Phoenix Gold Phorum

We, by we I mean myself, Twisted, and spoolinfusion, seem to have been blocked from the Phorum at work again.

I have a question though. The last time they blocked us when you clicked on the phorum it brought up the big sonicwall says fuck you screen. This time is different.

This time when you click on it it brings up the internet explorer page with a message saying we are not authorized to use this server, or something like that. You know the page you get when you click on a page that no longer exists.

My question is this. Is our man upstairs doing this too us, or do we have somesort of other problem. All of the other pages we normally go to work fine, and I know Keith goes to several different forums throughout the day.

Any way he wanted me to ask if anybody here knew a way around this problem because he don't have internet at home right now, and he misses you guys.

Let me know if you don't understand my rambling. I'm not very computer savvy, but I just want to make sure it is the dick upstairs doing this and not something else causing it

Thanks guys

Yesterday I had a big issue with PG that has been causing some problems with my host. It's quite possible that you have been blocked as a result. I am trying to contact my host for more information.

Due to a typo in the server robots.txt file and the PHPBB attachment code, Google was able to index a protected files directory (http://phoenixphorum.com/files) where it shouldn't have been able to go. This directory includes files attached to messages, etc. Because of this, a confidential distributor PG price list that had been discussed in a private message was indexed by google, and thus could be found by searching!!

Luckily we caught this before Google had made a cache of the PDF, so now that the offending files have been deleted, they can no longer be accessed in any way, besides seeing them in the google results list. I have also modified and verified the robots.txt file, so that it now properly blocks the files directory from further indexes. I have also put in a request at google to remove any and all record of the /files directory and it's subdirectories. All records will be permanently removed within a day or two, and this problem will never occur again.

It appears that instead of contacting me about the problem, PG has taken to spamming my webhost with thousands of requests for the PDF file. This caused my host's apache instance to crash, so they have blocked the PG IP address at the firewall. This means that any PG employees will now be blocked from the forum, among the most frequently browsing members.

The following IPs were banned for the DoS attack (# on the left is the
connections being made)

496 64.66.92.18
547 69.211.137.122
612 218.111.201.65
618 194.19.99.229
678 24.185.18.21
983 82.47.174.241
814 60.50.11.20
1001 74.138.81.108
4046 63.241.158.65
6557 207.109.65.130

The IP 207.109.65.130 belongs to PG, so you can see just how hard they were attacking the server. Most of the rest are valid forum members who were banned as a result of their attack, because they thought that you were part of the denial of service attack.

So i've been back and forth with my host for the last two days trying to get everyone unbanned. Needless to say they are very pissed off at me for taking down a shared server. Maybe next time PG can think before they attack a forum providing them free technical support...

I understand that having such confidential files posted could be very detrimental for them, but the problem would have been solved much faster and neater if they didn't resort to attacking us instead.

I didn't understand most of what I just read, but I can tell you this thing with us not being able to get on from work happened yesterday mornin sometime. I know I was on the forum at work when I got there yesterday, and I know at lunch when I tried to get on it brought up that message about not being authorized on that server.

Let me know what you find out.

And let me know if you need any info about our IP address at work or whatever.

Thanks

Wouldn't it have been easier to simply tell fordtough1 "Yeah, you're fucking banned", and be done with it? I went and read that explanation and now I need Advil.

i am still blocked from my home ip


PG = TOOLs to the 10th order!@!!!

Mastiff wrote:i am still blocked from my home ip


PG = TOOLs to the 10th order!@!!!

That block is probably on purpose........

Lemme put it this way:

64.66.92.18 is you. Your network got banned by my host because they thought you were part of the PG attack on the server.

any word on the confidential price list? I still have mine from tantrum/ti/xenon, but would be interested to see dealer on rsd stuff..

S'all gone. I didn't think to keep a copy.

So I should be able to get back on the phorum tomorrow? Or eventually anyway?

I emailed my host to unban everyone. Instead they just banned more people.... so i'm trying again

Hell, even I got banned.

Sounds like one hell of a big fuck up all around. Thanks for letting me know. As long as it wasn't the dick upstairs, I'm happy.

I'm gonna fuck with Twisted tomorrow and tell him he's been banned, Permanently!

new server time?

Hmmm...

Thank you for the update. The IPs have already been removed from the
firewall. If users are unable to connect, can you provide me with their
IP addresses? I'll check to see if they were firewalled.



Thanks!

Chih

So who is still having trouble connecting?

As of the time I left my office today at 4pm central I was still booted off.

We still couldn't get on at work as of 5:00 central today.

Anyone else? Mastiff?

so now that errin is working with me, how much did structured bandwidth go up?

stipud wrote:Anyone else? Mastiff?

still blocked from home. work is what i am on now and this IP is a ok !

You guys are lower than PG... weak

Wow thats weird, I've been denied access at work since Monday. I seriously doubt anybody at PG knowingly or intentionally attacked your server, I can try to find out what happened tomorrow if you want.

i have had no problems..maybe being in hawaii
has its benefits..

rolandk wrote:Wow thats weird, I've been denied access at work since Monday. I seriously doubt anybody at PG knowingly or intentionally attacked your server, I can try to find out what happened tomorrow if you want.

I checked the logs, it was definitely intentional. Someone was running a Webstripper script to continuously hit the PDF file in order to take out the website. Normally when you get that many requests from a regular user, you will have requests for numerous different pages... this was just one file, and over 6000 requests for it!

Problem solved guys. You should all be able to access the forum again

Hallelujah......I am able to get on at work again.........