Author Topic: Site Down Time - 2018  (Read 144 times)

Matt Koeske

  • Management
  • *
  • Posts: 1173
  • Gender: Male
    • Useless Science
Site Down Time - 2018
« on: April 02, 2018, 12:49:04 PM »
Some of you have noticed that the forum has been down for an extended period of time over the last couple months.  I just want to give a basic explanation and clarify the future status of Useless Science.

Brief Version:
1.) Useless Science was hacked, but is now back up and running (I think)
2.) Please reset your passwords with something strong asap
3.) Email me directly if you have any continued problems accessing Useless Science

I apologize for the unexplained disappearance/inaccessibility of the forum.  Here's what's worth knowing (longer version):

1.) Useless Science is not shutting down.  I have no plans to shut it down at any time.  That said, my own time to participate is essentially nil these days.

2.) The site was down because it was hacked/infiltrated with malware.  My hosting company notified me of this in February 2018, and because Useless Science is hosted on a shared server, they disabled the site and told me that malware infecting scripts on my domain was attacking the whole server.

I'm not entirely clear on how this happened, but it sounds from the techs' explanations that there was some way for malicious attacks to exploit the scripts (forum and blog software) running on useless science.com.

I tried to follow the advice the hosting techs gave me to lock down the site, but the malware exploits kept returning.  I even paid the hosting company for an extra service to audit and clean up my sites . . . and the malware attacks continued.

Although at times the hosting company was helpful in addressing the domain's problems, much of the time they blamed me for either causing the attacks or allowing them to persist because of outdated scripts.  Honestly, I'm not sure if it was really even a matter of outdated scripts (although I suppose, technically, this could have been the case).

I'm not technically savvy enough to understand today's cybersecurity, and my participation time in recent years has been very limited, but I try to update the software used for this site whenever I am notified that it is out of date (which happens automatically . . . in fact automatic scripts updates are active, and I periodically receive messages that they HAVE been updated . . . these messages do not appear to have been accurate, though).  It has never been more than one generation out of date, in any case.  For more than a decade, I had no issues with Useless Science being hacked.

Since this domain is hosted on a shared server, I'm not entirely convinced the malware didn't come from some other site hosted on the same server.  I'm sure there are plenty of small websites under more consistent attack (due to higher traffic) while also being much less secure/more vulnerable due to out of date scripts than mine.

I don't have any way of definitely knowing what happened or who/what was to blame.  But my hosting company spent a lot of time blaming me (even though the most severe attack on the shared server came AFTER I had paid them extra money to audit and secure my site).  It took some arguing, but they eventually backed down and have now (finally) restored the site.

This process took over a month.  I have now taken every security measure the hosting company has advised.  Of course, even the most secure websites can be hacked.  Still, I hope things will go more smoothly as we move forward.

For now, registration on the forum is disabled.  I don't know if open registration enabled the malware invasion or not, but the traffic on the forum is so light that this will hopefully not be an issue.  Anyone with specific questions or requests about registration can email me.

I deleted a lot of bogus membership accounts and also some from posters who haven't posted much or participated in years.  If you had an account that was deleted but you still want to participate, please email me.

I highly recommend that any active user reset her/his password immediately . . . and use something strong for a new password.  That is the recommendation of my hosting company.  I don't know if user passwords had anything to do with the hack, but it's probably a worthwhile precaution to take.

Again, apologies for the down time and inconvenience.  If you have additional troubles with accessing the site, please email me, and I will try to figure them out.  I've been locked out of the site and my useless science email until today, so I apologize if I have not been able to respond to anyone's recent attempts to contact me.

Best,
Matt
You can always come back, but you canít come back all the way.

   [Bob Dylan,"Mississippi]