Admin

no knows where he is??

Apparently not, Have you tried e-mailing him/PM? Some times stuff happens in real life that will keep people off the forums for a while

...that just has to be shared;

http://www.funzine.nl/media-nsfw/100-sexiest-brunettes/

NSFW!

OK. I'll leave things as they are for now. Apparently an issue with a caching engine we are using. I'll investigate more over the weekend

one final test for today, please.

ok...how about now?

Can you guys try these things again and report back. I've made some adjustments.

How about now?

when i press the bumb function i have to lock in again.

still not fixed

rolli

Can you please try again and see if this happens again?

still seeing this message in the header

Warning: ksort() expects parameter 1 to be array, null given in /home/rwgforum/public_html/admin/sources/classes/output/publicOutput.php(3245) : eval()'d code on line 15

Warning: Cannot modify header information - headers already sent by (output started at /home/rwgforum/public_html/admin/sources/classes/output/publicOutput.php(3245) : eval()'d code:15) in /home/rwgforum/public_html/admin/sources/classes/output/formats/html/htmlOutput.php on line 109

Warning: Cannot modify header information - headers already sent by (output started at /home/rwgforum/public_html/admin/sources/classes/output/publicOutput.php(3245) : eval()'d code:15) in /home/rwgforum/public_html/admin/sources/classes/output/formats/html/htmlOutput.php on line 120

Warning: Cannot modify header information - headers already sent by (output started at /home/rwgforum/public_html/admin/sources/classes/output/publicOutput.php(3245) : eval()'d code:15) in /home/rwgforum/public_html/admin/sources/classes/output/formats/html/htmlOutput.php on line 129

Warning: Cannot modify header information - headers already sent by (output started at /home/rwgforum/public_html/admin/sources/classes/output/publicOutput.php(3245) : eval()'d code:15) in /home/rwgforum/public_html/admin/sources/classes/output/formats/html/htmlOutput.php on line 130

Warning: Cannot modify header information - headers already sent by (output started at /home/rwgforum/public_html/admin/sources/classes/output/publicOutput.php(3245) : eval()'d code:15) in /home/rwgforum/public_html/admin/sources/classes/output/formats/html/htmlOutput.php on line 134

p.s.

every time I add a reply, I get logged off

Still have this problem and is the above text still visible?

Things should be working like they are supposed to now. If you get logged out, just log in again and everything should be fine.

I am trying to figure out why are getting "kicked" out/logged out when they are not supposed to. Can you please post in this thread what you were doing when you got logged out?

Apparently things are not OK if you follow the steps I posted above. I have made some new adjustments to our caching engine. Looks like it was stripping away cookie info on the http-requests. Let me know if you are still thrown out

Howdy boiz and gurlz

Hopefully this should be fixed now. If you are still having problems, do this;

1: At the bottom of the forum, waaay down to the left, there is a link: Delete My Cookies. Click it.

2: Log out

3: Log back in and things should be OK.

See new post further down

As far as I can see, things should be working pretty good right now. What seems to be the problem, Freddy?

No. This is related to other problems, since we are still receiving lots of traffic. This is supposed to be filtered away, but I noticed that some of it slipped through yesterday. Steps have been taken, so let me know if this happens again.

And the second I hit the Post-button, the repair was done and you should now have full access to your PMs again

Mornin' boys. Fix is being applied, so shouldn't be to long before PMs are accessible again.

FYI: Our database server has been acting up a bit this afternoon/evening (GMT), so people might have had problems logging in/being thrown out. This has now been fixed.

Well, I have basically given up to get anything useful out of over 500mb of log files. IP's are from all over the world so either somebody has hacked a lot of computers, this is somebody who either is part of a bot net or have hired capacity from one of the bot-nets around (Google it, if you don't know what a bot net is).

We can speculate all we want about who and why, but I am almost 100% confident that no serious business, like the gen brands, will ever go to this step to shut anything down. Even if they did, the watch forums would be the last places. I can imagine there are hundreds, if not thousand of websites that would be taken down before they would take down "small" operations like us. Besides, it is 100% legal to discuss replica watches and that's what we do here. If they were to do something, they would use the proper legal channels and they would with 100% certainty go after the places where hundreds of thousand watches are being sold.

Hi Admin,

Is your datacenter offering a hardware DDoS protection ? Will be very useful in your case, even if it's expensive...

In France, OVH does this. And it works very well !

Anyways, good luck, DoS is a plague...

Valty

No, they do not offer anything like this, but I am of course working with our datacenter to handle this. In this case, the systems I had in place, managed to hold things of for a while, until the traffic spiked like crazy. For a while, all traffic into "our" system was nullrouted, so that I could set up proper protection in the background, before trying to put things back online. Now things are set up so that the current incoming traffic(Yes, we are still receiving a lot of traffic) is filtered on several levels. We have set up 1 server whos only mission right now is to analyze the incoming traffic and connections per IP and either let it through/block or nullroute the traffic, depending on our filter settings. This comes on top of other tools I am using.

Hey T,

something is not working properly, I have to log in every 5 minutes new!

thats the error message "[#10146] You do not have permission to use the search system." when i go one site back!

can you check this?

thx

Everything is not stable yet and as I posted above, some service won't work properly. You'll just have to be patient and things will start working again

T,

all i can say is . To be able to handle a DDoS like this in such a short period of time is a testament of your IT skills. Specially with the other sites under attack are still trying to figure out how to handle it.

I have no idea why anybody would target us for an attack. The only thing I can tell you for sure is that it isn't any legal businesses that use these methods and I really don't see what anybody would have to gain by shutting the forums down.

Just doing some research before I catch a couple of hours of zzZZzz and as anybody who have experienced an attack like this, it is almost impossible to point any fingers and say "YOU did it" or the attack came from THERE!". If it is a simple DoS, it is easier to both divert the attack and see where it came from, since these attacks usually originate from few sources. When it comes to a distributed attack (DDoS), it is almost impossible, as th attacker usually uses infected computers, spread around the world, to attack.

@krpster

I truly agree with you on the bandwidth issue and I have of course contacted our datacenter about this. We have a fairly big setup there, so I hope they will be able to recognize that this is not something that happens to a lot and we usually stay under our contractual bandwidth allowance.

Hi all

As you might have noticed, RWG has been either down or extremely unstable for the last 24 hours. The reason for this has been a DoS/DDoS attack, targeting our server.

Early morning yesterday, I noticed a rapid increase in incoming traffic targeting our server. I do of course have tools in place that will automagically handle things like this, but a lot of these things will only work up to a certain point. After a while, the traffic was so massive that the server and all services on the server was affected. After receiving almost 1,5TB of traffc in a couple of hours, I choose to nullroute all traffic hittin our IP. Mainly this was done to protect the integrity of our data and to be able to work on the server in the backgroun, as this would free up resources on the server, since rwgforum.com and it's IP seemed to be the target. After having worked on this all through the night, we are now online again, although some of you will probably have had some DNS issues and other issues to be able to access the forum. This is due to the changes that has been done to our DNS cluster and ouor DNS setup to be able to divert traffic/nullroute traffic in a more effecient way. I have just checked out stats and we have received 2.1TB of traffic in the last 16 hours. I haven't started looking at the logs and analyzing things yet, as my main priority has been to get the forum online again and things running stable. There are a bunch of temporary solutions installed, so there might be several things that doesn't work as they are supposed to, but eventually everything will work as normal

A quickshot of our bandwidth stats the last couple of days. Notice anything unusual?

I'll get back to you with more updates later on. Gotta get a couple of hours slee now.

PS Our bandwidth bill this month will be crazy because of this, so I'll start here by reminding you all about our donation form; http://www.rwgforum.com/index.php?app=nexus&module=clients&section=donations

Should be off now.

Suggested reading; http://www.rwgforum.com/index.php?app=core&module=help