What's going on at CPF?

Looks like it might be down for a few days for upgrades whilst the redirect issue is sorted out. There were a few giveaways that were to be drawn today - will have to wait now!

It’s definitely a malicious redirect. It started yesterday or the day before. Anyway, update on CPF group on Facebook by Kelly (CPF admin):

“As most of you have noticed and reported, there is some kind of redirect issue with CPF. I’ve found some information about it but still not sure how, what, why, etc.

Anyway… it would seem the timing for this is good as I have nothing but free time for the next couple of days. Therefore, I’m going to take this opportunity to do some long overdue maintenance and a software upgrade. I’m not even going to give any of you a timeline for this. It will be done when it’s done and CPF will be back online when it’s back online.

I’ll try to keep you all updated as much as possible here.

AND - all of you who are already members of the group have the ability to approve others requesting to join the group. It would be helpful to me if you could approve them when you see them.

Thanks much!”

Will just have to wait and spend more time on BLF.

Probably the same type of person who initiates a DDoS attack. Sad and pathetic. I hope this isn’t the hot new hobby for bored script kiddies.

Thanks for re-posting updates everyone!

Copying my reply from another thread:

For the last few days, Google search result links to CPF have randomly been redirecting to a sketchy download page on a site called “MyFilestore”. Today Chrome and Firefox started identifying it as a suspicious site. There was a thread about it in on the forum where a bunch of idiots were being extremely productive by reporting it to Google as inaccurate. The admins then took down the site and posted a link to their Facebook page with no further information, and now the forum is down completely. They just posted on Facebook they have no idea what is wrong and will be working on it for the next few days with no ETA.

Maybe someone got peeved after being censored and/or banned and decided to retaliate.

Well I hope CPF is able to get up and running again as soon as possible. I’m surprised by the lack of Surefire and Zebralight threads from the CPF refugees so far!

Nice they fix it and do an upgrade, it was very slow for many weeks now so let’s hope it will be faster afterwards :wink:

Who cares about CPF, the moderators suck.

Where ?

LOL barkuti recently complained about being banned…. :student:

Hahah im just kidding but i feel indifference ro cpf. They just aren’t that great

Wow. Just wow. This could prove to be much more costly than someone might initially think.

This type of thing can be hard to track down and identify. And it can be very time consuming. Even more important is the fact that Google won’t take action like that without proof that your website is causing a problem. And they won’t lift the warning until you clean up your site.

OTOH, as far as I know, Google will let you through to the website. The warning though will rightfully scare away hordes of people as well as, ahem, advertisers who can’t be too happy with the shutdown or the warning.

Anyways, if anyone is interested, Google lets you run the url of any website to see if it is suspect. This could be a help if you are unsure of a certain website. Go here . And yes, Candlepowerforums is still listed a partially dangerous.

There is also an lots of information for webmasters. Hopefully someone at
CPF is on top of this. These two paragraphs from
Google caught my eye.

“Webmaster response time
We measure how quickly webmasters clean up their sites after receiving notifications that their site has been compromised.”

“Webmaster reinfection rate
Even after a site has been cleaned, it can become reinfected if an underlying vulnerability remains. We measure the reinfection rate for these sites.”

And in case you’re thinking mistake by Google there is this under the FAQ’s,

“How accurate is this information?”

“We work very hard to maintain accurate information and have had very few false positives.”

This could be a long winter at CPF.

That sure is true.

Let’s not gloat over their misfortune. I sure wouldn’t want to be in the shoes of their admin right now, and I sure hope she is managing to sleep periodically while sorting everything out.

Sometimes I get requests for a certain forum feature that the BLF forum engine just simply doesn’t support, and like any forum software ours does have its idiosyncrasies. And more often than not when discussions about missing features or glitches come up, somebody suggests vBulletin. Well, this latest CPF outage reinforces my position on vBulletin. It’s proprietary, insecure, poorly supported garbage. Unless the redirection is/was happening due to high level internet infrastructure manipulation such as DNS spoofing (highly unlikely), it was most likely a vBulletin vulnerability. It’s possible that they might not have kept current with their security patches, but even there I’m willing to give them a pass; it’s also all too common for well-administered, completely up-to-date vBulletin forums to get majorly hacked.

So best wishes to CPF, I hope they can pull through this, and I feel their pain.

Thank you for running BLF smoothly SB!!! :beer:

+1!

Thank you for keeping a keen eye on that.

It seems that some bad guy was able to use CPF to infect anyone who visited him, it is logical that administrators take all the time to identify the problem and prevent it from happening again.

My computer used to freeze up about 6 or 9 months ago when on their site. So I quit going there. About 2 month s ago started going back and had no problems. They have some serious security problem. Was never a member.

This is really weird…

This morning I was on this Banggood thread. When I tried to click on another page in the thread it took me to that red page of death. Google Chrome said it was linking to a malicious site.

What’s weird is that the BLF thread page would be taking me to a CPF page in the first place. ? That seemed odd then I saw this thread about CPF being down. I don’t know what’s going on but why would it link me to CPF

Unfortunately the CPF admin seem to lack a bit of “admin” knowledge… CPF has always been slow, some data lost regularly, etc :frowning:

I wish CPF will be back online in no time, with all the issues solved.

Am I reading this right? How to verify if my pc is now infected?