Oranjemundonline Main Site Hacked!

Michael Alexander · July 07, 2012, 05:55:12 PM

Some of you might have noticed that the site... www.oranjemundonline.com has been hacked.... This is the mainsite and not the forum itself.... This happened about a year ago and then again last week.... in both cases it was repaired..... but now again today it has happened again.... I will only be able to repair this on Sunday and will be looking at a way of preventing it from happening in the future....

Sorry for the inconvenience....

Michael Alexander · July 07, 2012, 05:56:50 PM

PLEASE DO NOT GOTO www.oranjemundonline.com till I have fixed this, otherwise you will be redirected to some russian site......

Michael Alexander · July 08, 2012, 09:00:42 AM

UPDATE: so it appears that my password to the backdoor of this website was compromised ..... my host has know found and removed the malicious code..... they have also changed my passwords.... and I have to submit a review to Google to "scan " the site to make sure it;s clean.... before allowing traffic back here.... , not sure how long that will be, but even though you get the red door warning you of malware, as of 30 minutes ago, the site is clean....

Sorry for the inconvenience, just the joys of running a popular site like this....

Michael Alexander · July 08, 2012, 03:32:26 PM

My host have now reported back, that they did an entire scan of the site, 4gb in size and the site has been given a clean bill of health, (Much to my relief)... I also see that Google have done an audit and the warning has now been removed...... did I stress for 19 hours..... so , Folks , post away.... let the memories continue....

Robert Bruce · July 08, 2012, 03:36:33 PM

Did your ISP apologise for letting a hack get through their weak security?

Michael Alexander · July 08, 2012, 03:46:09 PM

U know Robert, I thought about that.... my password was compromised..... not sure how that could have happened from my side.... seeing that it is only kept in one place, not been used for the last 3 months.... and then reading the ISP's twitter , I see that they had problems from other folk on the 5th..... got me thinking, however I must admit, the chap that helped me this morning was quite helpful..... I even went to work early this morning with the though of having to restore a 4gb backup........
anyhooo...... we're back, nothing too serious....

Robert Bruce · July 08, 2012, 04:06:16 PM

Mmm so the hack was more invasive. Interesting. I'd think they'd offer a discount on the monthly/annual fee as compensation for their slack security.

Are you on a shared Windows server or Linux? Ooops soo sorry - not Linux errrr ummm that other one....Ububtu?Damn, no errrr that is Red Hat v26.7 isn;t it...??!!

Do you check the IP adresses who hit the site? I find it interesting and sometimes a few visits from the effing Russians is a portent to a potential hack/spam. They visit to suss out the size of the subscriber base.

They did try it with me once but I use VBulletin which is a solid bit of kit and the good security at my ISP prevented a hack. Not to be outsone, he subscribed as a member! So I deleted him. To prove he was determined he returned but by then I had his IP listed in my Bad Behaviour app that guards the front door.

Would Bad Behaviour be compatible with your Simple Machines software? Weel worth installng it if it can work with SM.

"Bad Behavior is a PHP-based solution for blocking link spam and the robots which deliver it.

Thousands of sites large and small, like SourceForge, GNOME, the U.S. Department of Education, and many more, trust Bad Behavior to help reduce incoming link spam and malicious activity.

Bad Behavior complements other link spam solutions by acting as a gatekeeper, preventing spammers from ever delivering their junk, and in many cases, from ever reading your site in the first place. This keeps your site's load down, makes your site logs cleaner, and can help prevent denial of service conditions caused by spammers.

Bad Behavior also transcends other link spam solutions by working in a completely different, unique way. Instead of merely looking at the content of potential spam, Bad Behavior analyzes the delivery method as well as the software the spammer is using. In this way, Bad Behavior can stop spam attacks even when nobody has ever seen the particular spam before.

Bad Behavior is designed to work alongside existing spam prevention services to increase their effectiveness and efficiency. Whenever possible, you should run it in combination with a more traditional spam prevention service.

Bad Behavior works on, or can be adapted to, virtually any PHP-based Web software package. Bad Behavior is available natively for WordPress, MediaWiki, Drupal, ExpressionEngine, and LifeType, and people have successfully made it work with Movable Type, phpBB, and many other packages.

Installing and configuring Bad Behavior on most platforms is simple and takes only a few minutes. In most cases, no configuration at all is needed. Simply turn it on and stop worrying about spam!

The core of Bad Behavior is free software released under the GNU Lesser General Public License, version 3, or at your option, any later version."

http://wordpress.org/extend/plugins/bad-behavior/

Robert Bruce · May 11, 2015, 10:57:28 AM

Quote from: Michael Alexander on July 07, 2012, 05:56:50 PM
PLEASE DO NOT GOTO www.oranjemundonline.com till I have fixed this, otherwise you will be redirected to some russian site......

Yo Bro Mike!
I forgot to say back in 2012 that it was TOO LATE, you should've emailed or SMS'd us to go online and download your warning but as as I was already here reading your warning I thought what the hell!