PDA

View Full Version : Tome forums hacked


Sir Crashalot
August 27, 2009, 01:02
Just went over there and it seems that some idiot has accessed Darkgods account and is currently destroying the forum over there.

pav
August 27, 2009, 06:10
Well, guess the time has come to take it down completely.

Pete Mack
August 27, 2009, 06:18
forums.t-o-m-e.net, we hardly knew ye. Long live forums.t-o-m-e.net.

To ToME players:
welcome back!

IMHO, de-balkanization is a good thing.
(I still mourn rgra, but any move towards reconsolidation is a good thing.)

pav
August 27, 2009, 07:04
You know, I don't mind ToME (or NPP or any other variant) having a separate forums. The problem with ToME ones is lack of maintenance and bad choice of software engine.

I have disabled DarkGod's forum account for now, to see if that helps with the abuse a little.

Nerdanel
August 27, 2009, 11:57
The problems seem to have stopped with DarkGod's account gone. I hope there are backups since most of the threads on the forum got deleted.

I would like to keep the old forum. This place feels cramped.

pav
August 27, 2009, 12:37
I only keep last nighty backup, for recovery in case of hardware failure. So that's probably not very helpful for you.

LCC
August 27, 2009, 14:21
I have been playing Tome for three days now instead of Angband. Last night I created a user account there. A few minutes ago I checked there and was unable to log in. So I created my account again. But from what is being said on this thread, I guess that there is no point to having an account there too. Right???

Nerdanel
August 27, 2009, 14:26
The threads that remain are the newest ones. So if you could somehow merge the contents that would be great. If not, setting the forums back to yesterday wouldn't be so bad.

Xandor Tik'Roth
October 3, 2009, 13:46
I don't know if I'm too late to jump in on this, but I'm the other Admin on the ToME forums. If there's anything that I can personally do to ensure the continued survival and support of the forum, let me know.

pav
October 5, 2009, 10:05
It's using eight years old, insecure version of phpBB, so the first step need to be a migration to up-to-date phpBB, and keeping it patched. Second step is solving the problem with autospammers signing up accounts, so either put a working captcha in place (is there anything that works for phpBB? I don't know) or moderating new users over first few posts. Then we can think about re-enabling sign-ups.

fph
October 5, 2009, 11:32
Second step is solving the problem with autospammers signing up accounts, so either put a working captcha in place (is there anything that works for phpBB? I don't know)

I suggest http://bbantispam.com/tc/ . It is the simplest thing you could imagine but has worked like a charm on a forum I moderate.

pav
October 5, 2009, 11:54
I suggest http://bbantispam.com/tc/ . It is the simplest thing you could imagine but has worked like a charm on a forum I moderate.
That might be worth a shot.

Xandor Tik'Roth
October 6, 2009, 10:36
As far as I have been updated, one of the mods has put into place something that allows us to block 99% of the spam accounts that come in. As for updating, I think that I could do it. I'll have to do some more research to see what this requires, though...

pav
October 6, 2009, 10:39
As far as I have been updated, one of the mods has put into place something that allows us to block 99% of the spam accounts that come in.
Actually it never got finished. The guy just dropped the ball.
As for updating, I think that I could do it. I'll have to do some more research to see what this requires, though...
You should be familiar with PHP and some basic sysadmin skills. It's not rocket science.