[Blackpool] Saturday
James Page
jmsp.1983 at gmail.com
Fri Feb 13 20:33:00 UTC 2015
Seems your suggestion worked, Michael!
I just need to figure out which site has been compromised now...
Moral of the story - don't let dormant sites be so dormant, I suppose (and
get them migrated to Multisite much sooner).
Best wishes,
James
On 13 February 2015 at 13:34, Michael <heed at bigmassiveheed.co.uk> wrote:
> Is it possible to disable them to see if it has any effect.
>
> Could be the wp sites getting hammered.
>
> One thing to watch for is the xmlrpc exploit (
>
> https://www.google.co.uk/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8#q=wordpress%20xmlrpc%20attack
> )
> ....basically server keeps getting a request for the item and eventually
> struggles.
>
> Have a look through the apache logs for the wp sites and see if there any
> requests for it.
>
> On 13 February 2015 at 13:28, James Page <jmsp.1983 at gmail.com> wrote:
>
> > Re 'dormant' - yes, public-facing, but no longer actively maintained
> > Wordpress sites.
> >
> > Re the forum - not Belinda Carlise or Jo Guest-related I'm afraid! Long
> > story short, I used to be a member of a music-related forum until a few
> > years ago. After some regime change, which we didn't like, we upped
> sticks
> > and made a new home for ourselves.
> >
> > I'm afraid I haven't quite reached the levels of doing anything
> intriguing
> > or worthy yet!
> >
> >
> >
> >
> > Best wishes,
> > James
> >
> > On 13 February 2015 at 13:22, Arthur Garlick <arthur_garlick at hotmail.com
> >
> > wrote:
> >
> > > I once worked with a guy that let slip he maintained the No1 fan
> > > website for a world famous pop star but we were all intrigued when he
> > > wouldn't give up the URL or who it was.
> > >
> > > After a while and snooping of some logs it came out it was Belinda
> > > Carlisle, the website has gone but it was halftheworld.com. After a
> bit
> > > this guy unravelled and confessed he was obsessed with her.
> > >
> > > This was in a dev team where the culture was a bit macho/competitive
> > > and he lost his footing in the pecking order entirely. It was never
> the
> > > same for him.
> > >
> > >
> > > Another guy I once knew maintained an online repository of Jo Guest
> (page
> > > 3 stunna model at the time) animated gifs. You'd have never guessed
> > > talking to him.
> > >
> > >
> > >
> > > I confess, I am totally intrigued and wasting my Friday afternoon
> trying
> > > to guess what subject James would run a forum on.
> > >
> > > Regards
> > >
> > > Arthur
> > >
> > >
> > > > Date: Fri, 13 Feb 2015 13:08:11 +0000
> > > > From: jmsp.1983 at gmail.com
> > > > To: blackpool at mailman.lug.org.uk
> > > > Subject: Re: [Blackpool] Saturday
> > >
> > > >
> > > > Michael,
> > > >
> > > > I'm with HTTPZoom. I think it's the following package:
> > > >
> > > > Platform OpenVZ
> > > > 4GB Dedicated Ram
> > > > 4GB vSwap Ram
> > > > 50GB Diskspace
> > > > 2TB Transfer
> > > > 4 Core CPU Fair Share
> > > > 100mb Shared Port
> > > > SolusVM Control Panel
> > > > Maidenhead Location
> > > >
> > > > I don't suspect a resources issue - at least, Webmin isn't showing
> any
> > > > unusual RAM or CPU usage, anyway.
> > > >
> > > > I'm running a myBB forum on Apache. It's only got a handful of
> members
> > > and
> > > > posts each day, whilst the other sites being hosted are also dormant,
> > > > low-traffic WP sites.
> > > >
> > > > The forum's only started to run noticeably slow over the past week or
> > so.
> > > > I'd had a look at some Apache optimisation pages, but they didn't
> tally
> > > > with what I saw in my httpd.conf file, so I didn't touch it.
> > > >
> > > > I thought it might be brute force attempts on the server which were
> > > slowing
> > > > things down, so I made some changes in iptables to close off SSH as a
> > > route
> > > > in, whilst I increased my Cloudflare security settings to deal with
> > those
> > > > trying to get in via Web. No change, but at least I think I managed
> to
> > > > deal with some security issues.
> > > >
> > > >
> > > >
> > > > Best,
> > > > James
> > > >
> > > >
> > > > Best wishes,
> > > > James
> > > >
> > > > On 13 February 2015 at 12:39, Michael <heed at bigmassiveheed.co.uk>
> > wrote:
> > > >
> > > > > @Elizabeth
> > > > >
> > > > > For an amusing abut aimed at numpties look at how the internet
> works
> > > have a
> > > > > look at: https://www.youtube.com/watch?v=PBWhzz_Gn10
> > > > >
> > > > > @Arthur
> > > > >
> > > > > It can be explained simpler than that....If I get some time I'll
> > knock
> > > > > something together.
> > > > >
> > > > > @James
> > > > >
> > > > > Who is the VPS provider and what level package have you got.
> > > > > Are you going via Apache or nginX
> > > > > Important question....is it a Wordpress site?
> > > > >
> > > > > On 13 February 2015 at 12:25, Arthur Garlick <
> > > arthur_garlick at hotmail.com>
> > > > > wrote:
> > > > >
> > > > > > Hi,
> > > > > > I'm sceptical that it can be written in a useful guide, or else
> I'd
> > > have
> > > > > > found one someone else had done that fit the job when I googled
> it.
> > > > > >
> > > > > > In my mind it's more a learning by doing experience than a
> written
> > > down
> > > > > > guide. We do need a crib sheet at the end with the details of the
> > > things
> > > > > > we did so that people can go off and do the experiments in their
> > own
> > > > > time.
> > > > > >
> > > > > >
> > > > > >
> > > > > > So:
> > > > > > ipV4 addresses, how to find yours.
> > > > > >
> > > > > > Difference between our ip address and a real fixed ip on the
> > > internet.
> > > > > > Touch on Class C and what is DHCP on a local router.
> > > > > >
> > > > > > What is a router, why do we need one.
> > > > > >
> > > > > > What a web server is and does. HTML. What actually is a browser.
> > > Whats
> > > > > > that http:// about, and https:// ?
> > > > > >
> > > > > > How we find all of these webservers without knowing ip addresses
> of
> > > > > > everything - DNS
> > > > > >
> > > > > > Routing worldwide, the origins of internet and robustness of
> packet
> > > > > > switching.
> > > > > >
> > > > > > Traceroute, just like on the TV with the hackers, where did the
> > data
> > > > > visit
> > > > > > on it's way to us
> > > > > >
> > > > > >
> > > > > > I'd cover all that in 15 minutes but by doing hands on stuff,
> like
> > > this:
> > > > > >
> > > > > > find out your ip address using command line
> > > > > > find out ip address of someone else's pc
> > > > > > notice similarities in the ip address's (talk about DHCP, router,
> > > real ip
> > > > > > addresses vs class C.)
> > > > > > ping somebody elses ip address in the room, what does that time
> > mean?
> > > > > > open the router setup in a browser look at DHCP (need to ask
> about
> > > > > that...)
> > > > > > Have a machine with a standalone web server running and access it
> > via
> > > > > http
> > > > > > direct from its ip
> > > > > > Open the default html file on the server and edit it
> > > > > > Do view source at the browser side
> > > > > > Quick overview of the F12 debug features in a browser are to find
> > the
> > > > > code
> > > > > > behind a particular area in a big web page
> > > > > > Use reverse DNS to look up an ip of a famous site
> > > > > > Ping that ip address - understand what just happened request and
> > > response
> > > > > > compare time with the local ping.
> > > > > > Use traceroute to see how that data was routed across the world
> > > > > >
> > > > > > Also something about what Jo (and James!) does, managing VMs that
> > > are on
> > > > > > boxes physically half way around the world and the reasoning to
> > have
> > > two
> > > > > > VMs.
> > > > > >
> > > > > >
> > > > > >
> > > > > > Maybe back it up with a handout which might need to be custom to
> > the
> > > kit
> > > > > > that person has so that the commands are right for them
> > > > > > Mint/Ubuntu/PC/Raspbian. In my mind it's too hard to have a
> proper
> > > > > printed
> > > > > > guide... too many variables. (But we can try!)
> > > > > >
> > > > > >
> > > > > > So in my mind it's a snappy practical exercise (15mins might be
> > > > > > optimistic) that we can do with all sorts of people, this would
> be
> > > just
> > > > > as
> > > > > > good done with Pis at the CoderDojo or new families that visit
> the
> > > > > > Makerspace for example.
> > > > > >
> > > > > >
> > > > > >
> > > > > > I am a dev, I just do the code, there are people on here that
> could
> > > take
> > > > > > the idea and improve it or put it in the bin and do it better
> from
> > > > > > scratch... PLEASE DO!
> > > > > >
> > > > > >
> > > > > > regards
> > > > > >
> > > > > > Arthur
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > > > Date: Fri, 13 Feb 2015 11:46:20 +0000
> > > > > > > From: heed at bigmassiveheed.co.uk
> > > > > > > CC: blackpool at mailman.lug.org.uk
> > > > > > > Subject: Re: [Blackpool] Saturday
> > > > > > >
> > > > > > > How deep do you want this guide to be?
> > > > > > >
> > > > > > > On 13 February 2015 at 10:47, Elizabeth C <
> > > > > > elizabethcoop1945 at hotmail.co.uk>
> > > > > > > wrote:
> > > > > > >
> > > > > > > > re " I want to write down what will be in our 15 minute
> > practical
> > > > > > guide to
> > > > > > > > how the internet works."
> > > > > > > >
> > > > > > > > I would be sooooo very grateful for something like that
> > > written....
> > > > > > > >
> > > > > > > > Elizabeth
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > > From: arthur_garlick at hotmail.com
> > > > > > > > > To: jmsp.1983 at gmail.com; blackpool at mailman.lug.org.uk
> > > > > > > > > Date: Fri, 13 Feb 2015 10:01:05 +0000
> > > > > > > > > Subject: Re: [Blackpool] Saturday
> > > > > > > > >
> > > > > > > > > Hi,
> > > > > > > > > The plan with the Pi wearable got changed to me delivering
> it
> > > to
> > > > > Les
> > > > > > and
> > > > > > > > Tom at Mereside tomorrow morning. We will be making a
> slightly
> > > late
> > > > > > > > appearance at the makerspace.
> > > > > > > > >
> > > > > > > > > I know nothing James! But interested.
> > > > > > > > >
> > > > > > > > > Been busy this week, I'll be playing with the Arduino
> > > compatible
> > > > > > Teensy
> > > > > > > > and working out what the 'compatible' there actually means.
> > > > > > > > >
> > > > > > > > > I want to write down what will be in our 15 minute
> practical
> > > guide
> > > > > to
> > > > > > > > how the internet works.
> > > > > > > > >
> > > > > > > > > Or maybe I'll just drink coffee, sit back and pontificate
> on
> > > the
> > > > > vast
> > > > > > > > expanse of things tech that doth offend mine eye.
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > See you tomorrow
> > > > > > > > >
> > > > > > > > > A
> > > > > > > > >
> > > > > > > > > > Date: Thu, 12 Feb 2015 21:42:29 +0000
> > > > > > > > > > From: jmsp.1983 at gmail.com
> > > > > > > > > > To: blackpool at mailman.lug.org.uk
> > > > > > > > > > Subject: [Blackpool] Saturday
> > > > > > > > > >
> > > > > > > > > > Ahoyehoyey, peeps!
> > > > > > > > > >
> > > > > > > > > > If there's anybody coming on Saturday who knows their way
> > > around
> > > > > a
> > > > > > Web
> > > > > > > > > > server, could you help me out with a site on my VPS? I
> run
> > a
> > > > > small
> > > > > > > > forum
> > > > > > > > > > and it's recently started running pretty slowly - I'm at
> a
> > > loss
> > > > > as
> > > > > > to
> > > > > > > > what
> > > > > > > > > > it could be. I haven't noticed anything unusual in terms
> of
> > > > > > processes
> > > > > > > > and
> > > > > > > > > > memory.
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > James
> > > > > > > > > > _______________________________________________
> > > > > > > > > > Blackpool mailing list
> > > > > > > > > > Blackpool at mailman.lug.org.uk
> > > > > > > > > > https://mailman.lug.org.uk/mailman/listinfo/blackpool
> > > > > > > > >
> > > > > > > > > _______________________________________________
> > > > > > > > > Blackpool mailing list
> > > > > > > > > Blackpool at mailman.lug.org.uk
> > > > > > > > > https://mailman.lug.org.uk/mailman/listinfo/blackpool
> > > > > > > >
> > > > > > > > _______________________________________________
> > > > > > > > Blackpool mailing list
> > > > > > > > Blackpool at mailman.lug.org.uk
> > > > > > > > https://mailman.lug.org.uk/mailman/listinfo/blackpool
> > > > > > > >
> > > > > > > _______________________________________________
> > > > > > > Blackpool mailing list
> > > > > > > Blackpool at mailman.lug.org.uk
> > > > > > > https://mailman.lug.org.uk/mailman/listinfo/blackpool
> > > > > >
> > > > > _______________________________________________
> > > > > Blackpool mailing list
> > > > > Blackpool at mailman.lug.org.uk
> > > > > https://mailman.lug.org.uk/mailman/listinfo/blackpool
> > > > >
> > > > _______________________________________________
> > > > Blackpool mailing list
> > > > Blackpool at mailman.lug.org.uk
> > > > https://mailman.lug.org.uk/mailman/listinfo/blackpool
> > >
> > _______________________________________________
> > Blackpool mailing list
> > Blackpool at mailman.lug.org.uk
> > https://mailman.lug.org.uk/mailman/listinfo/blackpool
> >
> _______________________________________________
> Blackpool mailing list
> Blackpool at mailman.lug.org.uk
> https://mailman.lug.org.uk/mailman/listinfo/blackpool
>
More information about the Blackpool
mailing list