Creative Commons license icon

Flayrah Hacked

Your rating: None Average: 5 (3 votes)

Early this morning, Flayrah.com was hacked by by person or persons uknown. The hack consisted of a news article posted under my name, and some minor defacement of the site. I do not know if any further damage was caused. If you notice anything further out of the ordianary, please email me. I will shortly be updating Flayrah.com's codebase to the latest release of PostNuke; this will hopefully plug any security holes that the hacker may have used. Thanks for your patience.

Aureth
Publisher, Flayrah.com

Comments

Your rating: None Average: 5 (3 votes)

My memory's never the best, but I notice the stories seem to be out of order or possibly some recent ones are missing, because I think the couple I'd posted had almost rolled off of the front page the last time I checked, and now they're higher up. But again, don't trust my memory. =P

If it's any consolation, I'd like to offer the opposite of hacking; heartfelt thanks for providing what I strongly consider to be one of the best online services the furry community has ever had, and certainly the top of its kind. Flayrah is a safe and honest interface between furry fandom and the outside world, and a great source of news and entertainment for our community. Great work. Here's to hoping y'all won't let the occasional juvenile vendetta stop the music.

Trickster

Your rating: None Average: 5 (3 votes)

Comparing the syndication feed on LiveJournal to the main page, I noticed several articles now missing. In addition to an entry for the news article the hacker posted, it has links (that don't work) to the following articles that are now missing:

  • furry.ca apparel returns!
  • Norwegian Paws Forum
  • Furnpike Is Back
  • FC 2005 Theme chosen
Your rating: None Average: 5 (3 votes)

Yeah, I'll have to resubmit that furry.ca article sometime real soon. Fortunately, I didn't write a whole lot in it in the first place. :XP

Your rating: None Average: 5 (3 votes)

When was the last time you patched PostNuke? There was a new vulnerability discovered as recently as April 17.

Hey, it could have been worse. It's not like they rooted the box or anything.

Your rating: None Average: 5 (3 votes)

It's been a while, unfortunately. It's such a pain in the ass, because every new PostNuke update breaks something that used to work in the previous version.

Your rating: None Average: 5 (3 votes)

Do you keep a testing branch of the site, where you are able to experiment with newer components on a private version, while leaving the public version intact? If you don't do that already, you might want to consider it.

Are you on any PostNuke mailing lists? Those often warn of API breakage ahead of time. They also tell you when you need to patch. Such as right now. Again. The newest vulnerability is from Wednesday.

Post new comment

  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <img> <b> <i> <s> <blockquote> <ul> <ol> <li> <table> <tr> <td> <th> <sub> <sup> <object> <embed> <h1> <h2> <h3> <h4> <h5> <h6> <dl> <dt> <dd> <param> <center> <strong> <q> <cite> <code> <em>
  • Lines and paragraphs break automatically.

More information about formatting options

CAPTCHA
This test is to prevent automated spam submissions.
Leave empty.