jump to navigation

Update January 3, 2011

Posted by ismywebsite in general.

Node 4 is back up, thanks to Michael from WebLyte working tirelessly to get this done quickly. They have stepped above and beyond what would usually be expected, and proven to be very valuable as a service provider for us. All data should be restored, however databases are in your home directory named as .sql and your package features have been reset. This should all be fixed automatically when 4.0 launches, so please only report if you need something set urgently.

Chris Reed from RevoGate, who manage Node 7, responded shortly after to inform us that they have not been keeping any backups, despite this was advertised on their features page. He has spent a considerable effort to try to locate if any of the space left over on the server may have actually been a backup, however it turned out to be a 55Gb server error log for MySQL, which does explain where all our space went. It appears that backups are only taken for clients on their shared servers. He moved us to a separate server against my recommendation when we first signed up with them, offering to cover all the separate licensing costs and take care of the server administration for us. At present, it does not appear he is looking further into any data recovery options, though I have recommended this. Files which get deleted really just become unlinked from the system, and the core data of the files still exists until it is overwritten. Software is available, even for free, which can locate and help restore these files.

Node 1, managed by SmokyHosts, has not responded to our ticket at all, despite it being marked high priority and we added a second response.

The largest issue is that we still don’t know who did this, or fully how it happened. I’m sure the person responsible is quite ashamed of their actions, however they have not yet come forward to own up to them. Until we know this, the site must remain under fairly complete lockdown which unfortunately prevents the recreating of accounts.

Version 4.0 has already been created with fairly extensive encryption of passwords, limited time sessions of WHM access, with the password changed after every one, no direct database access, and a substantially reduced number of volunteers. But until we know for sure how this happened, we can’t be sure it can’t happen again.

I do wish to thank Arielle and her team of hackers from the Philippines from conducting a security test of our system, and also Chris Blair for his help and suggestions surrounding improving our encryption. He was apparently able to decrypt an account password in just 2 days using very sophisticated software, and we are working now on a solution which will increase this time to 2 years. We cannot have passwords falling into the wrong hands.

In addition I’m very interested in offering a service to back up websites onto another external storage, which could then be retrieved later at any time. This service would cost additional credits, and be available to clients who kept a positive credit balance.

One of the other largest updates is with the credit system on 4.0. It’s possible now to purchase domains. I’m also working to add many more ways of earning credits including more advertising networks, getting the forums working properly (Brendan has been putting in a lot of hours on this one), activity points, and properly working referral 2% commission, so you can get something back for that 10 credits you invested in your friends.



No comments yet — be the first.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: