D&C GLug - Home Page

[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] website

 

Thank you for this simon

The weak passwords may have been my fault,  i set simple passwords so
that users could access the site and change them,  partly as anyone
involved with arranging meetings  could then add the details. and maybe
write ups.

I know see there it puts in a strong password for you.

I actually suggested to jay last night about putting it in to
maintenance mode in order that we could sort everything out properly, so
there is no harm in doing this for a week or two,  get the site sorted
out as people are busy then bring it back on line when ready.

i did add a meet us page and included info on who meets where,  if this
can be salvaged that would be great.

I also moved some of the tutorials around so the site looked less of a
mess in that respect as some of the sub menus were too long for a
screen,  those now start nearer the top.

As for who gets accounts i think we need to purge this and maybe limit
it to you, me,  and a few others,  and maybe give Neil W and Grant S
some sort of access so they can add meeting info.

Paul


On 03/11/15 03:20, Simon Waters wrote:
> I have concluded my initial analysis.
> 
> Fairly confident I know the extent of the abuse, and have identified
> all the IP addresses used during the abuse. Does appear to originate
> with weak or compromised user password.
> 
> Recreating the site will have to wait till the morning.
> 
> There are a couple of parts I can't investigate easily as the files
> have been removed, or corrupted.
> 
> I can restore to November 1st backup. Or we can rebuild the site from
> trusted code. I'd prefer the former, since it is safest, but either
> option will work.
> 
> Paul?
> 

-- 
http://www.zleap.net @zleap14
@zleap14  diaspora : zleap@xxxxxxxxxxxxxxxx
Documentation lead @ ToriOS http://www.torios.net zleap@xxxxxxxxxx

htto://torbaytechjam.org.uk

-- 
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/listfaq