MFOHome About Commentary Discussions Funds The Best Resources Support Us!

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Categories

In this Discussion

Here's a statement of the obvious: The opinions expressed here are those of the participants, not those of the Mutual Fund Observer. We cannot vouch for the accuracy or appropriateness of any of it, though we do encourage civility and good humor.

    Support MFO

  • Donate through PayPal

the occasional blink at MFO

David_Snowball
edited April 2013 in Off-Topic
Dear friends,

For those of you who don't obsess about the status of the internet's server backbone and such issues, I thought I'd mention that there's been a series of escalating attacks on hosting companies, the folks whose "server farms" serve as the homes for websites such as MFO.

It's a fascinating story. Bad guys used to be content with using viruses to take over individuals' computers and turning them into weapons for transmitting spam or for contributing to attacks on targeted websites. They were referred to as "zombie" computers and folks often didn't even know that their machines were in service to The Dark Side.

Increasingly, bad guys are trying to take over the vastly more powerful computers (called "servers") owned by hosting companies, then using those computers to create vast, coordinated assaults. They seem to be targeting the 60 million sites which rely on WordPress software. If successful, these attacks create "zombie servers, commonly referred to as "botnets." Ars Technica, Friday, 4/12, had a really well-done story on this never-before-seen super botnet.

MFO uses WordPress and our hosting company, Total Choice, has - like many others - been hit with almost daily attacks. Chip monitors our security and noted 28 attempts (including multiple attacks from China) in 12 hours to break into the administrative part of our system. She's added a couple additional layers of security and is now actively reviewing such attempts, rather than waiting for alarms from our software monitors.

Here's the part that's directly visible to you: it's possible that MFO will be intermittently off-line when these attacks hit Total Choice. So far we've been up 100% of the time in four days out of five, but one day of our five might see marked sluggishness in our load times and we'll be unavailable for a few minutes at a time. The vast majority of our outages have been in the one to four minute range, though we were down for 22 minutes about three weeks ago.

Since other hosting companies are also under attack, switching wouldn't gain anything. We have the option of relocating to a private server but that arrangement comes with its own set of risks and vulnerabilities. And so we're doing what we can to guarantee MFO's security and to keep folks aware of what's up.

For what interest it holds,

David

Comments

  • AnnaAnna
    David, Thanks for keeping us informed. Comcast thanks you too since I never blame the website when I can blame Comcast instead. (Actually, I have been lucky and haven't had much problem accessing the site lately.)
  • InvestorInvestor
    Thanks David. Apart from one extended outage last week, I did not see any major issue since then. In fact, I feel the site responds a bit faster recently,
  • AccipiterAccipiter
    edited April 2013
    here's a list to attach to .htaccess in wordpress folder and vanilla folder to block China addresses if you want to add it.
    txt
    txt
    china.txt
    71K
  • ronorono
    Thanks, David,

    It seems that the older I get, the more often I'm offline myself. ;-)

    take care,

    rono
Sign In or Register to comment.