Someone has hacked my forums and I estimate a loss of nearly 100,000 posts. Bastards!

I feel so sad that all this data, knowledge, useful content has been obliterated by one ignorant idiot. It has spoilt the community and downgraded a very useful resource that has taken over 7 years to build.

If there was something I could do to catch the person...

Isn't his IP address logged or something?

However, I presume that idiot will have masked it or routed through some proxy's...

Damn shame indeed that so much data is lost. Maybe you could ask your provider to restore a backup?

Anyway, I'm sure that, with the help of everyone, this community will be up and running in no time! :-)

If you need help with anything, just lemme know!

Greetz,

Seth

My host only has one days backup. So their backup was taken after the forum was hacked. I am not sure if this is normal practice or not or whether I need to change hosts.

Unbelievable that one person was able to destroy the history and knowledge this forum contained!

What about the backup from the day before the hack? Not the backup from the day the hack occurred.

They don't have one any older.

Sorry to hear about this. It has been a useful service.

Not sure, but I might at least look at options about backup policies of hosting companies.

I'm sorry that this happened. It's really hard to move around the forum now. What a waste of an excellent resource! But at least you got rid of that annoying music. :D

BTW, Jon, I doubt your host will care what you say but you might want to inform them that if they only keep backups for a day then they may as well not keep them at all. There's really no good reason why a server can't be backed up on a rotation of 2-3 days, and even that's slim.

I would definitely look at changing hosts if they only keep one day's backup. That's not very sound planning, in my opinion. :(

I was wondering what was up with that weird e-mail I received. :rolleyes:

Even if the host only keeps one days backup, as a webmaster myself, I keep backups of all of my forums/sites locally in case the host itself is hacked. Probably a bad practice to only rely on the hosts backups.

Even if the host only keeps one days backup, as a webmaster myself, I keep backups of all of my forums/sites locally in case the host itself is hacked. Probably a bad practice to only rely on the hosts backups.

I wonder how much usefull info can be pulled from achive.org 's way-back-when engine?

scratch that. silly idea.

I had an e-mail from the hacker, saying he had hacked the site, I don't think it's much good for tracking because it looks like he used Jon's e-mail address to send the E-mail.

errr...
Just had a worrying thought. Has the hole the hacker used been patched up?

That sh*t sux big time,,, this sight is hella useful whenver i am in a jam....... but i'm sure it'll be back to norm,, and getting good info back in here.. Good luck to us all....

I just read about the hacking and I wanted to send to Jon and all the members touched by this attack my sympathy. I know how important these posts may be to beginners and all the time other members and Jon have spent on it. Nevertheless, I have faith in our community and believe that pretty soon, answers and advices will come back to fill the void created.

As for the backups, I always use the "seven days a week backup system" (copyrighted by Newman) ;). That is having seven backups, one for each weekdays (sunday, monday, tuesday, ...) and deleting the one that is from the same day as today, but of last week. Adding to this, I make a "1st day of each month backup". So, I can always come back to see how things evolve over time.

Very very sorry. What valuable information we have lost.No wonder some time back some of us predicted this and every day we've just been blowing our little fingers hoping there was a frequent and successive backup.
Wednesday morning i come and i just get an empty page. Checking my email, i see the shameful message. Its only now that i managed to logon from another PC. Damn it.

Wait a minute!!! Not until i click clear history button that i can logon again. Does this also happen to any one else!! The hack was that deep-rooted to the temprary folder!! :confused:

Bat1799 Formerly Bat17.
Same/similar problem here.
If I am not logged in I get in OK but if I log in with Bat17 I get an empty page returned - <body></Body>
This new identity seems to be working normaly at the moment though, but I would like my old name back!

Peter

I'm no expert on this but if a hacker was going to mess up the site, wouldn't he delete all the posts?

Have we really lost them or are they still there but can't see them? We can only hope.

We have had a bit of a problem with the host in that we started with them about 7 years ago and they have a very basic control panel. Most hosts give you something like cpanel which will also have phpMyAdmin to help administer databases. This host had no such thing. No control panel to speak of.

This made making backups of anything very difficult. I couldn't even tell the size of the database or anything. It was only with a special request and going through many hoops that I could get a backup at all. In any case, I got a backup of the database last year. It was about half a gig.

We used the structure in this backup to get back some of the posts. It was done by the vbulletin support team. However, I reckon there are still the other posts in there but we can no longer get them since they used the structure definitions in my old backup to regenerate some of the forums. So, the data is losts.

My intention was to change hosts, but like lots of things in life, it was left on the back burner.

My future intentions for this site are to:

1. Get it upgraded to the latest versions to reduce the change of future attacks.

2. Change all passwords for administrators and moderators.

3. Maybe create a front page for the forum that will give statistics of posts etc.

4. Generate some of the popular missing forums e.g. Excel, Word and so on.

5. Start a post to discuss what other forum topics would be useful for this site.

This whole experience has been very upsetting for me as it represented 7 years hard work, the loss of invaluable knowledge to many and serious damage to the community here. No doubt we will lose lots of members as a result.

However, I want to rebirth the forums and hope something good comes out of it.

This whole experience has been very upsetting for me as it represented 7 years hard work, the loss of invaluable knowledge to many and serious damage to the community here. No doubt we will lose lots of members as a result.

However, I want to rebirth the forums and hope something good comes out of it.
Jon

Rest assured that many of us longer term members will not desert the forums. As questions pop up we will soon build up a useful fount of Access knowledge.

You know there is a hardcore of regular experts who will support you and the forums - I for one appreciate the hard work you've done and will do my best to help build up our wealth of knowledge - I think I also speak for the others too. ;)

Hang in there mate :D

Col

Jon

Rest assured that many of us longer term members will not desert the forums. As questions pop up we will soon build up a useful fount of Access knowledge.

You know there is a hardcore of regular experts who will support you and the forums - I for one appreciate the hard work you've done and will do my best to help build up our wealth of knowledge - I think I also speak for the others too. ;)

Hang in there mate :D

Col

Ditto Col,

I have a couple of folders that I keep various code snippets and sample Db's

I will go through them and post as many neat, relevant bits I can.

Dave

PS. This forum has helped me so much over the years, I feel privileged to be able to put something back

But I still have my avator

I may have only been here for a year but I have enjoyed my participation and will contine to try and answer question :)

Peter

I would like to offer my deepest sympathys to all involved in running this forum. Its a fantastic resource and for beginners like myself its worth its weight in gold, I for one would pay for a resource like tihis. Why would anyone want to attack such a specialised and inocqueous site like this, WA**KERS!!! I hope something can be done to catch or stop this happening again. Again my sympathys and my continuing support to all.

Amazing how one gutless bastard can cause so much damage to an informational and knowledge based site such as the Access World Forums. I have copies of every database sample file I have ever posted and I will do my part and repost my contributions when time permits.

I do hope that the previous forum sections can be restarted for I thought each section was very useful and proportionally sectioned. But I think that we need to wait until the forum as been upgraded to prevent another hacking from destroying the rebirth of the Access World Forums.

For the time being I guess that I will have to refrain my classic (Searching the forum is a great way to discover and learn the answers to your Access programming questions ;-) since most of the links are dead because many of the original pages were hacked and deleted. :rolleyes:

As another poster recently mentioned... You can google and find many of the older threads by clicking the "Cached" link to the google thread. As an example I googled for this text string "ghudson Browse [Find a directory or file]" and google returned this "dead" link Access World Forums - Browse [Find a directory or file] (http://www.access-programmers.co.uk/forums/showthread.php?goto=lastpost&t=75790) I clicked the "Cached (http://66.102.7.104/search?q=cache:u9UPOiV4OUkJ:www.access-programmers.co.uk/forums/showthread.php%3Fgoto%3Dlastpost%26t%3D75790+ghuds on+Browse+%5BFind+a+directory+or+file%5D&hl=en)" link below the found thread and google returned this old version of my original thread. http://66.102.7.104/search?q=cache:u9UPOiV4OUkJ:www.access-programmers.co.uk/forums/showthread.php%3Fgoto%3Dlastpost%26t%3D75790+ghuds on+Browse+%5BFind+a+directory+or+file%5D&hl=en Unfortunately the cached pages from google only go back to 11/25/2004 and the attached zip file links do not work but that is better than nothing. I have made numerous improvements to my Browse [Find a directory or file] thread and the posted sample but I will repost an improved version I have been working on once the "Samples" section of the forum is created.

One thread "section" I hope that will quickly be built is the common sense [decency] that a poster should follow before posting a question. Too many questions that have already been posted and answered are previously been posted within the forum. Granted that many of the older threads and knowledge this forum used to have been hacked and deleted. Maybe a request [private message or new posting] process can be made so that dead links can be edited. That might help those who actually use the forums Search (http://www.access-programmers.co.uk/forums/search.php?) functions and prevent the new [and old] members find the answerers to their questions.

Firstly, let me say I do not condone in any way what has happened here. However I am quite surprised that no one has suggested you leave politics out of a technical forum; this my have nothing to do with recent events, but personally I found some of the comments appearing in the Watercooler to be racist and extremely offensive. IMHO, if you allow things like this to be discussed on the forum, you won't find it long before you attract this sort of attention again.

The only area I can seem to access threads is the new posts page. Is the page with the list of areas gone?

I don't know about the possibilities of vBulletin forum software to create your own database backups. I know that the option exists in the populat phpBB-package to create a txt-file of your entire database whenever you want to do it.

This must also exist in this forum, so it might be a good idea to create regular backups since you can't count on your host to do it for you.

Following ghudson's approach, I have gained access (pun) to several Excel threads to which I posted. If that is helpful for Jon, I can give you a link.

Firstly, let me say I do not condone in any way what has happened here. However I am quite surprised that no one has suggested you leave politics out of a technical forum; this my have nothing to do with recent events, but personally I found some of the comments appearing in the Watercooler to be racist and extremely offensive. IMHO, if you allow things like this to be discussed on the forum, you won't find it long before you attract this sort of attention again.
I haven't been here in a while so I haven't read any recent posts to which you are referring, but I don't need to - freedom of speech! And if that is the reason for it, then that person has essentially admitted to not being smart enough to defend themselves verbally.

My guess is that a real hacker probably posted an exploit for vBulletin and some Script Kiddie (a kid who thinks they're a hacker but really just follows the instructions and runs code written by someone else) picked it up and went searching for a forum that uses it.

Anyways, best of luck with all this Jon! I'll be around more and try to contribute where I can!

The only area I can seem to access threads is the new posts page. Is the page with the list of areas gone?

I had the same issue with both IE and Firefox. Finally I created a new account here on the forum and when I log in with the new name it works just fine.

but personally I found some of the comments appearing in the Watercooler to be racist and extremely offensive.
Where ? :confused:

I was having the same problem, not being able to log in except through threads I had subscriptions to. So I went to my options screen and changed my forum skin to use Forum default. It then let me in.
I didn't have to recreate my account.

Also, I am still a newbie so I am not able to contribute as much as I would like, but I do love using the forums. They contain wonderful information, and have helped me throughout the past months. As I get more experienced I will contribute more, or at least try to.

Lastly, it also, helps with my grammar/spelling since there are a few grammar police on the site. :p However, I did this post fast, so I apologize in advance and hope those 'grammar police' don't slam me too hard. :eek:

G’day all.

I don’t know if this will be of any help but it seems that data may not have been totally lost.

If I go into my, or anyone else’s, profile and select all posts and then select last page it goes to the 20th. Page. The restriction seems to be on pages not exceeding 20 or posts not exceeding 500. Now with different people the date of the oldest post will change so it seems that the restriction is not on date.

Perhaps all the data is still there but we just can’t see it. Maybe the site software has some restriction that limits viewing to the last 500 posts???

In any case, if you want to retrieve something from the last 500 posts of a member it looks like you can do that via their profile.

Hope that helps.

Regards,
Chris.

I was having the same problem, not being able to log in except through threads I had subscriptions to. So I went to my options screen and changed my forum skin to use Forum default. It then let me in.
I didn't have to recreate my account.


Awesome!!
I did the same thing...changed to forum default skin and now my original account works!! Thanks for the tip
:D

I don’t know if this will be of any help but it seems that data may not have been totally lost...
That's interesting. So it would appear the contents of individual posts still exist and are linked to the poster, but the references that string posts together in a thread and references a forum location are gone.

I wonder if Jon can temporarily remove the limit of 500 on the "Find All Posts by User" query, and then people can skim their own post list for ones they remember as being particularly useful and repost them?

being particularly useful

Ah, that's the key now, isn't it? :D ;)

Where ? :confused:


mike375's posts maybe?!? :D maybe he's the hacker!!

mike375's posts maybe?!? :D maybe he's the hacker!!
Using a spreadsheet? :eek:
nah, I don't think so :D

I'm sorry to hear about the hijacking. What a loss...

:mad:

I've been awhile for quite some time. I will do what I can to put back the samples I had before once the sample forums is set up again.

I owe a lot to this site and its members. My start in learning and using Access is here.

This really sucks. All that information gone. And my post count went from over a 1000 to 162... :(

Awesome!!
I did the same thing...changed to forum default skin and now my original account works!! Thanks for the tip
:D

Welcome! :D

I don't know about the possibilities of vBulletin forum software to create your own database backups.

Yes, it exists with vBulletin.

I suppose I should think about updating my forum. :o

Saying that, I did upgrade when the php loophole thing was affecting phpBB forums.

Just like to state that although I'm a new user I won't be deserting the forum and if relevant will try to post back any material that I consider important....

This is an excellent resource and with the sheer number of registered users I expect it to get back up and running in full very quickly. I suspect all those that previously posted code will have the opportunity to spring clean things and only put up the latest best stuff.

Well, it's been a busy period (or should I say era?) since I registered and unfortunatelly I wasn't able to keep an eye on this forum. Finally, I got back again and I have some questions regarding the cracking:


Does anyone have a spam problem since the board cracking?
Did the posts finally got totally lost or are they recovered?
Is the probability that something like that might happen again, minimized to minimum possible?
Was the person responsible for that, traced?
Are there details regarding the intrusion? Such us, was that a server-based attack or a web-based attack(vBulletin exploit)


Regarding the host, I would definitely change the host, for punishing them for leaving this forum exposed and mostly for not keeping back-up's (isn't that what are they paid for?) and keeping their servers secure...

It sounds like it's past now, but don't you all look like this (http://www.g-wizmedia.com/Multimedia/Do-It-Yourself/PullOutYourHair_165_GIF.gif) when you lose data?
Even more when it's not only a data, it's a work of many hours and mostly of much contribution...

Still no luck, or no progress, in locationg the origin of the attack?

hmm, I don't know what going on, but this is the access-related forum I visit that got hacked in the last few weeks. First the dutch office.webforums.nl, now this one.

This wasn't hacked recently. I just wanted to see what did the investigation (if there were any) came up to.

I just wanted to see what did the investigation (if there were any) came up to.

Why ?

Well, I just wanted to see how does the site paid for hosting this forum, values it's services. With a nice logger of IP's or I don't know with which possible mean of defence they could locate the attacker and have him prosecuted for being such a *BEEP*.

Also, I just wanted to see, if nowadays people who think of doing these types of attacks to systems are likely to get caught or not.

And finally, I would like to have his face cut and pasted on my dart-board.

And finally, I would like to have his face cut and pasted on my dart-board.

Yes well you could substitute Bush or Bliar for what they've done to the world :rolleyes:

Yes well you could substitute Bush or Bliar for what they've done to the world :rolleyes:

Or Rich, but good luck finding a decent picture of him. :cool:

Or Rich, but good luck finding a decent picture of him. :cool:

Rich only upsets one or two posters here, my two suggestions have upset at least half the planet :cool: