BASIC Developer & Support Resources > Open Forum

Forum Activity


Forum Members,

With the COVID-19 virus causing many to work from home, hopefully folks will have time to contribute to the forums. If things don't pick up soon, I'm going to start scaling back on the resouces I facilitate.

I have begun building a new server instance to host the forums I facilitate . This will cut the costs 4X. The sandbox is.going away and projects will be moved to Gitlab. I hope to have this complete by the end of March with no disruptions.

I was able to reduce my monthly AWS bill in half removing snapshots and storage I allocated but haven't used in years. I paid a couple grand for idle services I never used. A lesson I hope others don't have to experience.

On a positive note, Comcast came out today to fix a wiring issue and drop off one of their latest modems. I went from 33 mbits to 318 mbits by the time he left.

My total AWS bill for 2020 was $1,110.93. Going forward I shouldn't exceed $10 / month. (S3 daily backups, reserved/dormant local mirror EC2 instance, Route 53)

I'm glad I was able to recover and repair the forums I host and get them back  online. Losing  over 9 million Google search engine indexes for would be tragic.

Your feedback how my local hosting and new sandbox are running from your end would be appreciated.

The Plesk server (Intel 4 cores 8 GB) and the Sandbox repo server (RPi 4B 8 GB) run at 2.5% CPU utilization and at 45 degrees C. Both have static IPs and running off a fiber connection. (1 gigabit up / down)

I'm currently building two AWS EC2 instances as insurance incase my local hosting resourse go off line. (power outage, fiber down, ...)  They will remain inactive until needed. (restore  current offline backups and change IP references on Route53) As additional insurance (incase the house burns down when I'm away) I've installed the Plesk AWS S3 extension for automated scheduled daily backups. 😊

This local hosting adventure will save me $150 / month eliminating Comcast and AWS.

Plesk Server

  System load:  0.03               Temperature:           38.0 C
  Usage of /:   5.7% of 233.73GB   Processes:             185
  Memory usage: 14%                Users logged in:       0
  Swap usage:   0%                 IPv4 address for eno1:

Gitlab Server

  System load:  1.09                Temperature:           46.3 C
  Usage of /:   13.1% of 116.97GB   Processes:             317
  Memory usage: 64%                 Users logged in:       1
  Swap usage:   0%                  IPv4 address for eth0:

I have a renewed interest In maturing the resources I offer to the BASIC community. It feels like my friends and lurkers around the world stop by the house and visit. 😎

The SMF forum hosting software is vulnerable to a nasty breach that acts like a Trojan Horse using your site's resources as a spamming server and possibly a proxy. If you're running on default SMF installation permissions you are likely to be already affected. Compare your Themes/default directory contents with the virgin SMF distribution to tell.

The attack seems to be carried out by fake Google and Bing bots. It seems Wordpress and MediaWiki are other packages the breach is targeting. Fortunately WP and Mediawiki isn't installed on any of the sites I host.

I'm amazed by how much of the traffic to your website is bots.

I have spent a couple days tracking down the cause and effect and building a security model that will hopefully prevent it from happening again.

Good luck with this!

On a side note I was please to learn that Gitlab-ce installs OWASP ModSecurity by default.


[0] Message Index

Go to full version