Jump to content

TIWWA Staff Blog

  • entries
    84
  • comments
    166
  • views
    98,306

Contributors to this blog

Security update information and general tips

The Old Man

79 views

Dear TIWWA members and visitors, 

Nothing to be alarmed about, but I would like to extend apologies for any inconvenience you may have experienced with slow responses or speed with the website in the last few days. 

Unfortunately we have intermittently been receiving a high amount of illegitimate web traffic, effectively hammering away at the server in what appears to be a crude attempt to knock our server or website offline. 

As you may know such is the nature of DDoS or 'Distributed Denial of Service' attacks, the hackers (possibly someone who has watched too many episode of Mr Robot) often use a one or more, sometimes a whole network of compromised computers or devices to try and take random or specific servers down by bombarding their firewall and server software with traffic or hits. 

Initially it was coming from Italy, then the US, then South America.

We can manually kill off the Apache server process each time and restart it, but after a while it starts up again, sometimes soon or after a few hours. Eventually they will get bored with door rattling and move on, especially since we're not a big company website, power station etc.

Our web-hosting company has elevated the issue to a more senior tier of support staff who have been working hard to resolve the issues, however we may start using Cloudflare and routing through their network behind the scenes for extra protection, as they provide a network service to assist with this sort of issue. If so, the website may be inaccessible for a short while. 

We may also have to enable additional firewall rules, which potentially could cause you to receive a blocked or forbidden error messages in your browser if your use or visit to the site triggers a false positive.  Such advanced rules are very sensitive, and require a lot of fine tuning and extra time to configure, so are best avoided if possible.

I want to reassure you that we have no reason to believe the website or server has been compromised or hacked in any way, or personal information taken. 

We take security seriously. We also have automatic backups available, and all non-public user account related personal information such as e-mail addresses, passwords etc are fully encrypted, as you would rightly expect. This is one reason why we licence use of professional community software with regular updates rather than use free software, and we also automatically encrypt all traffic between our server and your browser when you visit our site. 

We also use another company to probe our server infrastructure, encryption levels and website  each week for potential security issues.

Thank you bearing with us.

Handy to know tips from Roedecker

68CE9FA6-BFC5-4F8D-8D5B-1CE7D758675D.jpeg.6962274212b7abdddd30cbf01da85304.jpeg

Contrary to first impressions, he actually knows what he's doing...

 

Remember in general to always use ideally single use, strong passwords on your websites and devices, in particular your Google or other email accounts which if compromised could be used to change or hack your social media and website accounts. Password managers are well recommended, in particular LastPass and  1Pass are recommended.

http://uk.pcmag.com/password-managers-products/4296/guide/the-best-password-managers-of-2018

https://www.techradar.com/news/software/applications/the-best-password-manager-1325845

https://www.cnet.com/news/the-best-password-managers-directory/

Always use a good, up to date Antivirus software, ideally combined with separate anti-malware software such as  Malwarebytes. These days, on Windows 10, Microsoft's built-in antivirus is regarded as very good. Avast is excellent for free software, I used it for over 10 years, but tends to nag with somewhat, scaremongering pop ups to buy the full version. Kapaskey, Mcaffee and Symantec are probably best avoided.

Should you have any concerns about account security in general,  you may be unaware but we also support so-called 'two factor' account protection. 

Did you know we support Google Authenticator!

If would like to make use of the popular Google Authenticator service which you can configure in your user account settings, it is free and optional for non-staff members. Very handy if you don't use a password manager service or tend to read-use the same password for multiple sites.

Once activated, it allows you to require anyone accessing your account from a new device or browser for the first time or after you sign out, to enter a one time code sent to your phone or mobile device by Google, either by text message or via the Google Authenticator app (if you have it installed on your mobile devices). 

If the code is not correctly entered before it expires, access is denied, so without access to your device, nobody can in theory access your account.  

I can't stress this enough to everyone with a Google Account these days, I very strongly recommended activating Google 2FA/Google Authenticator to access your Google Account, but you can also use it here if you want and on many other websites and apps too. 

Adding an extra layer...

We also have the optional 3 Security Question/Answers option if you prefer, or you can use both. You can set up questions and answers that hopefully only you would know the correct answers to (don't share too much info on social media!),

Either of these options are are available in your Account Security settings and are useful if you feel you would like to add an extra layer of protection to your account.

You may also have noticed a new section after our last big update that provides device and browser usage history (Recently Used Devices). If you also use a VPN service however, the info will obviously be incorrect.

The Old Man



5 Comments


Recommended Comments

Hey, Old Man, I definitely have watched too many episodes of Mr. Robot :), but I guarantee I'm not involved in the DDoS attacks you've been experiencing!  (Even if I knew how, it isn't my style.)  I know it's a royal PITA, and why on earth anyone would target TIWWA is nothing short of astonishing!  Thanks for being such a good helmsman and webmaster!  I've heard Cloudflare's the way to go from others, so hopefully it'll keep the daemon-demons  at bay!

 

:badcomputer:

 

Share this comment


Link to comment

Thanks for the support!  I don't think it's for a specific reason, but yes we're now on Cloudflare which is going well. Need to finishing some more settings  etc. Twerking again! Sorry tweaking!

Share this comment


Link to comment

I have the same question as Gotham Gal.  Why on earth would anyone want to target TIWWA?  What would they hope to attain from a hack?  Just makes no sense.

Yes, Graham, you are the best "helsman and webmaster" in the whole world.  Thank you so much.   Tweak and Twerk as much as you need to.

Love and huggers.

Share this comment


Link to comment

Thanks for the support, Darlene!  :smile:

I don't think it was an intentional attack, probably someone trying their luck at random or an automated bot thing. According to the logs, we get a lot of bots all the time relentlessly probing our Wordpress log-in page, it would be a concern if we had one but we don't use Wordpress!

Same with our server, attempted hacks 24/7, after a couple of attempts they get automatically blocked by the firewalls.

Share this comment


Link to comment
16 hours ago, The Old Man said:

Thanks for the support, Darlene!  :smile:

I don't think it was an intentional attack, probably someone trying their luck at random or an automated bot thing. According to the logs, we get a lot of bots all the time relentlessly probing our Wordpress log-in page, it would be a concern if we had one but we don't use Wordpress!

Same with our server, attempted hacks 24/7, after a couple of attempts they get automatically blocked by the firewalls.

Excellent ! !

Share this comment


Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.