PDA

View Full Version : Today's Fortune/Misfortune



Gamerprinter
06-01-2011, 12:08 AM
Today has been exciting and exasperating from two separate events.

The Good News... for those who preordered The Gift: Curse of the Golden Spear, Part 1 - my first of three published adventures for my Kaidan: a Japanese Ghost Story setting, the PDF portion of the Print/PDF bundle from Cubicle 7 has been released. The print book (the one I've really been waiting for) will be released June 9th, 2011.

The Bad News... my Free RPG Maps website has been hacked and hijacked... it currently points to some SPAMMERS link site. I am the reseller for my own web hosting services, so I was able to prove that I was not only the owner, but the authorizer for a number of websites associated with my reseller account. Since I was able to prove that I did not release the site in question, I did not 'lose' the site. The DNS Manager of the hosting services has assured me that I will regain control within 24 to 48 hours.

I've beefed up security, changed all my passwords. Hopefully this won't happen again!!??

I've decided to redesign my Free RPG Maps website in the meantime. Since I am known for my hand-drawn maps, as an experiment, I am building my updated website with hand-drawn graphics: buttons, headers, side panels, etc with a parchment background and many hand-drawn elements.

Also I want to better develop a gallery to showcase the free maps for download, post more maps, more map objects, essentially widening the productline for what gamers will find at my site.

I am not demoralized by the event, but have been rejuvenated to due a better job.

I will post again in this thread once the site is restored and updated.

GP

Jaxilon
06-01-2011, 01:31 AM
Dude, that sucks but I'm very glad you get your stuff back. Please be sure to fill us in on what you learn from this so any of us who choose to have our own website can benefit.

One question I do have right off the bat is what if anything do we need to do if we were a member of your site, I don't even recall exactly what information we filled in (I don't think much) but still.

At least your money stuff is moving forward apace. Hope you get everything cooking again soon.

tilt
06-01-2011, 03:16 AM
damn GP, good thing you got control back. It is however still to easy to make these hi-jackings - the #1 case of these being of course sex.com which took 4-5 years I think before the original owner got his site back - which is a lot of time for somebody else to earn money on it.
I don't know how it is in the US, but here we get a mail from dk-hostmaster that changes has been done to our website and we have to confirm them, which is a precaution much appreciated :)

Gamerprinter
06-01-2011, 05:17 AM
Dude, that sucks but I'm very glad you get your stuff back. Please be sure to fill us in on what you learn from this so any of us who choose to have our own website can benefit.

One question I do have right off the bat is what if anything do we need to do if we were a member of your site, I don't even recall exactly what information we filled in (I don't think much) but still.

At least your money stuff is moving forward apace. Hope you get everything cooking again soon.

Thankfully, the forum, ecommerce site and blog were unaffected, only the main site got hijacked, so members to the site are unaffected by the hijacking

The forum still gets lots of SPAM, but through inclusions of bad email addresses, bad URLs, it is considerably less than it was in the first month. Though I didn't want to do it, for example, I've banned all signups with Email or URLs from Russia. While I know there are gamers in Russia and I want to accomodate them, all the signups with Russion Email/URL so far have only been SPAMMERS. Its still a learning process on how best to cope.

So don't worry, Jax, your membership account is safe, thus far.

GP

ravells
06-01-2011, 07:18 AM
Wow, that site hacking sounds scary. I only thought hackers targeted 'big names' . What does it mean when your site get's hijacked? Does it mean that the hijacker can change the content of the site?

Midgardsormr
06-01-2011, 11:12 AM
Usually in a case like this, the hacker has redirected the domain to point at a different host. They can't get into the data on the original host server unless they also crack the password(s) there. Hijacking the domain is a little easier, although a good registrar should have tools to verify the identity of anyone attempting to make changes. If the domain hasn't been locked for some reason, though, a request from another registrar to transfer ownership is sometimes enough. I'd agree that GP's domain seems like a small target, but if the hacker has some way of scanning for unlocked domains, it may have simply been an opportunity attack rather than a deliberate assault on that particular web site.

torstan
06-01-2011, 11:40 AM
Wow, that's a pretty terrible turn of events. I'm so sorry to hear that you got hit. I hope you get it all back to normal soon.

Is this something that should have bee handled by the host? If so, would that be a reason to avoid that hosting company? Just wondering what people can do to protect themselves from these sorts of attacks.

Gamerprinter
06-02-2011, 11:46 AM
Well I have wrested control of my website once again, the domain points to the proper directories, all is secure once more.

That's a relief.

I think the problem lies between the hosting company and the domain registrar, I'll need to investigate to see which entity proved to be the problematic one. I only discovered in this situation that Register.com is the registrar, as it turns out my hosting company is a reseller for their domain registration service. It was somewhat lucky that the 'hacker' was trying to register the domain through Register.com, that I could regain control so easily - since it was already a Register.com domain (and they could more easily track the true authorizer, me.)

GP