Upgrade to phpBB3 3.2.8: January 2020

This was posted to the main site this morning:
https://cefresearch.ca/phpBB3/viewtopic.php?f=2&t=16067

There is a new upgrade (minor it appears) to version 3.2.8 from 3.2.7.

It did not implement properly yesterday, so I reversed the process. That in itself was in interesting learning experience!

I checked up on the issues others have had and it appears we are not alone, so there is a published solution. I am going to leave that until later so as not to risk messing up the system for the weekend.

Remember, any time there are issues about an upgrade, there is a notice published on the BLOG at http://cefresearch.blogspot.ca/ 

The purpose of that is to have a place to post important notices that are not affected by the cefresearch.ca main site.

That's all for now ... stay tuned!

Richard

Update Progress Sunday 1 September 2019

Completed Part #1 as of 0735 EST Sunday September 1, 2019:

1. Backup of complete database - the biggest task
2. Update from phpBB3.2.5 to phpBB3.2.7 - fairly easy as tested it all yesterday and knew the process

Next to do:

1. Install the new [media] system.

Please note that once the new MEDIA EXTENSION is installed it takes a number of hours before it can be used as the system must parse itself.

I will let you know when it is working and how to use it. It replaces [youtube] and all the other MEDIA (video and audio) - an extensive list of services!

Upgrade to phpBB3.2.7 - Sunday September 1st 2019

I have finished testing the upgrade to the new phpBB3.2.7 version on my test site. It appears to have eliminated the LOG-IN problem, including the ACP which was driving the Admin team nuts.

It also allowed me to install the [media] [/media] extension, which replaces the BBCode for [youtube]. I don't have that working perfectly yet, but at least I was able to get it installed. There seems to be some issues with the PERMISSIONS settings, so I have gone back to the CROWD to look for a solution. It is a known issue, I just need some clarification. Details are here in my post:

FAQ #2 Clarification Please - phpBB Media Embed PlugIn

That comes from a FAQ post made by the authors of the extension here:

Why can't Users Use The [media] BBCode?

I am up early in the morning so I will probable do the CEFSG change tomorrow morning between 5 and 6 am EST.

REMEMBER if there are any serious issues, I will post that here:

http://cefresearch.blogspot.com/

Members are encouraged to bookmark that site, as it is used if there are any major issues with site access.

Forum Upgrade and Backups are Underway

The process of backing up the forum database and then switching over to phpBB 3.2.5 from phpBB 3.0.14 started at 5:10 am EST of Thursday January 31, 2019.

1. Backups of the database were made by our host at http://register.ca as well as a number of variations of backups made here at the CEFSG. This is the most critical of all the steps in the process, as our database is SO LARGE. It has been the CEFSG policy to retain ALL POSTS in the system.
2. The BOARD has now been closed so that internal changes can be made to return it to its original style. This removes any modifications we have made to the board over the past number of years, thus improving the chance that the conversion of the system will go ahead smoothly. I am sure there will be some "bumps" along the process. This is a MAJOR upgrade, unlike any we have done in the past, as it is NEW software not just MODIFIED software. Many of the features from the past will disappear until a process to return them is developed.
3. Back in operation. There is still an issue with the FORMAT error reports, but at least now I have found the answer:
   
   https://www.phpbb.com/community/viewtopic.php?t=2474971
   
   You will see that topic says it "corrects itself", which I have already seen happening. I also know how to manually correct a post that does not fix itself.
   
   I have been working on the CLI (Command Line Interface) using PUTTY for a few days now, however it is new to me and I am on the "learning curve". Until I have that resolved, better to let the problem correct itself.

Planning Ahead

I have asked Mike at Register.ca if Thursday January 31, 2019 would be a good morning to lock the site for a period while they back up all the databases directly within their system. 

That is FAR SUPERIOR to me making a backup off-site. 

I will do that anyway but better safe than sorry.

If that date works for them, I will shut down the sites at or before 6 am on Thursday morning and open them up as soon as possible thereafter.

IMPORTANT 2019 UPGRADE ANNOUNCEMENT - PLEASE READ

The dreaded day has come. For some time we have enjoyed the comfort of our CEFSG FORUM operating under the software system of pHpBB Version 3.0.14. It was the last and most stable of the 3.0 system and it did us well since the transfer to cefresearch.ca back in 2015.

Yesterday I received this message from our HOST at Register.ca:

Mike wrote:

Hi Richard,

This is a quick note that we will be having a temporary switch to 7.2 in a couple of minutes at 4.00 PM EST for the cluster that hosts your website. It will go back to PHP 5.6 at 4:30 EST

Note this is a good opportunity to check your application for compatibility issues and take note of any section of the website that might not be functioning properly. I have a report that shows at least one component of your website PHPBB requires attention.

This is just a reminder that our datacenter will not allow PHP5.6 after Feb 17, 2019.

Thank you for your inquiry.

Your Register.ca-Team
Mike

We have received considerable support from Mike and the team at Register.ca, most recently when we had the BOT attacks in December 2016 and into the Spring of 2017. As such, I am sure I will be able to count on them as we make the transfer to the new system.

Although the terminology looks similar, their reference to PHP 5.6 changing to PHP 7.2 is not the same as our need to transfer from pHpBB 3.0.14 to pHpBB 3.2. The first reference is to what is on the servers at Register.ca and the second is to the software that we use at cefresearch.ca.

Any of you that were on the system yesterday afternoon when they ran the test would have seen what happened - the pages came back flooded with ERROR reports. You would have seen a lot of text that appeared similar to this:

Code:

[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 370: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 5282: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3903)

In the past, I have taken our pHpBB system through a number of upgrades, through all the 1.0, 2.0 and up to 3.0.14 which is the current system. All of these upgrades were made possible with a somewhat simple upgrade package. The upgrade we now must complete is a FRESH INSTALL of new software and then the TRANSFER of all the past information in the DATABASE. Any of the MODs (those are special MODULE packages that control "extras" on our system - i.e. the SUPPORT TOOL KIT) can NOT be upgraded automatically. They must be removed and then manually upgraded at a later date (I hope!). The day-to-day user would not be aware of these MODS, so it probably will not impact the user.

At present I do not know what other MOD packages would be impacted. I suspect it will be in items such as the STYLES that are shown at the top of the page when you are making a post. These are the components of the STYLE MOD that allows you to insert images, make tables, insert a video, etc. All of those we created AFTER the main pHpBB system was put in place.

Fortunately we have a month to complete this task. To do this, I create a new directory (with a different name) such as http://cefresearch.ca/upgrade/ to which I download the new software and begin the upgrade process. I will start working on this in the next week on a "test basis", so you will not see that in progress until I am able to publish a TEST PAGE LINK. All the main structure would thus be built and tested BEFORE the transfer of the site. Then comes TRANSFER DAY! First of all. I must back up our existing database and all the files, then move those to the new system. This would probably happen early one morning when we have shut down the main system. If it all works well, it would be a seamless process. It may not be perfect at first, but we will sort it all out.

The change also has a significant impact on the WIKI system at http://cefresearch.ca/wiki/ as our current system is not at all useable on the new PHP 7.2 server system. There is a page that tells me we will have to upgrade the WIKI to MediaWiki 1.3.2. See "Software required to run MediaWiki" on this page:

https://www.mediawiki.org/wiki/Compatibility

This is what would happen if we went to run the WIKI without an upgrade, after they changed the server: (Register.ca has provided with a method to test the conversion of our old sites with this format)

http://www.cefresearch.ca.php72-27.phx1 ... /Main_Page

Amazingly, the original MATRIX that was made in 2006 with Microsoft FrontPage appears to work with the new PHP 7.2 software, probably because it is very basic HTML programing that is not impacted by all the fancy code packages and MODS. You can see the test of the old MATRIX system here:

http://www.cefresearch.ca.php72-27.phx1 ... ginal.html

PLEASE MAKE SURE that you BOOKMARK the Blog Site for the CEFSG that we use to make announcements when we are having system problems. You will find that at:

http://cefresearch.blogspot.com/

I will put a copy of this message on that site and then post any major notices as we go through the process. If there is a major change as to how to LOG IN, for example, it would be placed in that location.

If you have personal research on the site, or pages of information you frequently use, PLEASE make sure you copy (back up) any of that information so you have it for the future. For example, I keep a list of the commonly used HELP or INFORMATION pages. You can click "PRINT VIEW" in the top menu of any page and then PRINT the page (to a printer, a PDF file, or whatever else YOUR system allows). You can also ""Right Click" on any of those pages and VIEW or SAVE the Source File, or select "Save As" to save the page as a web page or HTML.

That is all for now,

Richard

Just a reminder - if access is blocked to http://cefresearch.ca

There have been some recent messages about blocked access to the CEFSG sites. This most likely relates back to the Great Bot Attack of last December and January, and the need to block some of the IP addresses.

There is a notice on this blog here:

http://cefresearch.blogspot.ca/2017/03/we-are-stable.html

That explains how to retrieve you IP and send it to me to fix any problems.

Please bookmark the blog address and check in whenever you have a problem with the main site. The blog is on a different system and is not affected by the IP blocks.

http://cefresearch.blogspot.ca

Best wishes to all for 2018!

I will post a copy of this message on the forum as well.

Richard

CEFSG System Backups November 22, 2017

A complete backup of our 3 main systems was made this morning:

1. Wordpress site: http://cefresearch.ca

1. Wiki: http://cefresearch.ca/wiki

1. Main Forum: http://cefresearch.ca/phpBB3

This was completed prior to upgrading the Wordpress site to 4.9.

Sooner or later we are going to need to upgrade past phpBB3, I dread the day! At that time, we have to switch to a new system of pHp that is not directly upgradable.

If anyone notices any issues after today, please advise.

Remember also that at any time there are issues, a posting is made to our blog. The web or forum can be down, but you can still access the blog as it is a completely separate system. I believe in redundancy!

CEFSG System Backups June 8, 2017

All CEFSG Systems received a FULL BACKUP this morning. I had near heart failure when I saw the message that there was a "[i]Maria Database Error - In Read Mode Only[/i]". I immediately went into the system and backed up the Forum, Wiki and Wordpress sites. Each of those are backed up using both the internal program backup system and [url=https://mysql.dfw1-2.websitesettings.com/?server=mysql51-021.wc2]phpMyAdmin[/url].

As it turned out, it appears it was a temporary "burp" at the server and the site(s) were fine. By the time I had completed the backups, everything was back working perfectly - so it appears.

Please let me know ASAP if anyone sees any issues on any of the three (3) sites:

• http://cefresearch.ca
• http://cefresearch.ca/phpBB3
• http://cefresearch.ca/wiki

Please remember (and bookmark) our blog site at http://cefresearch.blogspot.ca as that is where any notifications are posted if there are ever any site problems.

We are Stable!

All appears to be well and we have reactivated the Google Bot and if there are no problems we will allow the Bing Bot as well.

Remember to ALWAYS come to this Blog if you have problems with the CEFSG site, as when it is down or not available to you as an individual, we post the notice here.

For those that they find they do not have access, remember that we have a number of IP addresses blocked. To OPEN yours, you have to send me your IP address, User Name and local geographic address - as we have a number of international users. There are many sites that provide this - for example:

https://whatismyipaddress.com/

http://whoisip.ovh

Once I received that and confirm that you are a member, the IP address is cleared.

If you have a DYNAMIC IP instead of a STATIC IP you may have to file a notice again until we narrow down your area.

Update of the Great Bot Hunter for January 9, 2017

The .htaccess file has been changed to remove blocks on members that have reported in, plus the addition of new blocks on a number of new sites from Eastern Europe and Russia.

I have not repeated the list of blocks here but if anyone wants it, just ask. If you do not have access please remember to send me an e-mail to:

cefmatrix@gmail.com

Two other major steps were completed today:

1. The posts on the MAIN FORUM that deal with this issue have been moved to a MEMBERS ONLY section of the web site. That means that if you are not a member you do not even know that area of the forum exists.
   
2. The CEFSG WIKI has been under increased attacks since the FORUM blocks were put in place so that is the one that is now PASSWORD protected. You need to enter both the correct USER NAME and PASSWORD to get into the Wiki. It has now been accessed by a member so I can confirm it is working - yahoo! That is not a simple process. Details on how to gain access is provided in the new MEMBERS ONLY section, as we don't want to publish that here on an open forum.

The size of the log file was significantly reduced today, which I take as a good sign. The really BAD BOT "SEMrushBOT" is not going down without a fight as it made 18,746 attempts to get into the site yesterday - all of which were successfully blocked. There were 36,582 entries in total, many of which were Google and Bing bots that are now rejected as well. Basically, if you are a BOT then "BUG OFF"for now and we will reconsider you later. GOOGLE and BING are "good bots" but for now we have to keep everyone away until we get this under control.

Lastly, we have had some very generous donations to the RESERVE FUND so I extend my thanks to all involved. As requested at the start of the DONATIONS program, the names of the donors are not identified publicly. Each donor "should" be receiving an automated confirmation e-mail once a donation is received.

Hopefully all of this will come to an end soon, it has been an annoyance to say the least!

Richard

Changes for January 8, 2017

The .htaccess file has been changed to include these items:

# from Register.ca for Semrushbot 46.229. and then RVL added many from log of 6 January 2017 using Excel spreadsheet to sort into large groups
# bingbot is 157.55.39.104 and then added just 157.55.39. as many others used; 207.46.13.10
# mj12bot found in large group from 163.172.68.136 - on Sunday 8th made the block on 163.172.68. to catch all the rest (drop the .68.136 at end); also 46.4.32.75
# Domain Re-Animator Bot 167.114.156.198
# BoogleBot is 52.90.230.103 - very large amount on 6 January 2017 from IP in Seattle USA
# profound.net/domainappender trying to read .htaccess file 54.147.153.234
# downloading wiki from London UK 62.210.148.247; France 91.121.97.49
# large downloads from this Windson IP so temp block 70.51.99.113
# blocked any large groups from China, Russia, etc. also large group from Germany - Russia 5.255.250.66; Kiev 82.193.100.107; 91.200.
# Amsterdam 46.229.
# Sunday 8th added a large block of easter europe all in the 178. range; China 180.
# Sunday a very large download in Edmonton from 50.71.222.81 - system files
# list Google sites here: 66.249.73.142 - that did stop earlier as 66. was blocked, block 66.249 in case need to open 66.
# list Yahoo sites here: 68.180.228.157
# xpymep.exe at 146.158.83.16; 90.154.70.102
# THESE ONES HAVE BEEN OPENED AFTER THE INITIAL BLOCK WAS PUT IN PLACE
# 67 (Ted Walshe, Montreal & Neil Burns); 69 (Diane Johnson Brantford - changed Sunday new IP); 124 (Mark, Australia)

Require all granted
Require not ip 10.8.163.19
Require not ip 10.8.174.151
Require not ip 104.140.
Require not ip 2.
Require not ip 5.196.167.230
Require not ip 5.9.94.207
Require not ip 5.255.250.66
Require not ip 10.
Require not ip 10.8.
Require not ip 11.
Require not ip 12.
Require not ip 13.
Require not ip 14.
Require not ip 15.
Require not ip 16.
Require not ip 17.
Require not ip 18.
Require not ip 19.
Require not ip 46.
Require not ip 46.229.
Require not ip 50.71.222.81
Require not ip 52.90.230.103
Require not ip 54.147.153.234
Require not ip 61.
Require not ip 62.
Require not ip 62.210.148.247
Require not ip 63.
Require not ip 64.
Require not ip 65.
Require not ip 66.
Require not ip 66.249.
Require not ip 66.249.73.142
Require not ip 68.
Require not ip 68.180.
Require not ip 70.51.99.113
Require not ip 77.248.252.113
Require not ip 82.193.
Require not ip 90.154.70.102
Require not ip 91.121.
Require not ip 91.200.
Require not ip 104.
Require not ip 104.140.
Require not ip 106.
Require not ip 107.
Require not ip 108.
Require not ip 109.
Require not ip 110.
Require not ip 111.
Require not ip 112.
Require not ip 113.
Require not ip 114.
Require not ip 115.
Require not ip 116.
Require not ip 117.
Require not ip 118.
Require not ip 119.
Require not ip 120.
Require not ip 121.
Require not ip 122.
Require not ip 123.
Require not ip 125.
Require not ip 126.
Require not ip 127.
Require not ip 128.
Require not ip 129.
Require not ip 133.130
Require not ip 144.
Require not ip 146.
Require not ip 151.237.
Require not ip 151.80.
Require not ip 154.20.7.7
Require not ip 157.55.39.104
Require not ip 157.55.39.
Require not ip 163.172.
Require not ip 165.231.
Require not ip 167.114.156.198
Require not ip 173.234.159.250
Require not ip 178.
Require not ip 180.
Require not ip 207.46.13.10
Require not ip 207.81.234.223


As well all these bots are blocked. The first line is supposed to block all bots with the "*" but many seem to get around this process:

User-agent: *
Disallow: /
User-agent: mj12bot
Disallow: /
User-agent: SemrushBot
Disallow: /
User-agent: SemrushBot-SA
Disallow: /
User-agent: dotbot
Disallow: /
User-agent: Slurp
Disallow: /
User-agent: ChinasoSpider
Disallow: /
User-agent: ToutiaoSpider
Disallow: /
User-agent: Yahoo Slurp
Disallow: /
User-agent: YahooCacheSystem
Disallow: /
User-agent: Sosospider
Disallow: /
User-agent: bingbot
Disallow: /
User-agent: EasouSpider
Disallow: /
User-agent: JikeSpider
Disallow: /
User-agent: YYSpider
Disallow: /
User-Agent: YoudaoBot
Disallow: /
User-Agent:360Spider
Disallow:/
User-Agent:360Spider-Image
Disallow:/
User-Agent: sogou spider
Disallow: /
User-Agent: Sogou web spider
Disallow: /
User-Agent: MJ12bot
Disallow:/
user-agent: AhrefsBot
disallow: /
user-agent: YRSpider
disallow: /
user-agent: 360spider-image
disallow: /

SYSTEM CHANGES: Saturday January 7, 2017 $$$$

Unfortunately the BOTS have not only continued to ATTACK but they are growing in number.

Changes made to date have significantly reduced our "compute cycles" but we are still way over the limit and the costs are increasing daily. You can see the effect the changes made to date have made in the graph:

https://www.mediafire.com/convkey/87ef/i1r78skw21rv1kb6g.jpg

Our compute cycles have dropped from 2500 a day to less than 600 a day and our bandwidth has dropped from 4000 to less than 800. That is from blocking some of the worst offenders.

The PROBLEM is that we are only allowed 3000 compute cycles for the WHOLE MONTH period, which runs from the 22nd of Month A to 21st of Month B. Additional charges for the period 16 November to 15 December were $360.26 so there will be another large charge for December-January. We normally pay less than that for the whole year!

A few of you know that I was making changes to increase the BLOT BLOCKAGE today, as I made a typo and the server crashed. That was quickly fixed and from that point on I tested out all the files on a blank directory before they are set to load on the site here. That work is all done and the files are going to be loaded shortly. I do check to see that there are not too many people on the system when I make that change but unfortunately I can not account for someone who is logging on at the exact same time the files are uploading.

The new .htaccess file that carries all the new blocking code will be blocking a large number if IP addresses and ranges of IP addresses associated with what appear to be the main offenders. We have tried other less severe approaches and the BOTS are bypassing them easily. Neil found a way to just say "NO BOTS PLEASE" and they continued the attack. It could be it takes a few days but at the rate the costs are increasing we have to take every step possible.

IF YOU FIND that you are blocked, then I hope that you remembered to bookmark the site where the announcements are posted here: 

http://cefresearch.blogspot.ca/

as I will post a copy of this message at that location. I will put in the e-mail address for the MATRIX in case you don't have that, then you can send me a message with your I.P. address so I can exempt that block.

Find your IP address: http://whoisip.ovh

I will also provide a list of blocked addresses to date at that location. Doing that here would just let the BOTS know who is being blocked.

I also need to you to tell me if any of you are using these IP addresses as they appear somewhat normal, of origin in the USA or Canada, but are associated with what appear to be large data downloads:

Halifax 142.177.247.89
Winnipeg 142.161.238.42
Ottawa 131.137.88.71
Melbourne Australia 124.191.103.90 (might be the Diggers)
Saskatoon 128.233.6.93
Redmond Kansas 131.253.24.140
Calgary 137.186.55.136
Tatamagouche (N.S. or P.E.I?) 142.134.66.130
Brantford 50.100.61.223
Edmonton 50.64.149.31 or 50.68.152.77
Windsor 70.51.99.113 (that is now blocked as it does not appear to be HUMAN - if you are call home!)

I will post this now and come back at 3:00 pm EST to upload the new blocks. You might want to finish any posts you are working on now prior to that time, JUST IN CASE! It should work cleanly but better safe than sorry.

Stay tuned to the other announcement site over the next week or until further notice, as if this keeps up and the blocks DON'T WORK then we will probably need to block the site, or we will go broke.

I have already sent in a submission to a VPS PROVIDER (http://vpsville.ca/) to determine what is involved (and costs) to switch to a VPS (Virtual Private Server) system. I know nothing about those, other than what I have read, and I do not know if I would have the necessary skill set or time to operate such a system. I have not heard back from this as of this date. Reading tells me there are MANAGED VPS and STAND ALONE VPS and so if we can get a MANAGED system, it might be okay. Best is if we can stay where we are now if we can beat the botters to death!

Fingers crossed, now also crossing toes,

Richard

ADDED TO THIS BLOG POST ONLY

Here is "section" the file that is now on the system to do the blocking. If you see one that is a short version such as "Require not ip 124." that means that it is blocking any IP that starts with that series of numbers. If your IP has any of the front numbers on the list you have to let me know by e-mail to cefmatrix@gmail.com.

# from Register.ca for Semrushbot 46.229. and then RVL added many from log of 6 January 2017 using Excel spreadsheet to sort into large groups
# bingbot is 157.55.39.104 and then added just 157.55.39. as many others used
# mj12bot found in large group from 163.172.68.136
# Domain Re-Animator Bot 167.114.156.198
# BoogleBot is 52.90.230.103 - very large amount on 6 January 2017 from IP in Seattle USA
# profound.net/domainappender trying to read .htaccess file 54.147.153.234
# downloading wiki from London UK 62.210.148.247
# large downloads from this Windson IP so temp block 70.51.99.113
# blocked any large groups from China, Russia, etc. also large group from Germany

Require all granted
Require not ip 46.229.
Require not ip 10.8.163.19
Require not ip 10.8.174.151
Require not ip 10.8.
Require not ip 104.140.
Require not ip 107.
Require not ip 108.
Require not ip 109.
Require not ip 110.
Require not ip 111.
Require not ip 112.
Require not ip 113.
Require not ip 114.
Require not ip 115.
Require not ip 116.
Require not ip 117.
Require not ip 118.
Require not ip 119.
Require not ip 12.106.
Require not ip 120.
Require not ip 121.
Require not ip 122.
Require not ip 123.
Require not ip 124.
Require not ip 125.
Require not ip 126.
Require not ip 127.
Require not ip 128.
Require not ip 129.
Require not ip 144.
Require not ip 146.
Require not ip 151.237.
Require not ip 151.80
Require not ip 157.55.39.104
Require not ip 157.55.39.
Require not ip 163.172.68.136
Require not ip 165.231.
Require not ip 167.114.156.198
Require not ip 17.
Require not ip 18.
Require not ip 5.196.167.230
Require not ip 5.9.94.207
Require not ip 52.90.230.103
Require not ip 54.147.153.234
Require not ip 61.
Require not ip 62.
Require not ip 62.210.148.247
Require not ip 63.
Require not ip 64.
Require not ip 65.
Require not ip 66.
Require not ip 67.
Require not ip 68.
Require not ip 69.
Require not ip 70.51.99.113
Require not ip 77.248.252.113


This may be duplication, but is also added to the .htaccess code as some can ignore the IP address blocks. These are the NAMES of the ones that I have found so far that are the main offenders:

# RVL added December 31, 2016 as Semrushbot is still invading the site
# found here: http://stackoverflow.com/questions/23631872/ban-robots-from-website
# they say "Also you can do this little trick, deny ANY ip address that has "SemrushBot" in user agent string"
Options +FollowSymlinks
RewriteEngine On
RewriteBase /
SetEnvIfNoCase User-Agent "^SemrushBot" bad_user
SetEnvIfNoCase User-Agent "^Slurp" bad_user
SetEnvIfNoCase User-Agent "^dotbot" bad_user
SetEnvIfNoCase User-Agent "^Googlebot" bad_user
SetEnvIfNoCase User-Agent "^bingbot" bad_user
SetEnvIfNoCase User-Agent "^mj12bot" bad_user
SetEnvIfNoCase User-Agent "^ToutiaoSpider" bad_user
SetEnvIfNoCase User-Agent "^YandexBot" bad_user
SetEnvIfNoCase User-Agent "^domainappender" bad_user
SetEnvIfNoCase User-Agent "^bogglebot" bad_user
SetEnvIfNoCase User-Agent "^WhateverElseBadUserAgentHere" bad_user
Deny from env=bad_user

In the event that you understand any of this, then I can tell you that the following code was also added to CACHE the files on the site so they are not downloaded from the server every time someone visits a post:

# ADDED from http://www.fastcomet.com/tutorials/phpbb3/performance-optimization 28-12-2016
## EXPIRES CACHING ##

ExpiresActive On
ExpiresByType image/jpg "access plus 1 year"
ExpiresByType image/jpeg "access plus 1 year"
ExpiresByType image/gif "access plus 1 year"
ExpiresByType image/png "access plus 1 year"
ExpiresByType text/css "access plus 1 month"
ExpiresByType application/pdf "access plus 1 month"
ExpiresByType text/x-javascript "access plus 1 month"
ExpiresByType application/x-shockwave-flash "access plus 1 month"
ExpiresByType image/x-icon "access plus 1 year"
ExpiresDefault "access plus 2 days"

## EXPIRES CACHING ##

If you think I actually know what I am doing, think again! I go read about it on the web, try it out, and then sit back to see if it works. If anyone really knows how to do all this stuff, then you could be a big asset to the team! If you see line of code that starts with a # that means that line is just a note and is not read as code. There you will see I put in the URL of the information that I may have found on the web that tells me what I should do to fix the problem. Very often I have no idea what they are talking about so I have to learn that first.

Added later:

The file was uploaded at 3:02 pm EST and the site is still alive! Whew!

The blocks are now in effect.

Blocking the Attackers!

We are being hit by a number of different users but I do not know why. Our host "Register.ca" has blocked what appears to be the primary offenders that are arriving here from an IP address that is of the form:

46.229.*.*

I just checked on one, which first I had to learn how to do, and yes it is a blacklisted site:

http://whoisip.ovh/blacklist/46.229.168.74

A new file has now been placed on our server where we can add in the addresses that we want to restrict, but that means checking the logs on a daily basis, checking where they are coming from (why would also be nice but I have no idea how to do that - Peter?) and then blocking them. They then receive a "403 response" which means "access denied".

It would seem to me that the better alternative is to only allow certain IP addresses but that is another question for another day.

For now, we will have to BLOCK anything that looks suspicious and that might mean blocking a valid member if they are in that block. If that happens you will have to send me a message so we can investigate. Of course that means that I hope that you have read this post so you know to do that! I will copy this over to the BLOG that we use to notify members of issues:

http://cefresearch.blogspot.ca

Make sure you BOOKMARK that site so you know to go there whenever there is a problem.

I must now go and check the logs (they are massive lists!) and see who has been attacking the site.

It appears this has to be done for the phpBB3 forum as well as the wiki site.

Richard

Please note that I know nothing about this so I am "learning on the fly". This could be the start of a major shift as to how we operated this forum as volunteers. These attacks cost us BIG $$ as we are billed for all the OVERAGE so this is not just a case of an inconvenience.

The daily logs have to be checked and they are HUGE as they record everyone that came to the site:

Then you have to check if they are bad, or just block them anyway if they look suspicious:

Then you have to put in the block. I am working on that aspect!

POSTED TO FORUM 1710 EST

Posted: Fri Dec 23, 2016 5:11 pm     Post subject: IMPORTANT NOTICE December 23, 2016 - OUTAGES

We have been under an outside attack and so unfortunately we had to shut down the site while our host was working quickly in the background to block the access. That may now be fixed but we are watching events very closely, as the attacks drive up the COMPUTE CYCLES and is a COSTLY problem. MOST IMPORTANT - remember that any time the site is down that we post the announcements here: http://cefresearch.blogspot.ca Please BOOKMARK that site and keep it for future reference. If there are any additional problems over the next few hours or days I will post the notices to that site. I can NOT post notices here if we have locked the site. I have left the WIKI site closed for the current time as I noticed a large influx of information into that site and I have not had an opportunity to find out why. Our host believes it was a surge on the FORUM and not the WIKI. Richard

CRITICAL MESSAGE December 23, 2016

The CEFSG Forum is temporarily closed while our host at Register.ca tries to find out what is happening.

Our fee to run this site is based on the storage we use, bandwidth and compute cycles. Something has gone terribly wrong with the COMPUTE CYCLES. They have suggested it could be:

1. An advertising campaign we are running.
2. A malicious attack.

At the moment I am heading off to run a BACKUP of the Forum and wait to see what they can find out. There is nothing different that I know of, other than considerably more GUESTS but they have READ ONLY privileges.

Stay tuned ... and I hope everyone remembered to come to this blog if there was ever an issue!

Richard

CEFSG System Backups August 20, 2016

The following notice was posted to the CEFSG Forum (phpBB3) on Saturday August 20, 2016:

All of the CEFSG Systems (web site, forum, wiki) are undergoing a full backup on August 19th-20th 2016. There should be no disruption in service during this period. The web site backup includes the static Matrix site, as it does not contain a separate database.

The violent thunderstorm here in the middle of the night knocked out some of the backup processes and they had to be completed again early this morning - better safe than sorry! It appears it is perhaps time to put a UPS on the system?

If there are any issues and the site is down for any period, please remember to go here for any further announcements:

http://cefresearch.blogspot.ca/

Have a great weekend, hope to see you back here soon!

Richard

If you have remembered to come to this site when there is a problem with access to the FORUM then you are one of the fortunate!

Something is blocking a number of members from reaching the forum due to their ISP number. For the moment, we are adding an ANTI-BLOCK on those that are reporting in that they do not have access. So far it has hit Helen, Marika and Greg.

If you have been banned with an message that you have been blocked then you need to send me your ISP number and I will reverse the block. Go to this address to get your ISP number:

http://whatismyipaddress.com/

Send that to me at cefmatrix@gmail.com and then I will take it from there. Tomorrow we can try and find out what happened and see if there is a generic fix but for now we will take it one member at at time. At least we know how to fix it that way!

If you hear from other members about this problem, please direct them to this message.

REGISTER.ca UPGRADE IN PROGRESS

I noticed today that all the sites under domains of REGISTER.CA are off-line at the moment. We did received a notification that they were doing an upgrade and that the sites may experience temporary down time.

I manage 3 sites on the same system and they are all down at 2:30 pm on Monday September 21, 2015. I thus attribute this to the system change and not to a problem with our site.

Richard

Board Update Complete

All work to update to 3.0.13-PL1 has now been completed.
Thank you for your patience while this work was underway.

Please post any questions of comments on the CEFSG BOARD in the UPDATE forum.