The settings were definitely far too permissive, simply because we’ve never had a problem like this up until now. But it wasn’t “a user”, it was a bot or possibly even a botnet rapidly abusing legitimate access mechanisms. And unless there are sensible limits in place anything that a normal human can do with a computer can be accomplished and repeated millions of times faster with a computer script.
Got it. Well, you’ve done a hell of a job thus far at keeping this place NOT full of power-hungry mods or scam/spam, so that’s great. The rare breach is ok as long as it’s a while until the next one, and certainly, we’ve done better here than any other forum I know.
Thanks for the support! I just need to clarify that “breach” isn’t the correct term in this case, because that implies that they used illegitimate access methods or vulnerabilities to access and/or exfiltrate private information. That wasn’t what happened in this case, instead they used the default settings to send information to most of the BLF user list, which is already public information. And they only added unwanted information instead of seeing something that they normally wouldn’t be able to see.
We do indeed get huge numbers of bots that come around “poking” at the server, just like any other website. Most of them don’t even know or care that this is a web forum, instead they try to directly access the underlying server operating system via unpatched low-level vulnerabilities or incorrect server configurations. Most of those attempts get quickly shut down by a sort of automatic circuit breaker, and to my knowledge none have ever been successful. Then there are other types of bots that directly target and try to take control of the actual forum software (many are dumb and actually attempt all sorts of common methods to breach Wordpress, which we don’t even run here) using illegitimate access methods or unpatched vulnerabilities. Again, to my knowledge we’ve never had a successful breach or private data leak at that level either. Then there are the bots like the ones responsible for this recent attack that perform the same steps that a legitimate human user would take to use the forum software. From what I can tell there is usually a human that performs certain manual tasks first and then sets the bots loose to repetitively blast out a fire hose of whatever kind of smut they’re promoting. Or sometimes they simply access thousands upon thousands of pages like any real user could do. Once in a while they hit our server so hard that it slows to a crawl, and I have to manually intervene and block their IP address(es).
Now that you mention this is a good time to give a huge shout of thanks to all the legitimate BLF users that help control spam in the public forums. I couldn’t do it without your collective help. I occasionally get reports of a spam post, but it’s almost always eliminated and the account shut down via the Spam button before I can even get to it. Many thanks to all of you for your vigilance!
have you heard of the supercookies hidden in browsers. just waiting for execution. no one knows why they’re there, or when they’ll take over. first reefer madness, now this. when will it all end
I have not heard of either, but I just found out that if I need tile installed in El Paso, there is someone on this forum that does such a thing. https://budgetlightforum.com/t/-/9150/312 That’s good to know. I should bookmark that, just in case I ever have a tile installation need in El Paso.
By the way, please don't report my spammy link. It is not spam, even though it smells/reeks like spam. Can I add a spammy signature link? I guess it's entiley up to me.