Looks like we had a database issue about four hours ago - we've restored from a backup - if anything's missing besides those four posts from the user I deleted, let me know). I'll try to put some more checks in to keep our friendly "security experts" from testing exploits on our code.
I haven't read my email yet but will get to it. ;-)
Not much point now
For future reference / posterity; what's the best way to contact you guys should we observe any out of band penetration testing in the future?
I don't have a good answer. I mean, we get hack attempts all the time, but I've coded against the really low hanging fruit so not much of it ever gets seen. The downside to this is, when somebody succeeds, they tend to succeed SPECTACULARLY. ;-)
In this instance, I caught a cryptic tweet from dunkndollaz on my phone that made my spider sense tingle and tell me I'd better check the board, so I guess you can try to tweet me or send me a DM if you're on Twitter. Even then, though, I'm not super vigilant about checking my phone, as anyone who has ever left me a voicemail will tell you.
If the worst we're going to get is four hours of downtime, I'd say you'll just have to lump it and wait for an admin to notice we're down and fix it. :)
In this instance, I caught a cryptic tweet from dunkndollaz on my phone that made my spider sense tingle and tell me I'd better check the board, so I guess you can try to tweet me or send me a DM if you're on Twitter. (edited by CRZ on 19.4.11 1211)
Wow - Twitter was finally good for something.....and besides PayPal, it's the only way I know how to reach you
Originally posted by BigDaddyLocoDoes the site just shut itself down, or was that the point of the hack?
No, but at this point anything done by hackers usually has the side effect of bringing MySQL to a screeching halt (as in, all 460,000+ articles end up belonging to the same thread or something very CPU intensive like that). We're clever, but not *that* clever.
I can read the Last 100 Posts page fine, but when I clink on a link to the thread, I now get this: Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /var/www/the-w.com/thread.php on line 8 Warning: