|||
Current Website Support
258
Contributors
11
Subscribers
You are Not Registered
Donate for your silver medal πŸ…
Β£10
Β£15
Β£25
Β£50
Subscribe for your gold medal πŸ…
Β£5
Β£10
Β£15
Β£20
You Will Be Helping Towards:

  • Domain Fees
  • Security Certificates
  • iOS & Android App Fees
  • Website Hosting
  • Fast Servers
  • Data Backups
  • Upkeep & Maintenance
  • Administration Costs

    Without your support the website wouldn't be what it is today.

    Please consider donating towards these fees to help keep us afloat.

    Read more

    All donations are securely managed through PayPal. Amounts donated are not published online.

    Many thanks for your kind support
  • Join Us On Social Media!
    Model Boats Website
    Model Boats Website
    Home
    Forum
    Build Blogs
    Media Gallery
    Boat Clubs & Lakes
    Events
    Boat Harbour
    How-To Articles
    Plans & Docs
    Useful Links
    5

















    Followers
    Recent Down Time
    by Fireboat πŸ‡¬πŸ‡§ ( Midshipman)
    πŸ“£










    Click To
    Follow
    12 Posts 11 Replies 1 Photo 13 Likes
    ( Newest Posts Shown First )
    Fireboat
    Midshipman
    πŸ“ Recent Down Time
    Flag
    Country: πŸ‡¬πŸ‡§ United Kingdom
    Online: 3 days ago
    😊 View Profile
    πŸ’¬ Send PM
    It’s ours. Well, kinda Google’s. Auto detection means the Google natural language API picked up negative sentiment in the post content. It’s nothing to do with 1&1.

    Fireboat2 is a testing account I use.

    Stephen
    🚀
    RNinMunich
    Fleet Admiral
    πŸ“ Recent Down Time
    Flag
    Country: πŸ‡©πŸ‡ͺ Germany
    Online: 10 hours ago
    😊 View Profile
    πŸ’¬ Send PM
    Hi Stephen,
    If it's any help I've noticed this Spam reference, see attached screen snip.

    Is the Auto detection mentioned ours or theirs??
    'Fireboat2' ???
    Cheers, Doug
    Young at heart - slightly older in other places πŸ˜‰ Cheers Doug
    Fireboat
    Midshipman
    πŸ“ Recent Down Time
    Flag
    Country: πŸ‡¬πŸ‡§ United Kingdom
    Online: 3 days ago
    😊 View Profile
    πŸ’¬ Send PM
    1&1's feedback upon requesting more detail:

    -----
    Your database was locked due to a spammed table. You'll need to verify the content of the table and clean up the spammed content or it will get locked again. You should also enable security features like a captcha to protect your website from spambot attacks. Cleaning up the tables improves the performance of the database.

    For example: SELECT * from db.Table ORDER BY 1 DESC LIMIT 10;

    Reviewing the table its possible this a false positive. Please review.

    Best Regards,
    Security Team
    1&1 IONOS
    -----

    So all in all, no detail I can work off. Anyone know what a spammed table means? What does spammed content look like? The website already has a captcha system in place, plus bot attack detection. "Reviewing the table it's possible it's a false positive" means 1&1 are admitting their spam detections may have got it wrong?

    Hopefully we've members out there who can help me decode this!

    Thanks,
    Stephen
    🚀
    DodgyGeezer
    Midshipman
    πŸ“ Recent Down Time
    Flag
    Country: πŸ‡¬πŸ‡§ United Kingdom
    Online: 7 seconds ago
    😊 View Profile
    πŸ’¬ Send PM
    "I wonder how many of such actions goes back to the international fight against terrorism.."

    You can actually trace it back to the fall of the Berlin Wall, and the realisation shortly afterwards that an influential community was short of an enemy which justified its existence.

    I try to run my life on fixed principles (which is a foolish thing to do - vide Socrates), and was very unhappy about the Western response to the end of the Cold War. But discussing this would move us into politics, and I cannot see a Politics thread on this site (for which I am deeply thankful!). I will therefore say no more.

    My principles also encompass Richard Stallman's approach to the web, in that everything ought to be freely created. You will note that the four web sites I run neither have adverts nor do they solicit cash donations. People have tried to provide these in the past, and I have turned them away. So I have also established my position on that very many years ago...
    1
    redpmg
    Chief Petty Officer 2nd Class
    πŸ“ Recent Down Time
    Flag
    Country: πŸ‡ΏπŸ‡¦ South Africa
    Online: 1 hour ago
    😊 View Profile
    πŸ’¬ Send PM
    Are we talking shades of Orwell 1984 ?
    RNinMunich
    Fleet Admiral
    πŸ“ Recent Down Time
    Flag
    Country: πŸ‡©πŸ‡ͺ Germany
    Online: 10 hours ago
    😊 View Profile
    πŸ’¬ Send PM
    Evening Dodgy,
    Apart from the 'censorship' you mention.
    I wonder how many of such actions goes back to the international fight against terrorism as well as child porn networks. Not simply censorship but surveillance to track the perpetrators. If so I have no problem with that at all, although I agree that the domain providers might apologise after the event if they, or their 'advisers', got it wrong.
    In such cases they would of course NOT be inclined to give advance warning of an investigation!

    BTW; A word to the wise! I note that you have been a site member since 2009 (congrats. 5 years before me), and your valuable contributions have increased, almost exponentially, since 2017. Retired then perhaps, like me? πŸ˜‰
    You obviously have much to say and a broad range of knowledge and experience to draw onπŸ‘ Welcome to the club.
    I find it though a little disappointing and surprising that you are making more and more use of our platform without contributing to it's upkeep!
    A fiver now and again won't hurt will it?
    'On paper' (🀣) we have over 5000 members, most are inactive or look around once in a while, maybe extract some useful info, but never post or contribute.
    The majority of the posts, blogs and info, as well as the cost of maintaining the site (also 'your' platform in that sense) are covered by a mere handful of us.
    The site costs are not exorbitant but need to be paid.
    Stephen, and his assistants, work for free but domain host etc must be paid for.
    Looking forward to seeing the Contributors Medal of Honour on your avatar.πŸ‘
    Your decision. All contributions are voluntary and the site is free!

    Best regards, Doug 😎
    1
    Young at heart - slightly older in other places πŸ˜‰ Cheers Doug
    DodgyGeezer
    Midshipman
    πŸ“ Recent Down Time
    Flag
    Country: πŸ‡¬πŸ‡§ United Kingdom
    Online: 7 seconds ago
    😊 View Profile
    πŸ’¬ Send PM
    ".....More concerning is that they are even scanning the databases... that does mean they're checking through all user data.............. I personally think it's wrong that they do this. Albeit a robot that does it..."

    Given the current move towards extensive web censorship by the Government, and the consequent legal impact on any site which is held to be in breach, I can see why your web host does this. They could well be following Government direction to do it. They may also be required to secretly report any suspicions they have, like the 'Prevent Duty' for schools. See https://www.gov.uk/government/publications/protecting-childr...

    False positives from this are going to be fun...



    "....If spam is in the database, it's pretty harmless unless it's executed on the website and there are measures in place to prevent code from being surfaced...."

    I wouldn't think of Spam as being executable - if it is I would count that as Malicious Software, and I would have a policy of removing it to a safe repository immediately. And telling the Webmaster...

    There is a balance to be attained between being fairly safe from Web attacks, and being able to operate with minimum disruption. It is up to your host's security team to define and maintain that balance, and they really ought to gain customer agreement and involvement in how they do that.
    https://www.gov.uk/government/publications/protecting-children-from-radicalisation-the-prevent-duty
    πŸ”—
    Fireboat
    Midshipman
    πŸ“ Recent Down Time
    Flag
    Country: πŸ‡¬πŸ‡§ United Kingdom
    Online: 3 days ago
    😊 View Profile
    πŸ’¬ Send PM
    I have requested further information, although not holding my breath that they'll get back with anything useful. A few things have crossed my mind, there are data rows with special characters in them, although this is harmless, lots of emoji's of course, but that's acceptable within the utf8mb4 character set. There are a few blob data types, where json data is stored, none contain anything harmful though.

    More concerning is that they are even scanning the databases... that does mean they're checking through all user data. Not that there's anything overly sensitive in there (I always treat it as public anyway in case it's ever hacked, so no passwords are stored there, no bank details or anything), but there are websites which do store such things. I personally think it's wrong that they do this. Albeit a robot that does it...

    If spam is in the database, it's pretty harmless unless it's executed on the website and there are measures in place to prevent code from being surfaced.

    All web hosts are as bad as each other. They do do some things right, the files are daily backed up, the database will now be daily backed up with the files. Generally the support is quite good, not hours on the phone, more minutes. It's just they generally blame the customer for websites going down before they check if it's them.
    1
    🚀
    DodgyGeezer
    Midshipman
    πŸ“ Recent Down Time
    Flag
    Country: πŸ‡¬πŸ‡§ United Kingdom
    Online: 7 seconds ago
    😊 View Profile
    πŸ’¬ Send PM
    "The hosting company say the database was locked by the security team as SPAM content was detected in the forum table. Getting it unlocked proved slow and now it is unlocked, I can't see any issue with it."

    That raises a lot of questions!

    Did they know that locking the database would drop the site for 24 hours? If not, they made a technical error. If they did, I would like to see the security justification for this.

    Malicious software - maybe close down the site if you can't clean it immediately.

    Spam - surely inform the webmaster and ask what should be done? The spam would have to be very bad to take the site off-web. And surely you would be able to show the webmaster what the problem was later?

    I wonder if there was a technical balls-up and this is a convenient excuse? Security is NOT about closing things down if you hear a rumour that there might be a problem - it's about running a business so that there are no nasty surprises. The security team is responsible for running a service just as much as the ops team are. Security should be running things safely - with the accent on 'running'. If they don't, they are just another DoS threat.

    I would ask for a report from security which includes the reason for the locking decision...
    3
    Brianaro
    Petty Officer 1st Class
    πŸ“ Recent Down Time
    Flag
    Country: πŸ‡¬πŸ‡§ United Kingdom
    Online: 31 minutes ago
    😊 View Profile
    πŸ’¬ Send PM
    Better safe than sorry I guess, keep up the good work Stephen
    2
    Show 2 More Posts



    About This Website
    Terms of Service
    Privacy Policy
    Cookies used in this website are gluten free, wheat free and dairy free. By using this website you agree to our use of cookies. More Info