Jump to content

geocacheuk.com

itchy-feet

By itchy-feet
in United Kingdom and Ireland

Followers 10

Recommended Posts

Write and Mane

+Write and Mane

Posted
Posted

Really lovely to wake up and find that the site is still available :laughing::laughing:

 

We didn't realise just how much we missed it till it wasn't working :DB)

 

Thanks for all the hard work done in order to get it up and running again. :):D

JOMART

JOMART

Posted
Posted

Thanks Ian, we really appreciate all the effort you're putting in.

[/quote

Many thanks for all the hard work you put into trying to keep GCUK up and running.

I tried to do a Tom Tom download today for GCUK but was unsuccessful, has anyone else managed to do it?

Thanks :laughing:

celebr8

+celebr8

Posted
Posted

Just logged onto the site and it looks like it's being hacked again :laughing:

 

It's seems hacker is using an app called c99shell. I took a screen shot if anyone needs to see it. Don't know if anyone can stop the attack...........but please try!

Teasel

+Teasel

Posted
Posted

Well, I didn't expect it to stay up for long, but less than 24hrs - that must be a record :laughing:

 

Hopefully, this time they won't have had time to attack any other servers, so I might even keep control of my server for long enough to look at the log files to see how they're getting in, before 1and1 kick me off the server (again) and send more threatening legal messages (again).

studlyone

+studlyone

Posted
Posted (edited)
Well, I didn't expect it to stay up for long, but less than 24hrs - that must be a record :laughing:

 

Hopefully, this time they won't have had time to attack any other servers, so I might even keep control of my server for long enough to look at the log files to see how they're getting in, before 1and1 kick me off the server (again) and send more threatening legal messages (again).

I hope you manage to find the backdoor that they are using to get into the server every time. Hopefully the logs will give you an idea as to where they are getting in to the system from and how.

Ian

Edited by studlyone
Teasel

+Teasel

Posted
Posted

Aha, the threatening legal letter from 1and1 has just arrived (what took them so long?!) :) But this time I've managed to take a backup of the site, including the server logs, so I may be able to work out how the hackers got in. By the looks of things, they're well and truly in (I believe the phrase is that I'm "0wn3d d00d"), as I've found new copies of apache, process hiders (suggesting they've got root privileges - eeep!), various back doors and filesharing sites. Wow, these guys move fast! First signs are that it's the Wiki which might have been the initial hole through which they got in, but if they have root, I don't know how much I can trust the logs! Still, hopefully they'll tell me something...

barryhunter

barryhunter

Posted
Posted

The server doesn't not store the passwords in clear text, only hashed values. (which cant be decoded directly)

 

Which is why the site cant send a forgottten password reminder - only issue a new one.

Archangel_UK

Archangel_UK

Posted
Posted

Aha, the threatening legal letter from 1and1 has just arrived (what took them so long?!) :D But this time I've managed to take a backup of the site, including the server logs, so I may be able to work out how the hackers got in. By the looks of things, they're well and truly in (I believe the phrase is that I'm "0wn3d d00d"), as I've found new copies of apache, process hiders (suggesting they've got root privileges - eeep!), various back doors and filesharing sites. Wow, these guys move fast! First signs are that it's the Wiki which might have been the initial hole through which they got in, but if they have root, I don't know how much I can trust the logs! Still, hopefully they'll tell me something...

 

Best of luck mate , just what you don`t need

 

question ? is trigpointing clear of their influence ?

scottpa100

+scottpa100

Posted
Posted

Worrying news Teasel.

Can you assure us our passwords couldn't be worked out if they do indeed have root access?

 

I understand where Jaz666 is coming from with this BUT, I know there are billions of websites that require passwords. For fun, not important websites (as great as geocacheuk is, I'd class it as this) I suggest a standard password that is completely different to your e-mail, bank account, gas/electric etc etc. At least you won't have Jaz666's concerns here.

 

Best practice says that you should have a different password for each website, but I also know about living in the real world and that you can not possibly remember ever single password for every single personalised website you access.

 

Sorry to hear about the hackers though! :ph34r::rolleyes:

Deego

Deego

Posted
Posted

 

question ? is trigpointing clear of their influence ?

 

Yes. The trigpoint site is on a different server at the moment. This server is smaller and wont handle the G:UK side. This is why we have been able to reinstate T:UK and not G:UK.

 

I am sure Ian will sort the problems out :rolleyes::ph34r:

Teasel

+Teasel

Posted
Posted

Have we now lost it completely?

No, it's just 1and1 throwing a paddy because I've canceled my server account with them. The domain itself is safely hosted with 123-reg. (Note to anyone who's setting up a website... never, and I mean never host your domain name with the same company who provide your web server. It's a lesson I learned the hard way a long time ago!)

 

As for the passwords, even if they didn't gain root, the level of access the hackers did attain was sufficient for them to get a list of usernames, email addresses, IP addresses and encrypted passwords. I have no evidence either way as to whether anyone did actually locate and download this information, but it would be imprudent to assume that they didn't. The passwords were all encrypted and therefore difficult, but not impossible to obtain. So anyone who used the same password on G:UK / T:UK as they did on a more important site (eg a bank account!) is advised to change the password on the other site(s) immediately. This is particularly important if your password was based on a dictionary word, or if your identity can be guessed from your username or password. The risk is low (eg if you knew that "Teasel" (geocache@teasel.org) had a password of "tuesday", exactly what good would it do you? Other than maybe being able to log onto Geocaching.com using the same details and logging caches in my name!), but even so, we're not dealing with particularly nice people here!

 

On a more positive note, things are looking promising for an early return of G:UK. I've received a very generous offer of hosting from a fellow geocacher. Full details once everything's sorted, but suffice to say that I'm bowled over by this person's generosity!

GiveItAGo

+GiveItAGo

Posted
Posted

I never realised how important the site was to me until it went. I add my thanks to you for all your hard work, for the updates on here which give me hope and the anonymous supporter.

Gavin4077

+Gavin4077

Posted
Posted

As you can see from my post count, I'm not a regular poster on GC.com... however I just wanted to say THANKS Ian for all the hard work. I only recently started looking at your site and really look forward to it's return!

 

Keep up the good work :o

JustAlan

+JustAlan

Posted
Posted

Thanks for all the hard work you're putting in to get the UK site up and running again Ian. Do you have any estimate of when we should be able to use it again?

Teasel

+Teasel

Posted
Posted

OK, let's have a go and see what happens...!

 

With massive thanks to the generosity of Jellicacheers and Positive Internet for providing us with a new home, I think the G:UK stats pages are ready to be switched back on again! :unsure: Please be gentle with them! :D

 

There have been quite a few changes to the code, in an attempt to keep the hackers at bay, so it's likely that much will have broken. Please let me know if you come across anything which isn't working... I've not dared switch the forum back on, until I can do a bit more to keep the hackers out, and the site is currently closed to new registrations, until I can get T:UK and G:UK talking to each other properly. But the basic functionality should be there.

 

Sorry it's been so long, and thanks for your patience!

 

Cheers,

Ian

Haggis Hunter

+Haggis Hunter

Posted
Posted

It's really good to have this back up and running again. Great work. :)

 

I would guess that it won't be high on your priorities at the moment, but does the url address for the Cache Rating Icons need changing?

bones1

+bones1

Posted
Posted
:) hope you had a good holiday.lots of us talk about the web site and how good it is and like others i have sorely missed it,hope you can sort out these hacking techie problems,meanwhile we will all wait patiently untill the day we can crack open a celebratory bottle of champers,jeff=bones1.
Flyfishermanbob

+Flyfishermanbob

Posted
Posted

Hi Ian,...well done

 

 

One wee glitch which might clear up,..my stats page looks ok, and it shows the recent caches I've found waiting to be rated etc.

 

 

But when I run a search from my home co-ords, it seems to think I'm someone called TEASEL :) none of the caches I've found are shown as found .... same with the owned ... opened up the search by 500 miles and lo and behold I "own" 3 caches...... yours.... and I ve found caches in places I've never been to...

Deceangi

Deceangi

Posted
Posted

Thank you Ian for the hard work you've put in to get G:UK back up and running and the hard work you still have to put in to get the site completely up and running. It is very much appreciated :)

steviep

+steviep

Posted
Posted

Hi Ian,...well done

 

 

One wee glitch which might clear up,..my stats page looks ok, and it shows the recent caches I've found waiting to be rated etc.

 

 

But when I run a search from my home co-ords, it seems to think I'm someone called TEASEL :) none of the caches I've found are shown as found .... same with the owned ... opened up the search by 500 miles and lo and behold I "own" 3 caches...... yours.... and I ve found caches in places I've never been to...

 

Same here, I'm Teasel too :)

 

Thanks Ian it's great to have the site back :)

JustAlan

+JustAlan

Posted
Posted

Thanks for getting it up and running again Ian.

 

A couple of points -

 

Firstly, I assume the 'caches to be rated' stats will sort themselves out over the next few days, as I am a dozen or so outstanding (about half from mid Feb).

 

Secondly, I think the graphs on the Cacher stats profiles may need looking at. I'm sure I'm not finding caches at the rate of 40,000 a month :) . If I am, it explains why I've been feeling a bit tired recently :)

goldpot

+goldpot

Posted
Posted

I'm sure I'm not finding caches at the rate of 40,000 a month :) . If I am, it explains why I've been feeling a bit tired recently :)

 

...and I'm placing 3,000 new caches out a month :)

 

Thank-you very much for all the hard work you have done to get this fabulous web-site back up and running once again - lets hope it never gets hacked again.

 

...ooooh, I have really been missing those red spots... :)

Teasel

+Teasel

Posted
Posted

OK, the graphs on the cacher stats pages should now be OK. Could someone who's searches are coming up as Teasel please tell me exactly what they're doing. When I logged in as "The Peak Plodders", I got their finds, not Teasel's, so it looks like the problem isn't affecting everyone in the same way...

 

Thanks,

Ian

Team Clova

+Team Clova

Posted
Posted

OK, the graphs on the cacher stats pages should now be OK. Could someone who's searches are coming up as Teasel please tell me exactly what they're doing. When I logged in as "The Peak Plodders", I got their finds, not Teasel's, so it looks like the problem isn't affecting everyone in the same way...

 

Thanks,

Ian

 

Its doing it for us too...

 

Going from the home page clicking "My Stats" and then clicking on one of my previous searches (one from home) The page which opens has all UK caches in order of date not in order of distance from home. I can adjust this by clicking the distance column header but all the caches found/hidden are by Teasel.

 

PS Great to have the site back!

rufty tufty boys

+rufty tufty boys

Posted
Posted

Fantastic to have this back - thanks for your hard work.

 

I think that the problem with searches may only be with saved searches. I was having it but when I set up a new search (with the same criteria) it went.

 

Thanks again

Bear and Ragged

+Bear and Ragged

Posted
Posted

Thank You! :)

 

GIS map not working... something pointing to the wrong (old) web page address?

 

2008.03.09 09:58:51 v0.99b.

09:58:51 Applet parameter layout = null.

09:58:52 Applet parameter tms = .

09:58:52 Applet parameter pid = gis_xml.php?c=0&gis.xml.

09:58:52 Applet parameter servlet = null.

09:58:52 Applet parameter external = null.

09:58:52 Applet parameter pid = gis_xml.php?c=0&gis.xml.

09:58:52 Applet parameter zoomtooneresult = null.

09:58:52 Applet parameter maxsidsize = null.

09:58:52 Applet parameter encoding = .

09:58:52 Applet parameter target = infoWindow.

09:58:52 Applet parameter prepage = no.

09:58:52 Load Project: http://www.geocacheuk.org/caches/gis_xml.php?c=0&gis.xml.

09:58:52 Parse. CoastLow.

09:58:52 Parse. CoastHigh.

09:58:52 Parse. Relief.

09:58:52 Parse. Motorways.

09:58:52 Parse. Roads.

09:58:52 Parse. Urban Areas.

09:58:52 Parse. Towns - Major.

09:58:52 Parse. Towns - Mid.

09:58:52 Parse. Towns - Small.

09:58:52 Parse. Geocaches.

09:58:52 end parse 10.

09:58:53 Download image. CoastLow.

09:58:54 Download image. Relief.

09:58:55 Download 1107 records. Towns - Major.

09:58:55 WARNING#307. Towns - Major.

 

09:59:28 *** ERROR#308 *** Geocaches. Can't load file http://stats.geocacheuk.com/caches/gis_cac.../gis_caches.zip.

Team Clova

+Team Clova

Posted
Posted

Fantastic to have this back - thanks for your hard work.

 

I think that the problem with searches may only be with saved searches. I was having it but when I set up a new search (with the same criteria) it went.

 

Thanks again

 

Thanks - Working perfectly now using a new search :)

Foinavon

+Foinavon

Posted
Posted

Fantastic to have this back - thanks for your hard work.

 

I think that the problem with searches may only be with saved searches. I was having it but when I set up a new search (with the same criteria) it went.

 

Thanks again

 

Thanks - Working perfectly now using a new search :D

 

:unsure::blink::huh::) Fantastic to have it back. A big thank you to all involved.

Flyfishermanbob

+Flyfishermanbob

Posted
Posted
OK, the graphs on the cacher stats pages should now be OK. Could someone who's searches are coming up as Teasel please tell me exactly what they're doing. When I logged in as "The Peak Plodders", I got their finds, not Teasel's, so it looks like the problem isn't affecting everyone in the same way...

 

Thanks,

Ian

 

 

Hi Ian,

 

 

Ive logged in as flyfishermanbob .. and ran a new search from my home co-ords.....

 

 

All the nearest caches show up.... but appear as unfounds.... / not mine ..

 

 

i.e if I use the buttons for remove found or remove hidden nothing changes...

 

 

 

the "My Stats" page shows a map of my finds though....

 

 

hope this helps

JustAlan

+JustAlan

Posted
Posted (edited)

Hi Ian,

 

Back on the stats problem. My stats page says I have rated all 722 caches I have found, but clicking on my geocacheuk profile shows I have found 738 (which is correct for unique caches - my gc.com figure is higher due to YOSM finds). That gives a difference of 16 (missing) caches, but according to my list, I have only got 13 left to rate. Odd.

 

Is this a teething problem which will sort itself out when it's all bedded down on the new server, or does it need another tweak.

 

Thanks again for all the work you're putting in on this.

Edited by JustAlan
purple_pineapple

+purple_pineapple

Posted
Posted

It's really good to have this back up and running again. Great work. :unsure:

 

I would guess that it won't be high on your priorities at the moment, but does the url address for the Cache Rating Icons need changing?

 

HH, with a bit of trial and error, I managed to get mine working. The URL does need changing - its currently stats.geocacheuk.com/mystats..., and I've changed it to www.geocacheuk.org/mystats...

 

Seems to work - check out the code on one of my older caches if it helps!

 

Dave

Haggis Hunter

+Haggis Hunter

Posted
Posted

It's really good to have this back up and running again. Great work. :unsure:

 

I would guess that it won't be high on your priorities at the moment, but does the url address for the Cache Rating Icons need changing?

 

HH, with a bit of trial and error, I managed to get mine working. The URL does need changing - its currently stats.geocacheuk.com/mystats..., and I've changed it to www.geocacheuk.org/mystats...

 

Seems to work - check out the code on one of my older caches if it helps!

 

Dave

That has worked a treat thanks, I'll change the resat of my caches later. Just as a note to anyone else you also need to change the address for the /pics/rating..... as well.

TastyMarmots

+TastyMarmots

Posted
Posted

Soooo good to have this back!!!! Thanks for all your efforts. :blink::huh::unsure:

 

Just to feedback some seen "issues"

 

1. Under the search criteria if you select and enter an "after date" and run this, you get an error.

 

2. Seem to be getting some odd results on a search result page in that you select the "remove found" button while does seem to alter the number of total items at the top right of the page (although not the number I would expect), but if does not remove found items in the listings below.

 

Cheers

 

Happy Ferreters

Moonraker Team

Moonraker Team

Posted
Posted

Ian, Just a note to say thanks for your efforts with this, I see you say on the site that some things are still a bit iffy but I'm sure you must realise how pleased we all are to have it back at all so WELL DONE and THANKS :laughing::anibad::lol:

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
Followers 10
Go to topic listing
×
×
  • Create New...