Jump to content
MDDHosting Forums

MjrNuT

Clients
  • Posts

    28
  • Joined

  • Last visited

Contact Methods

  • Website URL
    http://
  • ICQ
    0

Profile Information

  • Gender
    Male

MjrNuT's Achievements

Member

Member (2/5)

0

Reputation

  1. I feel pretty sheepish for responding so late, however, it was a long process for decisions to be made by the Owner(s). They decided to upgrade hosting with GD with the thought of overload on shared environment as the root cause. fshagan -- Your input is greatly appreciated and I would surely have followed it had I been given the reins. I like the "maintenance mode" method to use in this case as I would not have thought about that. Other than that, I had recommended pretty much what you spelled out. Thanks very much for your time to reply. ps -- I need to set for notifications upon replies.
  2. Well, I'm a customer here that has been out of it for a good long while. Mike probably does not recall me and that's alright. This topic is about me volunteering to help out a site that I'm a member of, bear with me here. I have a unique situation or maybe I think it is as I have been out of managing a site for some time now, and therefore this thread might not be in the right spot, so I apologize in advance. Please move this thread to a more appropriate section that would garner more (hopefully) assistance upon reading this. I've only been involved for the last 8 months...and have been so frustrated with the site access, along with others. The current admin inherited the site and duties, but has not background/interest in "fixing" or addressing due to lack of knowledge. He'll ping the host and the typical host response is: it works fine for us. The creator of the site is present, but his time is extremely limited and admittedly put the site together quite well (at the time). I was able to speak with both parties and they welcomed a fresh set of eyes and effort. 1. I'm not the owner of this site and have volunteered to help "improve" it. Improve it by access, which I'll explain. 2. I have access to the source files and control panel. 3. Host: GoDaddy; 2GH hosting account (shared) type, which is no longer offered. A 4GH is now. http://i150.photobucket.com/albums/s107/climpus/Posse4x4/goDaddy_plan.jpg 4. Scripts: phpbb, Mediawiki, Gallery2. I am unsure of the exact versions. The "home" is directed to wiki and primary script is phpbb forums. I have some Gallery2 experience. 5. All 3 scripts use separate mysql dbs. 6. There are cron jobs for backing things up, but the details are not available to me at this time. This is a 4x4 Vehicle Club and has been around since like 2002. Site - URL Primary problem: Site times out with 500 Internal Server Error This will happen intermittently, like within minutes, to hours, to days. Currently, it's been more persistent. The impact is that people in the club are communicating for trail runs and gatherings, which have taken people up to 45 minutes of constant trying. As of last night, I peeked in to at least look at the error_logs (had to turn on and then download to view), something I suggested long ago. In any event some logs occurred for a couple misc missing files like favicon, robots.txt, and missing.html. I put those in just to see what the change was and log entry for them ended. Alot of log entry such as the following: Script timed out before returning headers: viewtopic.php Script timed out before returning headers: index.php Specific to Gallery2 I have been able to delete cache files. I'd like to know how I might troubleshoot this better? Feel free to hit me up with questions for further information. Again, I've been out of the loop for this stuff for a good 3 years, so my terminology is probably lacking. My aim is to at least determine what is causing the "time out" or whatever the root cause is on the client side before looking to see if its something host side. My assumption is that the scripts we have running are out of date, incompatible, or something b/c they have not really been maintained/updated on any type of basis that I know of. Kind of like "we've dealt with this just fine for the last year or so, it will get fast soon enough" type of thinking. I would gladly bring this site over to here, but I need to determine the issues first before making the case.... Thanks for checkng my problem and welcome any better directions/guidance/input/etc.
  3. I second forumite's post! :thumbsup: to MDD. Look forward to just the ramp up now.
  4. I was not intending to see details of the particular client be divulged. The questions were stated from the standpoint of reintroducing the problem again. I understand that a mitigation method will be put in place for the OS. Having said that in review of your reply, the compromised Wordpress script will resume, is that correct? I was interested in where the source was as it is a part of the root-cause of the exploit. So I would think to disable that account such that the owner updates it, etc. before moving forward. This is the pertinence of the questions. I run Wordpress and I'd like to know if I was the idiot responsible and what needed to be done to fix it on behalf of others. I know I'm not the person since I was not notified. I hope that clears up my questions and not intending for privacy to be ignored due to the event.
  5. I think you should roll some of your responses here into the OP for people when you have the time. I have some follow up questions to some of your replies. As stated previously, we don't need to see the details of the script used to perform this exploit. Has the account owner been notified of their out of date "script" for which the exploit was injected? Can you divulge what the script and version is? What has been done or going to be done with that account? Was the account owner even aware of the injection or did they learn after access was removed to Echo altogether (i.e., all sites inaccessible)? Are the other MDD servers configured the same as ECHO? I am glad that MDD can commit to saying no data was lost. I am glad that MDD has committed to a restore date of confidence (based on file changes), followed by potential of newer, specific restores on case-by-case basis. I am glad that the communication is flowing given this technically, time-dependent resolution path.
  6. Thanks for the update MikeDVB. Thanks for taking the precaution of removing access. For clarification, you've noted a temporary mitigation has been determined. How is/was this tested? Is the restore of Echo a bare metal level one? Look forward to your reply when you've been able. I know you were up late....as I was. Regards
  7. Brian, Great review of your experience as I share the same theme. Further feedback could be placed over on WHT as well, if you've got the time. Cheers!
  8. Was wondering if any MDD clients are using such application (i.e,. Mantis, Redmine, or other). I'm curious as my need is not exactly for software tracking, but more for like project management. I'm interested in creating tasks, assigning, progress, issues, etc. Almost as fully granular like bug tracking. Thanks for any input or recommendations!
  9. I've never really uploaded in that kind of fashion, however, this is useful information nonetheless. Some may think it's a harmless execution b/c the folder names are just a name, but they have much more to them below the surface.
  10. Look forward to it Mike. I never had the time to try Scott's helpful information.
  11. wow, something happened to WHT? Ok, here it is. Would have put in the OP, but no edit option? ps. i don't skimp in details.
  12. It's about time I got this done. Please see it here.
  13. I don't have a question. just a big kudos for this. Thanks very much as the response by MDDHosting was barely perceptible.
  14. I'm not at all interested in the streaming servers. I'm fine w/ the buffered, d/l, partial d/l, etc. type. I'm just now determining how to do that.
×
×
  • Create New...