Runners Forum - Kick Runners banner

WTF University - Moving on to MASTER DEGREE!!

736 Views 17 Replies 6 Participants Last post by  Liam3494
Well, damn... Talkin' about WTF U!!!!!<br><br>
I'm home from Texas for the weekend; don't bring my laptop - Cliff is at 35000 feet on the way back from LA and we get HACKED AGAIN!!!<br><br>
I got my daughters laptop and in a few hours, I was able to 'recapture' our forum. Again, they didn't do damage, they just redirected us. So, last night, as you know - I closed the board and then took a crash course on upgrading the forum.<br><br>
I've completed that and we're running the newest version.<br><br>
Some other things have changed too:<br><br>
1. I've disabled all of the other templates. Mainly, because I'm not 100% confident they are secure. We are now running the original templates with just a few color changes. Over time, i'll add more - but the ones I add will be purchased and not downloaded free<br><br>
2. Login/logout is back in the forum area. I'm going to rethink our layout as we move forward. I am STILL committed to no ads in the forum areas, but will still need to come up with a way to finance this place.<br><br>
3. Going forward: Until I can completely secure the site - new accounts will be slow in activation. Only because I've had to modify the admin area and still need to update all the links so sierra can get to them also. Until I can get that completed, only I have access to it - and I have to access it manually. Expect that to be completed in the next two weeks<br><br>
4. Running Log: Still on track - but now instead of cliff investing his time to write it, we're paying someone because both he and I are simply too busy to get it done. (added investment - see comment 2)<br><br>
You guys are great and thank you for your patience and assistance.. Let's HOPE we've got it shut down good now<br><br><br>
1 - 18 of 18 Posts
Rich, thank you so much for all the hard work, cold hard cash and many, many hours that you and cliff have put into this place and continue to put into it.<br><br>
This has been a rough week for the site, but your dedication and commitment to providing this great place is obvious.<br><br>
It truly is appreciated by myself and I am sure everyone here.<br><br>
I just wanted to publicly say <span style="font-size:xx-large;"><i><span style="font-family:'Century Gothic';"><b><span style="color:#0000FF;">Thank you</span></b></span></i></span> to both you and Cliff. <img alt="" class="inlineimg" src="" style="border:0px solid;" title="notworthy"><br><br>
So heres my thank you along with a promise to buy you both a beer, or six, if I ever see either of you again! <img alt="" class="inlineimg" src="" style="border:0px solid;" title="Very Happy"><br><br><span style="font-size:300%;"><span style="color:#0000FF;"><i><b>Thank you!</b></i></span></span> <img alt="" class="inlineimg" src="" style="border:0px solid;" title="occasion5">
See less See more
Throwing another big thanks your way, Rich! You are the master of WTF!
This last Hack was a lot worse than the first one. This one actually took the time to search out each of the moderators accounts and 'demote' them. That's why you guys couldn't see the planning room. He didn't demote everyone, but did demote 5 or 6 of you. I should have you all back to where you were prior.<br><br>
I've made some other changes behind the scenes that I hope will prevent future attacks. I'm also rethinking membership rules. What are your thoughts on some of this:<br><br>
Email accounts: No Hotmail, Yahoo Mail or similar email accounts allowed<br><br>
Actual acknowledgement: Emailing each member with instructions that they must reply to the email in order for their account to be activated.<br><br><br>
Referral Only? That will slow us down completely - but might, in the long term, make for a nicer place?<br><br><br>
Think outside the box for me - and let me know what your thoughts are on this<br><br><br>
<img alt="" class="inlineimg" src="" style="border:0px solid;" title="stop">As far as email accounts, I think that eliminating yahoo, hotmail, gmail etc would prevent a lot of people from registering. Those emails are not the ones that have been a problem. From all the people that I have approved, I havent seen many of those that were not legit. Almost all of those people have been back on the site posting or at the very least, lurking. Even for me, gmail is all I use. Many people use those emails for anything online. IMO, it would discourage people from registering here. (I could, however, give you loooong list of domains that are a problem. I never realized how much porn is out there! <img alt="" class="inlineimg" src="" style="border:0px solid;" title="Shock">)<br><br>
The only problem issue with these is the easy availability of using them for puppets. But this is easily caught using IP addy checks, so that really isnt an issue IMO. So far we have only had that happen a couple of times and it was easily caught and stopped.<br><br><img alt="" class="inlineimg" src="" style="border:0px solid;" title="headbang">Actual Acknowlegement : As far as emailing and waiting for a response to activate, thats a good idea. I think that this would be a good way to ensure that registrations are legit with actual email addresses and real people. I see this happen all the time at other sites. I think this is a pretty routine request from websites and wouldnt discourage people <img alt="" class="inlineimg" src="" style="border:0px solid;" title="thumbup"><br><br><img alt="" class="inlineimg" src="" style="border:0px solid;" title="stop">Referral only? Nope, that would eliminate people that found us using only a google search or someone not coming from other places that currently give us free advertising on occasion. <img alt="" class="inlineimg" src="" style="border:0px solid;" title="Very Happy"> Dont like that option at all.<br><br>
But, whatever it takes to keep the hackers out is all good.<img alt="" class="inlineimg" src="" style="border:0px solid;" title="thumbup"><br><br>
I'll continue to give it some thought. Look forward to seeing other's ideas who are much more creative than I! (paging diablita<img alt="" class="inlineimg" src="" style="border:0px solid;" title="Very Happy">)
See less See more
I think Carla's response is right on the money. Couldn't have typed it better myself!<br><br>
I would like to see some kind of Newbie wiki that we suggest people hit, explaining our few rules (be excellent to each other, no profanity in thread titles, etc) and maybe we could put our welcome mat (a Check-in Thread) back up. This could be explained on that confirmation email and the Check-in Thread highlighted in the wiki. This way, it would be easier to track the ratio of registered<img alt="" class="inlineimg" src="" style="border:0px solid;" title="Razz">articipating members, and make them feel more welcome.<br><br>
We have many more people coming through the gates these days. Some hit the clubs first, some the Starting Gate (which would be a great place for a Newbie Wiki) and quite a few of these users don't hit the PRT. I'm wondering if it's b/c they think it's as contentious as the Clubhouse?
Actually, the hacker set up a hotmail email account. Unlike the last hacker who just redirected our site, this one came in and manually made changes
Rich, first off, thanks so much for the time and effort you put into the site!<br><br>
I agree with sierra.<br><br>
I don't think it's good to prevent people who use free email accounts. I don't use my work email for forums, I use my gmail account, and I think that's pretty common.<br><br>
I do think it's a good idea to require actual acknowledgment, to make sure it is a real person.<br><br><br>
I am not sure referral only is a great idea, since not everyone who comes here necessarily knows someone who is "in", and might lead to the perception that we are clique-ish.
Just out of curiosity, what was the username of the hacker?
hmmm, I didnt realize that.<br><br>
Can you lock things down well enough that it wont matter? Meaning as far as the admin side of things so it cant get gotten into? (I know nothing about this stuff, so that may be a totally dumb question. )<br><br>
Ok, another dumb question. I checked his ip addy and its from Amsterdam. (other areas that arent legit is anything from .ru, .cn, the ukraine and a few others.) Is there any way to not allow specific IP addys or domains to get through the registration process? I know specific domains etc that arent legit. Is there any way to screen them so they cant even finish the registration?<br><br>
Did his account get activated? I hope I didnt do it, but I guess its possible. (Did I ?) But honestly, if he had a hotmail account, I would have activated it when I saw it as long as it didnt appear to be a puppet. (but if I DID activate it and thats how he got in and did what he did..........carla-> <img alt="" class="inlineimg" src="" style="border:0px solid;" title="violent1"> <- all the other kickrunners!<br><br>
Whats' a Newbie Wiki??<br><br>
When they register, the 'rules' are shown. I actually took our thread from our old site that explained the rules, and added them there.<br><br>
I don't think a user was an actual hacker. And I may be just jittery because of the crash course I've had to take to restore the site. I need to make sure members are confident in the site and it's security if I'm going to get them to use the runners log - and especially the premium log.<br><br>
I don't need to make any other changes as of now. I feel pretty confident everything is in place. I just am over cautious...<br><br><br>
Rich, here is an example of the cr boomers wiki. I think there is a newbie one also.<br><br>
this is a great idea! We could put all sorts of stuff there for users to access.<br><br><a href="" target="_blank"></a>
That could be written and added as content on our main page. I can then change the welcome message and add a link to it so they know they are to go there and read it.<br><br>
I think that would work and be a great idea! You could include the "rules" how things work, some of the site features that are really cool and tons of other stuff.<br><br>
the thing about a wiki is that anyone can come in and change it at any time. But its still a good idea and I think would be very useful to newbies and old alike.<br><br>
if you go that route and need help writing it, let me know
I need help writing it! I just don't have the time to do it.. so, if you want to put something together - feel FREE to do so!<br><br><br>
Rich -<br><br>
I was away racing yesterday, so haven't had a chance to share my thoughts. Much as has been said by the others really. As a gmail user as my main email account, I think more and more people use web based email accounts, so to disallow those access points could restrict many. In order to stop "robot" accounts, you could do as my blog does, and request the type what you see on scree box, you know what I mean. the letters and numbers randomly generated as script etc...<br><br>
As to everything else, I will have to bow to your better judgement as I am not computer savvy enough.<br><br>
One thing I must say to you and Cliff is THANKS in a huge way for everything you guys are doing, it is greatly appreciated by me, and everyone who uses the site.<br><br>
1 - 18 of 18 Posts
This is an older thread, you may not receive a response, and could be reviving an old thread. Please consider creating a new thread.