Friends,

this seems to be a great day for me.

I just got the message that hackers broke into the server of my host and destroyed the system completely.

So photografitti.de is completely destroyed.

I can re-upload the files, Database-backup exists as well but all uploaded images + the created thumbnails...

I have no backup of that.

So, I will be busy this day, fortunately it's a day off for me, but I think I will not re-install photografitti.de again, maybe I will set up a completely new photoblog?

I will stay away from here, must help myself!

Once again: what the fuck is in these hackers brain? Why don't they use their creativity for something positive? What is this?

I do not understand this stupidity at all

I am so sorry. I know that is no real help, but hey, it is all I have to offer.

i'll never understand them...

good luck, i lost a whole database the other night and by luck found a glitch in the system that allowed me to restore it

*rubs some luck on connie*

hope it helps

thanks!

I am just re-uploading 4 domains

then I must go and try to restore "photografitti"

The database is ok, they have a backup, made 1 hour before the attack...

but the images..

I have no complete backup of the images and the thumbnails, so that is something we must tell the users:

to backup themselves the data! + run continually database backups...

it is my fault as well as my backups are not uptodate, but that is no excuse for the hacker ...

I hate these guys.. they are just stupid criminals

database cannot be replaced though, thats good they had them backed up so recently. the images and edits will be a pain, but at least you still have the originals on the HD's!?

maybe you will be inspired to back a backup images addon? that creates a zip of the image folder?

I am thinking about something like that.

but: if you do a backup at the server, the webspace will be full very soon...
a regular cronjob which creates the ZIP must have a storage place outside the domain.. and to mail that will be too much..

just some ideas which go through my head in the moment

I do not have all images on my Harddisk, at least not in one folder... most of them, sure..

sorry to hear that. I'm working on comment spam now...

yeah. i back up my images folder every now and then onto my pc. i think i might do that now actually! lol - you've got me scared!

bad luck though connie! it's a good excuse to start afresh though - setting up a photoblog is one of the coolest things so actually try and have some fun! do something neeeew!!

I could re-setup Photografitti the way it was, the database was backupped just half an hour before the attack

only missed this 100 images + thumbs which I had to re-upload (and find them on the harddisks... )

so I am thinking about an addon now which will mail the uploaded image + generated thumbnail after uploading to a special email adress
as with THE BAT, my email program, it is possible to define that mail attachments for an account should be stored in a special folder...

so I will have all images up to date... well, not too bad idea, maybe combining with an automated database-dump, which could be sent as attachment as well...

But first let's settle the other topics!

Connie, that sucks. I had a look through my browser cache for your images, but realiized I deleted my cache (and cookies) while testing the comment thing the other night on the new PP 1.5. Sorry I couldn't help out there!
I'm backing up my images now though. I don't mind learning from your woe!

Spudooli,

yes backup is always good and I think we did not give enough emphasis to that. I will add this to the readme of the installation package as well!

Sorry for Conny...
I just dropped by to tell you that due to heavy activity of those spam-friends my former provider switched off the account. That was in July. Now I noticed this heavy traffic again, and sorry to say this: I switched off PP for myself. Don't want to have the pleasure of a destruction on my server - as I'm just a user, not a programmmer that would be too big a problem (though, other than Conny), I made a backup of my thumbs and pics via ftp (just looking for newer files) once a week.

Ulrich
fotos.visitdresden.net

Ulrich,

we are just working on this problem, that heavy spamming could threat PP: 1) the referrer list attracted these spammers, that is stopped now
2) the comment form could be exploited, we are just stopping that by securing the commentfunction not to be exposed to spammers

so I think with PixelPost 1.5 we will have a better stand
and I do hope you will "come back" and use PP again

Conny,
did you ever think of a switch that a user can use - to close comments and/or referrers?

Stip,

the problem is that even when you close these calls these idiots will still appear!

The referer-page is not existing anymore, I use PP 1.5 ALPHA and there when index.php is called with "x=ref" index.php will produce a 404-page
but they still come back

it is not the problem if you use that parameters, I never had comments at photografitti, they just try to call index.php with parameters...

as I said, we fixed this referer thing and we are just securing the comment-part of the script so that they cannot mis-use it

but this will just stop the mis-use, it will not stop the traffic

I am just testing a script, called "Referer Karma", which stops a Referer URL when discovered as spam and sends "403" to them (access denied)
but the traffic is still there
so it depends on the ignorance of these spam scripts if they come back and back or if they take record where they don't succeed

as far as I understand these idiots, they will come back and back and the only solution is to do what we are doing:

- banning Referers (either via 404 or 403) (Referers are just molesting, they do no harm)

- securing the comments so that nobody can misuse the script as a mailserver for their spam

both things will be in 1.5

I always feel reminded to these ugly flies which come back and back und fly into your face even if you slap at them ... :(

one good thing, is that newer pixelpost users will never have to deal with this ref issue, if the refs page was never public than it in theory should never get attacked. i havent ever had an issue that i know of with spam to date