So as you have noticed all of our web services have been down for a couple of days. This was caused by Drupalgeddon which was a critical vulnerability in the drupal content hosting platform. The vulnerability affected all versions of drupal including the one tha we used to host our homepage which again caused our server to get infected by some malwares. What these malwares did was redirecting you to advert sites and use CPU while browsing the page to mine bitcoin.
What have we done
After cleaning our the malwares from the site i made a decission to completely wipe out our server and rebuild it from a clean install. This was a precaution to make sure that no infected files will follow us over to the re-installed server. The server is now back up and sites and services are beeing installed on it as i have time.
I also decided to let go the drupal platform and change to use wordpress instead. The primary reason for this is that because how i had the system built with auth linked to the homepage and the forums it was a major pain in the ass to update core files on the drupal system. Secondly updating drupal core is poop without the things mentioned earlier compared to wordpress. As the third reason the drupal and forum link i used to use forced me to run a weird setup with old php versions and modules running on some sites while operating the rest of the sites with the new stuff. While this doesn't cause any security issues its a major pain in the ass when trying to code something or add new sites/services.
What do you need to do
As no files are moved over to the new server from the old one it also means that once again you will have to re-register on all of the services. I know that this is a shitty thing to ask from you for the 10th time or so but I still prefer to make sure our system is clean instead of playing nice and just moving your old accounts over.
Besides of securing the server asking you to re-register will make sure that all of the roles and accounts are linked correctly. This is important as we will now have a working forum including a new platform for news post.
What will happen next
As you can see a lot of pages and content is still missing from our sites but as time goes by and i have time i will keep on adding it back there manually.
Depending on how flexible the new wordpress system is we will either have the old role based content system directly at the main homepage like we used to have or then we will start to use the forums for sensitive role or corporation restricted content while using the homepage for static content such as guides, general news and explaining what SiCO is.
As this is a public forum i will not be covering any ingame events in here but as some members have moved out with HANKY to try a new life there is a lot of work inside EVE to do, which i will be focusing after the core sites and services on the server are running (a post to follow).
- www.silentcoalition.com site infected by a drupal core vunerability later labeled as Drupalgeddon 2.0
- Intentional decission to wipe out the whole server to make sure every site is clear
- No old files are moved over
- Re-register on AUTH (sorry) and activate the services & apply for roles
- Latest versions of different platforms now in use due to drupal not bullying me with its old version
- Wordpress for main homepage and phpbb forums (this forum) for corporation or role restricted content