Lowther's website hacked?

Scott is aware of the problem.
http://www.aerospaceprojectsreview.com/blog/?p=2379
Things are amiss. Exactly what’s gone wrong I can’t say; tech support is looking into it. Hopefully it’ll be back up and running soon.
 
Arjen said:
Scott is aware of the problem.

Am I ever.

Sigh.

I just got an email from tech support that boiled down to "we fixed TECHNOBABBLE, and now your website is just fine!" So I go there and it's still as screwed up as ever.

I need to find some sort of alternate. Clearly the APR Blog isn't really doing the trick, and since it's on the same host, I kinda expect the same disaster to befall it.

I suppose I should get a Twitter account of some such horribleness to keep people apprised of everything that's going wrong with everything else. But if I can't get the regular webpage fixed up enough to post updates, how would people know where to go? Gah.
 
On http://up-ship.com/blog
Error message: ERR_TOO_MANY_REDIRECTS
 
Uh no. It looks like you use a shared IP address with a bunch of other sites. Any denial of service attack is against all the sites and not yours. Are you using Joomla/wordpress/etc content management system? It is likely an attack against an outdated management system on the hosting server.

Seriously, if you don't want to try to understand "TECHNOBABBLE" then you should probably have your secretary do your interwebs for you.
 
Hi Scott,


bad news. The site is still out, I strongly hope that you and your tech support can solve asap the trouble.


Meanwhile I want to express my personal symphaty to your job and your site, indeed this is what apperars to me right now:


La pagina web ha generato un loop di reindirizzamento[/size]
ERR_TOO_MANY_REDIRECTS



 
A terrible situation, Scott. Good luck in getting it up and running again. -SP
 
i get this message from Safari

At opening "address of Up_ship..." happen too many redirects
this happens if address page is redirects to another site and from there back.
 
sublight is back said:
Grey Havoc said:
Cloud computing is definitely a dead end, and no mistake.

How does this relate to cloud computing in any way?

Because, like clouds, this problem is full of birds that are spreading disease and parasites and squawking and squawking and screeching and crapping all over everything...
 
Orionblamblam said:
sublight is back said:
Grey Havoc said:
Cloud computing is definitely a dead end, and no mistake.

How does this relate to cloud computing in any way?

Because, like clouds, this problem is full of birds that are spreading disease and parasites and squawking and squawking and screeching and crapping all over everything...

Well, it sounds like they've legalized Marijuana where you live.... :)
 
I always thought that the problem with clouds was that either they evaporate, or they dump rain on you.
 
sublight is back said:
Well, it sounds like they've legalized Marijuana where you live.... :)

Utah? No, no legal pot here. Check back about 5 minutes after the sun explodes. Maybe then.

The main up-ship.com website is back up and running. The blog is sorta staggering along... it functions, but only kinda. There apparently were two problems:
1) Too much stuff on the blog. Posting a picture or three a day every day since 2008 has loaded it up, and that seems to present some issues
2) Somehow, the relevant links in the blog database lost a term. So if you want to look at something - say, the most recent post, which is http://up-ship.com/blog/?p=29714, it has somehow lost the "/blog" part of the link, leaving you with http://up-ship.com/?p=29714. This leads nowhere, but if you type the "blog" back into the address, it'll come right up. Sadly, it has ruined the links to the dashboard, so I *can't* get into it to add new posts or update plugins and themes, which I need to do. Fixing that URL problem is something that will take tech support a few days to get around to. Grrrr.

How the hell #2 happened, I've no idea. I suspect it arose when tech support began fixing a minor issue a few days ago.

I wish there was a simple backup system, so that if the blog craps out again - which it will - I could simply swap it with something else.

A lot of the problems that have occurred over the years really don't make much sense to me... except by assuming that someone got into the system and screwed around.
 
If its WordPress, its not that difficult to backup or to migrate somewhere else. I imagine cost is a factor - if you could PM me details of total size and what you are paying, I could advise you from a technical perspective.

Apparently more than 2000 websites running WordPress have been compromised in the last day.
 
Orionblamblam said:
Sadly, it has ruined the links to the dashboard


Try here http://up-ship.com/blog/wp-login.php
Or here http://up-ship.com/blog/wp-admin


This is nothing nefarious, you've just got a screwed up wordpress. Although apropos of nothing,


1) WP is highly susceptible to (public/non-public) exploits
2) You're running a great watering hole


The joys of webmastering =)
 
If you have FTP access and a backup (or a fresh installation of Wordpress on your computer) you can check the contents of the
//up-ship.com/blog/
folder, and add the files that are missing (e.g. wp-login.php)
 
Hobbes said:
If you have FTP access and a backup (or a fresh installation of Wordpress on your computer) you can check the contents of the
//up-ship.com/blog/
folder, and add the files that are missing (e.g. wp-login.php)

Scott;
- UpdraftPlus (Pro) is a perfect WP backup solution with several backup locations available either remote (your own ftp unless it is wiped out, Updraft for later download, DropBox or any cloud-based service, email, and/or GoldenFrog's encrypted DumpTruck).
- WPRocket is useful for security caching, it's much faster compared to WPCache and jetpack etc. and always helpful to avoid malicious code injection, and if you use ajax quieries, teher is always the possibility to cherry pick those files which should be excluded from minification.
- recommended: VPN + SSL…
- Wordfence and Sucuri (paying solutions to exclude some Tor Generated IPs from various rogue places, etc.)

Switch to WP 4.3 released last week, now using very strong encrypted PW generator.

Sorry to come after the Battle. One day, I also experienced a similar event, and that was quite dramatic.
So take hese are informed pieces of advices.

A.
 
Hobbes said:
folder, and add the files that are missing (e.g. wp-login.php)

Actually, the files are right where they are supposed to be (certainly seems that way, anyway). The problem is that everything on the blog is redirected wrong. According to tech support, the blog now thinks that it is based at up-ship.com, *not* up-ship.com/blog... where all the files are. It's been fine for seven years, now, real sudden-like, it's confused on that point. So "professional services" are doing a "URL redirect" or some damn thing. The login page is reachable, but as soon as I log in, it tries to redirect me to a dashboard that does not exist (because of the URL issue), and I can't convince it to pull up the right one. Without access tot he dashboard, I can't incorporate *any*updates or plugins. I'm basically locked out until TS gets the URL change thing done, which "they're working on RIGHT NOW."

And then there's the spam... sigh...

Once this is resolved, I'm thinking the best approach might be to abandon the up-ship.com/blog. Get it fixed up, leave it as an archive, and then set up The Unwanted Blog somewhere else on its own, separate from up-ship.com. Any suggestions? (such as hosting sites with *good* security, stability and tech support)
 
Orionblamblam said:
Hobbes said:
folder, and add the files that are missing (e.g. wp-login.php)

Actually, the files are right where they are supposed to be (certainly seems that way, anyway). The problem is that everything on the blog is redirected wrong. According to tech support, the blog now thinks that it is based at up-ship.com, *not* up-ship.com/blog... where all the files are. It's been fine for seven years, now, real sudden-like, it's confused on that point. So "professional services" are doing a "URL redirect" or some damn thing. The login page is reachable, but as soon as I log in, it tries to redirect me to a dashboard that does not exist (because of the URL issue), and I can't convince it to pull up the right one. Without access tot he dashboard, I can't incorporate *any*updates or plugins. I'm basically locked out until TS gets the URL change thing done, which "they're working on RIGHT NOW."

And then there's the spam... sigh...

Once this is resolved, I'm thinking the best approach might be to abandon the up-ship.com/blog. Get it fixed up, leave it as an archive, and then set up The Unwanted Blog somewhere else on its own, separate from up-ship.com. Any suggestions? (such as hosting sites with *good* security, stability and tech support)

I'd go with Xmission myself. They're local (well, Utah), have been around forever, and you can actually talk to a human if you run into problems. Been with them since them early 90s.
 
There's a good chance the jiggery-pokery with the admin console is deliberate, given the spam hack.


Whatever you do, try and give up Wordpress.
 
to day i try to get my beloved "Unwanted Blog"
only to get page who demand to type code, who is display on page.

how cool, Unwanted Blog with bouncer ! ;D
How-to-Look-Like-a-Bouncer1.jpg
 
No "captcha" code required?

If anyone else encounters any such weirdness, I would appreciate it if, before plowing forward or leaving in disgust, if you could take a screenshot (hit the print screen button, save the image). I sure would like to know WTF.
 
Orionblamblam said:
Michel Van said:
to day i try to get my beloved "Unwanted Blog"
only to get page who demand to type code, who is display on page.

*What???*

Could you describe that in a bit more detail? And were you able to get in?

Frist i think the web page down or browser waring that web page got Virus

Was red header with White writing "Web Security, blah blah something"
Secure access to "the Unwanted Blog" on World Press
and "captcha" Picture with code.
i enter "captcha" code (number with three decimal places) and got access to the Blog

if that happen again i make a screenshot of it
 
Michel Van said:
Was red header with White writing "Web Security, blah blah something"
Secure access to "the Unwanted Blog" on World Press

Was it "Wordfence," by any chance? After the debacle a while back I installed some more security plugins on the blog. One of the things Wordfence does is try to keep out bots and users with malware. How it suspects you have malware on your computer, I don't know, but if it suspects that it puts the brakes on you with a captcha feature to make sure you're a human.

fffuucaptcha.jpg
 

Similar threads

Back
Top Bottom