previous topic :: next topic |
Author |
Message |
moondog
Since 15 Aug 2007
703 Posts
white salmon
Addicted
CGKA Member
|
Sun Aug 04, 19 6:19 am NW Kite Hackers |
|
|
I'm wondering if there is an solution to keep the barrage of hackers off this site. This year seems unusually prolific, they must be preparing for our 2020 election! _________________ moondog |
|
|
Freeride Kiter
Since 08 Jul 2011
701 Posts
El Sargento, B.C.S. Mexico
Instructor
|
Sun Aug 04, 19 8:18 am |
|
|
The phpBB software running is old, really old. Attempts to upgrade have been difficult. The phpBB forum software and database are easier than the nwkite skin/theme that was heavily modified. I ran out of time Maybe some new blood with more time can contact phil to give it a go?
Dan _________________ "I have often regretted my speech, never my silence" ~Xenocrates |
|
|
WindSki
Since 14 Dec 2012
411 Posts
Portland
Obsessed
|
Sun Aug 04, 19 3:01 pm |
|
|
FYI
I'd donate $$ if needed |
|
|
shred_da_gorge
Since 12 Nov 2008
1304 Posts
Da Hood & Da Wood
XTreme Poster
|
Sun Aug 04, 19 3:05 pm |
|
|
It's all Kip's fault... |
|
|
wylieflyote
Since 30 Jun 2006
1646 Posts
Puget Sound & Wa. Coast
XTreme Poster
|
Sun Aug 04, 19 3:11 pm |
|
|
shred_da_gorge wrote: | It's all Kip's fault... |
gEEZ... Because of this NWkite advice I hardened up my Firefox with a ton of tweaks. Sucks trying to remember passwords again. I have a rapidly aging brain. _________________ CGKA Member
-------
Kip Wylie |
|
|
shred_da_gorge
Since 12 Nov 2008
1304 Posts
Da Hood & Da Wood
XTreme Poster
|
Sun Aug 04, 19 5:56 pm |
|
|
Passphrases my friend. Longer is better (that's what she said), so make it easy on your brain. Mix cases and run stuff together; throw some numbers in instead of spaces (you can just change the numbers in case you need to rotate). Bury a contextual keyword in the phrase specific to the site you're signing up for so you're not using the same passphrase everywhere. 15 characters might seem like it would be hard to remember, but when done properly it's much easier than 8 random individual characters... create a memorable 'template' for your passphrases. Most password hacking is done with scripts and algorithms, not human analysis (by dark figures in hoodies). |
|
|
bigjohn
Since 13 Mar 2012
663 Posts
Addicted
|
|
|
shred_da_gorge
Since 12 Nov 2008
1304 Posts
Da Hood & Da Wood
XTreme Poster
|
Mon Aug 05, 19 8:55 pm OT: BreezeBy |
|
|
Speaking of hacking, I was on the Port of Hood River BreezeBy site today and selected "Remember Me". Stored my password in cleartext in a local cookie. How rookie!
Update: I informed them and they plan to fix it in the next release. If you've used this feature, I recommend you find where the "password" cookie is stored for the site and delete it. Your credit card info should be safe from disclosure because it's stored with Verisign and not actually printed out with your account info. Kudos to them for taking security seriously. Last edited by shred_da_gorge on Tue Aug 06, 19 6:41 pm; edited 1 time in total |
|
|
deminimis
Since 15 Jul 2014
326 Posts
On the Rocks
Obsessed
|
Tue Aug 06, 19 1:27 pm |
|
|
If you would, please drop me a PM when you find NEW ones and I'll delete the post and block the user. It's like playing whack a mole. Cleaned up much of what was left on here, so just new posts please. Thanks! |
|
|
Jonpnw
Since 22 Jul 2010
1327 Posts
Pacific Northwest
XTreme Poster
|
Fri Aug 09, 19 4:06 pm Holy Shit !! |
|
|
We must tighten the hatches ? The moles are going f*cking crazy . What can we do? _________________ Slingshot | Ride Engine |Try before you buy | PM me
Join the Columbia Gorge Water Sports Association. http://gorgewindsurfing.org/ |
|
|
bigjohn
Since 13 Mar 2012
663 Posts
Addicted
|
Fri Aug 09, 19 9:47 pm |
|
|
No new accounts without a referral.
I don't know what it would take to change the signup process but it seems to me that since the focus of this site is Gorge/Portland/Oregon Coast that anyone who wants to sign up for an account and doesn't already know somebody should be able to contact local kiteboarding schools and shops to get a referral.
It might be nice to have a sticky with a list of such sources just for the newbes to the sport. _________________ Kiting starts at 40MPH |
|
|
shred_da_gorge
Since 12 Nov 2008
1304 Posts
Da Hood & Da Wood
XTreme Poster
|
Sat Aug 10, 19 8:01 am |
|
|
I don't like the referral idea because it prevents people planning to visit the area from commenting because you have to be signed up to PM someone to ask to refer you to sign up - Catch-22.
How hard is it to implement CAPTCHA on signup?
http://www.captcha.net/
"I am not a Robot"...
There are other solutions out there; my company uses a commercial solution where you're presented a picture and then you drag and drop the matching picture into a box. You could program your own where you present a static photo and have a multiple choice radio box answering the description of what's in the photo. Even without rotating images/answers you will likely prevent a great deal of this crap - get your account creation hard to automate and you'll solve this problem with the 80/20 approach.
I don't have spare time to program anymore but I do have some spare money to help solve the problem and I'm sure I'm not the only one. What help do you need? |
|
|
lineman
Since 05 Feb 2009
170 Posts
Stoked
|
Fri Aug 16, 19 6:46 pm |
|
|
Does anyone know what these hackers are trying to accomplish?
They have made their way to Ikite also.... |
|
|
morecoffee
Since 24 Aug 2011
26 Posts
|
Fri Aug 16, 19 8:09 pm |
|
|
lineman wrote: | Does anyone know what these hackers are trying to accomplish?
They have made their way to Ikite also.... |
Contextual relevance for the link they're spamming. They give zero fucks about nwkite or kiteboarding, it is just getting their selected text out there with the hyperlink in locales that search engines weight greater than zero.
It's like when someone tags the emergency exit of your apartment building. You gotta be out there the next day with the goof-off or paint roller, otherwise more tags accumulate. Last edited by morecoffee on Fri Aug 16, 19 9:15 pm; edited 1 time in total |
|
|
deminimis
Since 15 Jul 2014
326 Posts
On the Rocks
Obsessed
|
Fri Aug 16, 19 8:28 pm |
|
|
I've changed registration. Now requires admin approval and a code when registering. Hopefully that will stem the tide.
I tested it out. Works. That should be that (for now). Other Admins: New accounts require approval. We all will get emails as needed. ONLY click the link if approving the request. Since a code is now required when registering a new account, we should immediately see a drop in Bot registrations.
Manual registrations are still a problem. Other admins, please just check the user name before approving. Already getting those attempts.
Fingers crossed. |
|
|
|