New Server and Hacked In the Same Day
If you visited this site on Saturday from 3Pm to 2AM — you may have been told that the site had a Malware link in it, if you were using FireFox or Chrome as your browser. Those using Explorer didn’t have that problem. It was all just the capper on a tough day of 20 hours in front of the computer.
The day started earlier with getting ready for this site to move off it’s 4-year old server that was dying, with one of the baddest-assed servers to ever be racked. I’ll not bore you with the technical aspects of doing this — but it is suffice to say that is complicated and a PITA. This new server has twice the CPUs, they’re twice as fast; it has twice the memory, and it is faster; and it has a pair of 1TB drives that are RAID mirrored (and UPS backed-up) replacing the 256 GB drives. Speed has been dramatically improved. We were back up at about 2PM Central time.
However, at about 3PM, www.oldhippie.com was being blocked by Google on the Chrome and FireFox browsers. While I was working on that — Google started bringing down my other sites www.NSS-Racing.com and then www.NostalgiaDragRacers.com. It was apparent that by the end of the night all of my sites would be blocked.
We initially thought the problem was something with the new server, and wasted too much time chasing our tail in that direction. It was a pure coincidence. It turns out that I, and thousands of others, had a security hole in OpenX (the software that serves banners) exploited by hackers on Friday night — before the server swap. It took until 3AM to find the 14 different places the database was hacked, and to upgrade the software with instructions that were as clear as mud. Following all that, I had to sign off that the sites were fixed — and wait for Google to re-crawl them and absolved my from my sins.
Today — we’re on a faster server, and all of the problems I’m aware of have been resolved.