Forum OFFLINE

[Admin1]

Hi everyone,

Some of you will have noticed that we were offline for a time.

It seems we have been caught up in the crossfire as our Forum hosts, "XenForo" are being bombarded by spam. A a result our web hosts are taking "us" offline as they struggle to identify where the spamming is coming from.

I will try and stay on top of it and keep the forum alive if I can, but with an extra workload, like so many in the run up to Christmas, at a crazy level I may not be able to catch it every time or indeed in time. By that I mean that the hosts will take the domain orchardfans permanently off if it is not reacted to within a specified period. Again I will try and get it back up, but right now cannot make any promises except I will try

A1

 

[PatMustard]

In @Admin1 we trust.

But just in case the lights are put out on us... temporary (or God forbid, permanently), is there a contingency plan for us to meet, or get news across about when we’ll be back?

Does someone put a notice in the Armagh Observer? Slip a note to the Cardinal to read out at Sunday mass at the cathedral? I only found out by luck when the old forum closed and that Admin1 had started this one.

 

[William Of Orange]

Forum was offline for a few days great to see it back is there anything any of us can do to help you guys out @Admin1 ?

 

[Admin1]

Okay so that was a major hassle.

Firstly apologies again for the delay in getting it back up and running. It has been a seriously expensive exercise, but I've stuck with it for now. I'm not quite sure why such a small forum came under this type of attack with literally 100s of spam emails bombarding us every couple of hours and rogue accounts that were hacked attempting to overwhelm the system by messaging all users constantly. Our system is set up in such a way as to prevent that and that led to the hosting provider shutting down the forum. They have been fantastic to work with to get the website stable again.

Secondly there has been NO compromise of any accounts that are still active and able to see this message. Any that were hacked are now blocked or removed. Can I please ask everyone regardless to PLEASE update and change your password. IF there are any issues with that, message me directly. I'm extremely busy with work at the start of the new year, but promise I will get to you as soon as I can. Just have patience. I know it's frustrating.

Thirdly IF we go down again, jump over to our Facebook page (we don't use at any other time) and check to see if there are any updates or messages about what is going on. Again feel free to message us there. It's sometimes the first time we get to know of problems. As regular users know, I don't be on the forum every day. Sadly I don't get the time these days.

Fourthly as a way of compensation for being offline we have placed £500 in everyone's account to say sorry

Fifthly it's not April 1st, but make what you will of that .

Sixthly (I'm making these up now) A Very Happy New Season EVERYONE! Thank you for using the forum and making me believe it's worth having!

 

[Admin1]

As a follow up, we've also added a new email admin@orchardfans.com and done away with the older gmail account for added security

Please feel free to directly email me at any time, but do not be alarmed if you get a reply from my own account. It will depend on what I have access to at the time and that email is set up to redirect to me. Hopefully I can get notifications much more quickly this way.

 

[William Of Orange]

Feckin Russians

 

[Admin1]

Feckin Russians

Mad thing is almost 70% of it seems to have been from that region

 

[PatMustard]

Russians, eh?.... You're fooling nobody @Admin1



Ah no, seriously, I feared the worst there. I thought we were, like Take That... down for good.

A big thanks to @Admin1 for getting us back on so quickly. I think the break has enforced how important the forum is for many of us. Well, it did for me anyway. As someone who doesn't do social media, it's a great go-to place for all things Armagh GAA. So, thank you @Admin1 for all your efforts in running the ship. It's greatly appreciated.

 

[Admin1]

Russians, eh?.... You're fooling nobody @Admin1

It seems it originated from the embassy in the Grange. I think it was the "Red Bull" code word being used, but may have got mixed up in translation.

Anyway folks, I'll be absent again for a few days. Get in touch if you need anything

 

[Armaghtothebone]

Feckin Russians

Feckin Tyronies masquerading as Russians more like.

 

[Ouch It’s Francie]

Always suspected Bull was the head of a sleeper cell

 

[Armaghball]

Were the Russian/Tyronies/Bull at it again?

As others have said, fair play @Admin1, we all miss this forum when it’s not working.

 

[Admin1]

Some of you may have noticed that the site was "invisible" at 4.32pm today for around 10 minutes as if the URL didn't exist. It's ok and nothing to be worried about. The hacking attempts continue, but having learned a lot more, working with the host platform provider, it's actually the forum software provider that is being hit with the likes of ourselves, casualties caught in the crossfire (sounds ominous and vaguely familiar compared to other things going on),

At this point we're looking at alternatives, but hoping for a solution that allows us to migrate everything without having to change much on this, the public facing side. Sadly at the minute we're hitting walls and nothing seems compatible so again with my own company resources we're trying to come up with a work around if we do have to go that way.

Bottom line is, we WILL NOT make any changes without at least trying to notify all the regular users first (although believe it or not we have in excess of 2800 active users that log in to browse at least once a month - most do not post anything but are still important users of our facility) There are also close to 30k (average) clicks on the website per month by "guest" users and a high number of those are regulars.

Please consider that if we go the route we think may be best we will have to create an account for everyone individually which will be a massive amount of work so we will need you to ensure that your email and passwords are correct on the system. Please be assured that we cannot access your password (other than to change it on your behalf if needs be) but using dark arts, there is a way to match them to an email or username. The safest option for us to use though, will be to simply generate a new one and notify you of what it is and then ask you to change and update it to something you are more comfortable with (which is why we will need to you to make sure the email address is correct - but please do not do anything right now).

My personal preference is to keep using this as is, so we will keep it under review.

Thanks as usual everyone

A1

 

[Ard Mhacha 13]

Some of you may have noticed that the site was "invisible" at 4.32pm today for around 10 minutes as if the URL didn't exist. It's ok and nothing to be worried about. The hacking attempts continue, but having learned a lot more, working with the host platform provider, it's actually the forum software provider that is being hit with the likes of ourselves, casualties caught in the crossfire (sounds ominous and vaguely familiar compared to other things going on),

At this point we're looking at alternatives, but hoping for a solution that allows us to migrate everything without having to change much on this, the public facing side. Sadly at the minute we're hitting walls and nothing seems compatible so again with my own company resources we're trying to come up with a work around if we do have to go that way.

Bottom line is, we WILL NOT make any changes without at least trying to notify all the regular users first (although believe it or not we have in excess of 2800 active users that log in to browse at least once a month - most do not post anything but are still important users of our facility) There are also close to 30k (average) clicks on the website per month by "guest" users and a high number of those are regulars.

Please consider that if we go the route we think may be best we will have to create an account for everyone individually which will be a massive amount of work so we will need you to ensure that your email and passwords are correct on the system. Please be assured that we cannot access your password (other than to change it on your behalf if needs be) but using dark arts, there is a way to match them to an email or username. The safest option for us to use though, will be to simply generate a new one and notify you of what it is and then ask you to change and update it to something you are more comfortable with (which is why we will need to you to make sure the email address is correct - but please do not do anything right now).

My personal preference is to keep using this as is, so we will keep it under review.

Thanks as usual everyone

A1

Many thanks for all the work you do in relation to keeping the site running & for keeping us updated on the situation, it is very much appreciated.

 

[Admin1]

Hi everyone.

Regulars will have noticed that the site went offline yesterday for a short while. I got a notification of another hacking attempt, but I've worked with our platform providers to automate the recovery as much as is possible. It was left alone and it successfully completed its first recovery.

This AI stuff is still hocus pocus to me even though, it's a field I work in. Hopefully we will eventually be left alone, but I'm guessing it's the world we live in now. Maybe their focus will turn to countefeiting fuel, never to be seen again. As if anyone would try and counterfeit fuel.

Again thank you to those that reached out to ask was all ok and so far so good.

Have a safe week ahead

A1

PS A2 is no longer of this parish and has moved along back to their natural home, so for now we are a pair of eyes down, but remain committed to the site for the foreseeable future. I am however open to a takeover if someone wants to offer 5 litres of fuel for it!

 

[William Of Orange]

Some amount of shite coming through on various topics , looks like gambling bots , for Canadian companies .

 

[Admin1]

Sorry folks. Eye off the ball again as life gets in the way and I just really wan't around enough to catch those quickly enough.

So.......Update

The new system detected a very large amount of new accounts which were deemed as spam or suspicious. Obviously a few got by the system as it learns as it goes along. This also means it's possible that a few genuine accounts have gotten caught up in the furore. To be honest, first batch caught was 353 accounts and the second lot today was 651. It looks at email addresses and ip addresses. That's a horrendous number. Yes a few have the usual .ru suffix, but a high number seem to be using a VPN or cover software. None of that you really want or need to know, but I know there are a few tech savvies that are interested in that kind of thing.

Anyway, the important bit.....

IF any of you have a friend or know someone that now cannot get logged in or seem locked out, please PM me with their username and email address - I need both to verify. I'll ping the identified IP and look at the response and if the system looks at it as ok, I'll manually reactivate the user account (unban it).

IF any of you that are on the public face looking at posts after being locked out, please create a new account using the same email address. I'll get an alert to the email (which will be banned on the system) being reused and can then clear it to use. I'm actually not sure if a member of the public (unregistered) can contact us. Must check that out sometime.

I can't guarantee that this will not happen again, but because of the hacking attempts we had that took us offline several times, I've no choice other than to use the recommended settings from the Forum platform and URL hosts.

I have scanned quickly over the lists and unbanned a few, maybe about a dozen or so, that are obviously proper accounts with names that seem to fit (well to me anyway and I could well be wrong).

Sorry for the hassles, but I genuinely hope this keeps going.

Just one last thing - hopefully you stayed this far; PLEASE do not quote obvious scam posts when replying to them! That alone generates them the traction that they come here for and then know that the forum is active - yes I'm aware that they would also get a notification of another reply on the thread, but as most of their emails are bot generated, it won't usually reach them. Somehow when they get quoted they do. The company Xenforo that provide the forum software are looking in to how that happens. If you can, hit the "Report" on the post so I get it quickly notified and can remove the post and ban the account.

Happy Easter everyone and again apologies, this time for the unusually long post from me. I'm actually at home for a few days off with family and ope you all get to do the same.

 

[Admin1]

I guess for members it can feel a little like I'm a broken record at times, when I mention about the amount of spam accounts and those trying hard to, for whatever reason, bombard our forum with stupid attacks. I really don't get it and it is wearing me down. The last 72 hours have been horrendous and went way beyond anything experienced before. I've added a small screenshot to show the numbers of new identified spam accounts in just 3 days. It's tiring, just to stand still. And yes that is almost 9.5k