distal-attribute
distal-attribute
distal-attribute
distal-attribute

Forum possibly hacked

Cyann posted 3 months ago in General

I'm receiving spam on the unique address created for this forum.

Details:

  • Sent by: www.cookiecrazie.com (static-ip-173-224-121-100.inaddr.ip-pool.com [173.224.121.100])
  • Sender (possibly spoofed): EU Business Register register@ebr-list.net

Was the forum hacked, or is it a privacy violation (addresses sold)?

Cyann posted 3 months ago

I've noticed that there is no https on this site... Please enable HTTPS! See letsencrypt.org for a quick and easy solution.

This also mean that downloads from this site cannot be trusted and are potentially infected. I've disabled auto update until this is corrected.

dungmourice posted 3 months ago

Looks like its hacked(

ansgar posted 3 months ago

I'm quite sure it's not. Email addresses are nowhere displayed nor posted anywhere else, honestly. I'm a OpenSource monkey, I hate when others don't respect data privacy. Will check the SSL thing, sigh... I have very few experience with SSL on Apache (on Windows!), so this can take some time.

ansgar posted 3 months ago

Just installed an free ssl certificate for testing purposes: https://www.heidisql.com . Took me 2 hours to find the Windows firewall was wrongly configured for port 443.

ansgar posted 3 months ago

Tataa.. I have a valid (cheap) SSL certificate running now. All pages force a redirect to https from now on. Also HeidiSQL's internal updatecheck is forced to use ssl now, and after a small update this will be ssl by default, without a redirect.

Please login to leave a reply, or register at first.