Current Server State

You can talk about anything here (but respect the rules)
User avatar
michaelmurfy
Posts: 216
Joined: 24 Dec 2016 22:15
Donation rank:
Location: Wellington
Contact:

25 Dec 2016 13:00

As you all know all ProMods sites had a bit of downtime due to some script kiddie causing some damage to the server. I was "hired" (not really hired, just volunteered due to the Christmas spirit from a technology community based here in NZ) to take a look for ScuL. I would just like to state some things:

1) The database and forum doesn't appear to have got stolen - We're doing further investigation of a server drive dump to fully confirm the logs of the day the server was compromised. All passwords are salted and stored in a non-human readable form regardless but it is recommended to change your password.
2) The server was locked down as soon as SkuL noticed (quite quickly) so the potential for any further damage was quite minimal. He asked for help to evaluate the extent of the damage and get things up and running as quickly as possible again in a secure way.
3) I'm hosting the site / blog off my own VM host for the community via a brand new, clean virtual machine whilst we work on finding a more permanent place.

I was pretty surprised with how big the community was and didn't at all know what I was walking in to - literally didn't know about ProMods (forgive me please) and how complex everything is to set up on a new server :) I am a Linux Systems Administrator by trade and the last game I've played was Watch_Dogs 2 so I am "the odd one out" here.

I'll be working with SkuL to help maintain server level stuff - I am more behind the scenes but you would have noticed a few things have changed.
1) SSL is everywhere now - there is no reason to not use it since LetsEncrypt offer free SSL certificates.
2) Things should be a bit faster - the current server is hosted in the US and does have beefier specs than what everything was hosted on before. For the technically inclined we're also using HTTP2.

I do apologies for the PHP errors displayed earlier today (turns out phpbb doesn't like PHP7) and the many bugs whilst we got everything up and running. I had to learn how things worked from scratch :) There are also some current (known) bugs like email delivery issues (working on this) and also some broken images since they were hosted off other domains not quite recovered yet but we wanted to get the main stuff up and running ASAP.

I am sure that ScuL will make a proper announcement shortly but more just wanted to introduce myself to the wider community - wish you all a Merry Christmas etc. Feel free to post anything you find broken on the site below and either myself or ScuL will take a look at them when we can. I am sorry, but it is indeed my Birthday today so I will be out celebrating with family but we'll try and get things sorted. Both myself and ScuL appreciate the patience that everyone has given us too whilst we sort out this mess.

Churs.
Last edited by michaelmurfy on 28 Dec 2016 14:47, edited 1 time in total.
Promods Server Administrator

bbc100
Posts: 74
Joined: 09 Apr 2014 04:15
Donation rank:

25 Dec 2016 23:12

Huh, another fellow New Zealander, welcome! Promods is quite big. And one of the best map mods for ETS2!

User avatar
ShirBlackspots
Posts: 229
Joined: 13 Apr 2016 00:30
Donation rank:

26 Dec 2016 01:49

Since its recommended to change my password, I would, if I could find where to do it.

User avatar
ETS2-User
Developer
Posts: 2933
Joined: 06 Aug 2014 22:34
Location: Oberösterreich resp. Vienna

26 Dec 2016 01:52

User Control Panel - Profile - Registration details
Developer for Austria and Svalbard
Creator of the Radiator Springs mod for ATS
Mods by ETS2-User: Facebook page

Image

Drive Safely
Posts: 398
Joined: 17 Sep 2015 07:10
Contact:

26 Dec 2016 02:03

Thank you for your service michaelmurfy! Great to hear the database wasn't stolen. :)
Image

User avatar
michaelmurfy
Posts: 216
Joined: 24 Dec 2016 22:15
Donation rank:
Location: Wellington
Contact:

26 Dec 2016 04:08

We just had an incident just before where some idiot decided it was a good idea to chuck a DDOS through. My provider has mitigated the attack and we've changed IP addressing around a bit and set up Cloudflare hopefully to prevent any future attacks. A lovely birthday present to me :)

Seriously, script kiddies have nothing better to do.
Promods Server Administrator

User avatar
Akula_
Posts: 178
Joined: 14 Jul 2015 22:11
Location: Many places

26 Dec 2016 16:51

Pretty nice someone came to help

The game isn't worth playing without ProMods
ImageImageImageSkoda is love, Skoda is life

doorslammer1
Posts: 1
Joined: 26 Dec 2016 21:19

28 Dec 2016 11:47

A very big THANK YOU to michaelmurfy for stepping in and helping sort out the servers after the script kiddies attack. As Akula says, the game isn't worth playing without ProMods.

I have only just seen this post and it explains why I have not got a reply to my "forgotten password" request; I set up a new account using the manual activation option.

I hope the recovery goes smoothly and you are soon back to full functionality.

User avatar
michaelmurfy
Posts: 216
Joined: 24 Dec 2016 22:15
Donation rank:
Location: Wellington
Contact:

28 Dec 2016 14:43

I've just implemented a new mail server which should hopefully take care of the email situation. As I run my own domain email I have only tested it so much but from what I understand there was an issue with hotmail.com and some German email addresses. This should hopefully be resolved but let me know if you still experience email issues.

I've noticed that some of the people that complain about email issues have actually got their email blatantly wrong (for example, @gmail.cm, @htmail.com, @gmail.co) which are getting rejected with a Connection timed out. Now, I can't force emails to go through to non-existent addresses ;)

But doing this did make around ~820 emails send successfully so sorry for the email spam :)
Promods Server Administrator

EG0611
Developer
Posts: 994
Joined: 27 Apr 2016 08:53

28 Dec 2016 15:14

It might be a little off topic but who else besides me wonders why this incident happened? Why someone targeted Promods? What they wanted? It was because of some jealous ETS2 players or more professional hack team who locks servers and request payment for activation key?
Image
Image
Image



Locked
  • Information
  • Who is online

    Users browsing this forum: No registered users and 2 guests