Should be back in business
Forms and 'paperwork' have been submitted, I think we are back up for a while. Good news is I won't need to do the downtime Sunday night ;)
Re: Should be back in business
Oh thank God. Seriously this place is like crack, I haven't known what to do the last couple of days.
Re: Should be back in business
So where did the offending stuff end up being? Was I pretty close?
Re: Should be back in business
Quote:
Originally Posted by
eaglewraith
Oh thank God. Seriously this place is like crack, I haven't known what to do the last couple of days.
I didn't realize how much I actually checked this site during the day. I pretty much always had a window open along with all my work stuff.
Re: Should be back in business
Ok, I have cleared all browsing history since the beginning of time, but Chrome still thinks there is a virus here. IE does not. Any suggestions?
Re: Should be back in business
Quote:
Originally Posted by
cannonballgsu
Ok, I have cleared all browsing history since the beginning of time, but Chrome still thinks there is a virus here. IE does not. Any suggestions?
that's because google hasn't updated their blacklist of sites w/ viruses on them. Chrome checks with that and compares. E22 submitted the paperwork to get his site checked again by google they just haven't finished yet.
Re: Should be back in business
Is the new "What's New" button here to stay? Kind of a fan of the old one, although I sure won't complain.
Re: Should be back in business
Quote:
Originally Posted by
southern edumacation
that's because google hasn't updated their blacklist of sites w/ viruses on them. Chrome checks with that and compares. E22 submitted the paperwork to get his site checked again by google they just haven't finished yet.
Thanks - not real familiar with hosting/servers/stuff I should have paid attention to in CISCO...
Re: Should be back in business
Quote:
Originally Posted by
GSUfanforever
Is the new "What's New" button here to stay? Kind of a fan of the old one, although I sure won't complain.
Yeah...Now we have to click on "What's New", then click on "New Posts" to get where the old button took us. Would be nice if we could default back to the old way though.
Re: Should be back in business
Quote:
Originally Posted by
southern edumacation
that's because google hasn't updated their blacklist of sites w/ viruses on them. Chrome checks with that and compares. E22 submitted the paperwork to get his site checked again by google they just haven't finished yet.
Correct. I submitted a review request at 1:37 am this morning, once I had ensured from my end everything had been cleaned up. Very exhaustive approach, and I took an extra step of completely downloading everything off the server, scanning it myself, and uploading it back (which is what took an extra day). I won't go into too much detail, but I couldn't exactly trust my host.
A big thanks to NWGaEagle ... his pointers when I called him yesterday confirmed some of my suspicions about where the offending snippet of code had been injected.
Hopefully Google will get it cleared off their list soon.
Re: Should be back in business
Quote:
Originally Posted by
NWGaEagle
So where did the offending stuff end up being? Was I pretty close?
Yep. I found the last trace in a footer file. Since it is one of the files that has altered code, the way vbulletin handles file upgrades did not correct and remove the code. So, out of over 53,000 files on the server, it was a single line in a single file being called by most of the template pages.
Re: Should be back in business
Quote:
Originally Posted by
Eagle22
Correct. I submitted a review request at 1:37 am this morning, once I had ensured from my end everything had been cleaned up. Very exhaustive approach, and I took an extra step of completely downloading everything off the server, scanning it myself, and uploading it back (which is what took an extra day). I won't go into too much detail, but I couldn't exactly trust my host.
A big thanks to NWGaEagle ... his pointers when I called him yesterday confirmed some of my suspicions about where the offending snippet of code had been injected.
Hopefully Google will get it cleared off their list soon.
Quote:
Originally Posted by
Eagle22
Yep. I found the last trace in a footer file. Since it is one of the files that has altered code, the way vbulletin handles file upgrades did not correct and remove the code. So, out of over 53,000 files on the server, it was a single line in a single file being called by most of the template pages.
WOW. Thanks again for all that you do to keep the sight up.
Re: Should be back in business
Quote:
Originally Posted by
GSUfanforever
Is the new "What's New" button here to stay? Kind of a fan of the old one, although I sure won't complain.
I have no idea of the new 'features' on this code level.
I haven't had much time this week to dive into seeing what the differences are, though I momentarily freaked when I couldn't find what I considered to be the 'front' page.
Been dealing off-line with a couple of major issues outside of the website and its operation ... so in true Murphy's Law fashion ... the site got hacked at just the entire wrong time. Hoping to put in some major hours next week in getting it ready for football season ... I had initially planned on doing it this weekend (upgrade installation), but the hacking forced me to do it sooner so I could get the server cleaned up.
Re: Should be back in business
Oh, on an unrelated note ... once I was aware of the depth of the initial problem, Google's webtools had narrowed down for me a list of certain threads that had contained additional suspected malware in random advertisements.
While the ironic part is that they were ads served through Google, I took the approach of simply deleting those thread from the database, rather than trying to cull ad code.
All in all, about 25 threads were purged. Some were very old, but a few were somewhat recent. If your thread was deleted, sorry ;)
Re: Should be back in business
Quote:
Originally Posted by
Eagle22
Oh, on an unrelated note ... once I was aware of the depth of the initial problem, Google's webtools had narrowed down for me a list of certain threads that had contained additional suspected malware in random advertisements.
While the ironic part is that they were ads served through Google, I took the approach of simply deleting those thread from the database, rather than trying to cull ad code.
All in all, about 25 threads were purged. Some were very old, but a few were somewhat recent. If your thread was deleted, sorry ;)
Whew.... at least the Hotties thread survived..... I was a tad concerned as it wasn't on the first two pages in the Open Forum!!
Re: Should be back in business
Quote:
Originally Posted by
GaSou93
Whew.... at least the Hotties thread survived..... I was a tad concerned as it wasn't on the first two pages in the Open Forum!!
I blame that on SwampEagle ;)
Some threads are worth the time consuming ordeal necessary to ensure their survival. That one would be a lot of fun to check through, page by page !
Re: Should be back in business
I post very rarely but this has made me realize how much I depend on your site for information on Georgia Southern athletics. I can offically say that I am addicted; however, some addictions are not so bad :).
Re: Should be back in business
Quote:
Originally Posted by
cannonballgsu
Yeah...Now we have to click on "What's New", then click on "New Posts" to get where the old button took us. Would be nice if we could default back to the old way though.
Didn't realize we could still access the "new posts" part off of the "what's new". That's not a big change- thanks for pointing it out.
Re: Should be back in business
Was there any specific malicious bug identified that users may have picked up? Something's causing problems on my home computer the last few days that Norton, Malwarebytes and the other stuff I use hasn't stopped; Google searches are redirecting to some crappy search service and WIndows Updating isn't working. I was going to spend some time this weekend trying to flush it out.