Thread: Recent Malicious Activity

Page 2 of 4 FirstFirst 1234 LastLast
Results 11 to 20 of 32
  1. #11  
    Registered Member
    Join Date
    Jul 2021
    Posts
    7
    Thanks given
    0
    Thanks received
    2
    Rep Power
    0
    Thanks step dad
    Reply With Quote  
     

  2. Thankful user:


  3. #12  
    Donator


    Join Date
    Nov 2011
    Posts
    784
    Thanks given
    108
    Thanks received
    705
    Rep Power
    5000
    Attached image
    Reply With Quote  
     

  4. Thankful user:


  5. #13  
    Extreme Donator


    Join Date
    Jul 2008
    Age
    31
    Posts
    956
    Thanks given
    186
    Thanks received
    344
    Rep Power
    1060
    Quote Originally Posted by Raw Envy View Post
    Cheers Jay, I'll be making a post at some point on some tips for securing a web server. I know obviously there were some shortcomings in OS-Scape configurations, but this was because of the various flaws in the IPB forum software and the unfortunate event of our admins password became compromised so the hacker had an entry point to exploit IPB's security shortcomings.

    For now, few things that RSPS owners can do to their websites:

    - Use CloudFlare Pro, its $20 a month and gives you a WAF (web application firewall) which has a bunch of useful built in rules to stop common exploits.
    - Only allow addresses originating from CloudFlare IPs
    - Disable all vulnerable PHP functions in your config
    - Ideally avoid IPB, but if you can't just make sure to allow only access for ANY staff member to login by using 2FA not just protected areas (as the admin hacked on OSS was compromised before he setup 2FA and then the hacker setup 2FA)
    - More IPB security tips: https://www.rootusers.com/how-to-sec...wer-board-ipb/
    - Use separate Docker containers for your main site and forum and use a different network interface for each
    - Ensure your folders use the following permission set: directories to 755 and your files to 644
    - Host client links external to your site and code sign where possible
    - Set your allowed file types to only accept images/videos for posts to avoid XSS attempts
    - Ensure you are using up to date application versions

    By the way the way these attacks usually get in, is through forum theme uploads. Don't give ANYONE the admin perm to upload themes.
    Even your most trusted partners or whatever, if they are compromised, their accounts can be used to upload themes as well.

    Another reason I keep pushing everyone to xenforo, it has it's issues but not as dumb as shelling a box through a fucking theme. Also has an incredible api that you can use for auth.
    Reply With Quote  
     


  6. #14  
    DESIGNER

    Lynch's Avatar
    Join Date
    Feb 2016
    Age
    25
    Posts
    235
    Thanks given
    35
    Thanks received
    343
    Rep Power
    5000
    Quote Originally Posted by DayX View Post
    sad to think people still do this kind of thing to servers..
    sadly, in this private server community it will always be an issue. No matter the year.

    O.T: Thank you for the announcement.
    Stay safe everyone, if you ever want to release a server make sure to tripple check everything security related.
    Reply With Quote  
     

  7. Thankful user:


  8. #15  
    Recent Malicious Activity



    Scu11's Avatar
    Join Date
    Aug 2007
    Age
    30
    Posts
    16,307
    Thanks given
    7,215
    Thanks received
    12,308
    Rep Power
    5000
    Quote Originally Posted by DayX View Post
    sad to think people still do this kind of thing to servers..
    More sad that unqualified people are putting their players at risk by not properly securing their servers.

    Attached image
    Reply With Quote  
     


  9. #16  
    Registered Member Deus's Avatar
    Join Date
    Jul 2021
    Posts
    15
    Thanks given
    2
    Thanks received
    9
    Rep Power
    25
    Quote Originally Posted by Scu11 View Post
    More sad that unqualified people are putting their players at risk by not properly securing their servers.
    Yes that is really sad :/
    Reply With Quote  
     


  10. #17  
    No oneRecent Malicious Activity

    Mr. Remix's Avatar
    Join Date
    Apr 2020
    Posts
    117
    Thanks given
    21
    Thanks received
    132
    Rep Power
    1083
    Thankyou
    Discord : Remix#1157
    Reply With Quote  
     

  11. Thankful user:


  12. #18  
    Member Recent Malicious Activity Market Banned


    Luke132's Avatar
    Join Date
    Dec 2007
    Age
    35
    Posts
    12,574
    Thanks given
    199
    Thanks received
    7,106
    Rep Power
    5000
    Quote Originally Posted by Raw Envy View Post
    Cheers Jay, I'll be making a post at some point on some tips for securing a web server. I know obviously there were some shortcomings in OS-Scape configurations, but this was because of the various flaws in the IPB forum software and the unfortunate event of our admins password became compromised so the hacker had an entry point to exploit IPB's security shortcomings.

    For now, few things that RSPS owners can do to their websites:

    - Use CloudFlare Pro, its $20 a month and gives you a WAF (web application firewall) which has a bunch of useful built in rules to stop common exploits.
    - Only allow addresses originating from CloudFlare IPs
    - Disable all vulnerable PHP functions in your config
    - Ideally avoid IPB, but if you can't just make sure to allow only access for ANY staff member to login by using 2FA not just protected areas (as the admin hacked on OSS was compromised before he setup 2FA and then the hacker setup 2FA)
    - More IPB security tips: https://www.rootusers.com/how-to-sec...wer-board-ipb/
    - Use separate Docker containers for your main site and forum and use a different network interface for each
    - Ensure your folders use the following permission set: directories to 755 and your files to 644
    - Host client links external to your site and code sign where possible
    - Set your allowed file types to only accept images/videos for posts to avoid XSS attempts
    - Ensure you are using up to date application versions
    Or ppl can just program rsps to emulate Runescape in a custom scenario so players can have fun, as it was intended, rather than trying to fucking mug everyone off

    Attached imageAttached image
    Reply With Quote  
     

  13. Thankful users:


  14. #19  
    Banned Recent Malicious Activity Market Banned


    Join Date
    Feb 2018
    Posts
    824
    Thanks given
    9
    Thanks received
    236
    Rep Power
    0
    Thanks for the heads up pops.
    Reply With Quote  
     

  15. Thankful user:


  16. #20  
    Retro


    Join Date
    Mar 2008
    Posts
    63
    Thanks given
    30
    Thanks received
    23
    Rep Power
    93
    I am all for progression, but this put another stain on the RSPS community. Security>Marketing
    Reply With Quote  
     

  17. Thankful user:


Page 2 of 4 FirstFirst 1234 LastLast

Thread Information
Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)


User Tag List

Similar Threads

  1. Replies: 53
    Last Post: 09-20-2014, 11:03 AM
  2. My most recent
    By Javotoshop in forum Showcase
    Replies: 2
    Last Post: 06-06-2007, 05:27 AM
  3. Replies: 2
    Last Post: 05-28-2007, 02:11 AM
  4. Recent sigs..Rate them.
    By Da grizzley in forum Showcase
    Replies: 2
    Last Post: 05-18-2007, 02:13 AM
Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •