1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
  2. Greetings Guest!!

    In order to combat SPAM on the forums, all users are required to have a minimum of 2 posts before they can submit links in any post or thread.

    Dismiss Notice

Regarding UOLedger.com and Security

Discussion in 'UHall' started by Wallenstein, Oct 4, 2009.

  1. Wallenstein

    Wallenstein Guest

    I became aware of a site problem a couple of weeks ago that I had temporarily fixed while working on enhancing UOLedger.com's security and backend. Shortly thereafter, due to overlooking one minor loophole in our site's permissions, somebody was able to place malicious code onto our site's index files resulting in visitors receiving security warning messages up the wazoo.

    When I found out about this I took down our main index.php file that every page was based on and replaced it with a maintenance message. For some reason people are still getting security prompts and I've therefore taken the entire site offline until I find out exactly what scripts were modified and can remove any and all malicious code.

    The second I fix what went wrong the site will be back up and we'll pick up where we left off (just days before the UO: SA launch). I regrettably encourage you all to stay off of UOLedger.com for the time being until it's officially back up to avoid any potential security issues.

    I'm sifting through heaps of backups trying to find a working and up-to-date file that can be used in place of the current maliciously-modified pages. I'll post when it's up..

    I just wanted to give you a heads up after seeing the other thread had been closed.

    Thanks,
    Brian / Asimo
     
  2. Taylor

    Taylor Former Stratics CEO (2011-2014)
    Professional VIP Stratics Veteran Supporter Alumni Campaign Benefactor Alumni

    Joined:
    Oct 21, 2008
    Messages:
    8,023
    Likes Received:
    1,714
    Thanks for your update, Brian. I sure hope the Ledger is recoverable. :(