or loss of any data...

 

Just be sure to do a database backup before you do upgrades, and if something doesn't look right, you can revert :)

Share this post


Link to post
Share on other sites

I'm sure they know that and do that.

 

We've all got each other's backs here! Might be a little bit of a "look over your shoulder" kind of way, but it's all in good intention :)

Share this post


Link to post
Share on other sites

I'm sure they know that and do that.

You'd think so.

 

But I'm on another forum that just managed to lose a couple years of posts somehow.

 

It happens.

Share this post


Link to post
Share on other sites

The old ctflYer forum lost info, twice.  It sucked, as a lot of good stuff was lost forever.  Our hosts backup our data once a day, and there is a manual procedure available.  They won't even do an upgrade unless the requester indicates in a written message that a backup is in place.  

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×