HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.
Please upgrade here. These earlier versions are no longer being updated and have security issues.

[2.1b2] Bizarre loading issue

13»

Comments

  • peregrineperegrine MVP
    edited January 2014

    Awesome.

    I would change all my admin passwords, in case someone got to you, and make sure you add the security fixes for 2.1b2

    EDIT:

    And possibly the sql database password as well

    I may not provide the completed solution you might desire, but I do try to provide honest suggestions to help you solve your issue.

    Zhaan
  • peregrineperegrine MVP
    edited January 2014

    peregrine said:
    then I would consider downloading core code again. - if there is something - somehow (unknown to you) that was changed to target your id in the code that could cause a slow down.

    Zhaan said:

    Fixed it! \o/

    I ignored my need for sleep and installed the latest version from GitHub, and voilà, problem solved. While we still don't know exactly what the problem was, you were right about it being somewhere in Vanilla core.

    the steps in this link fix a large majority of the issues.....

    http://vanillaforums.org/discussion/comment/199091/#Comment_199091

    V said:
    This is a Crystall Baller for sure, anyone who guesses this I will buy lunch :smile:

    ding! ding! ding! for solution, but not the root of the issue.

    I would like to donate the lunch to vrijvlinder :) for all the icons she made for me.

    I may not provide the completed solution you might desire, but I do try to provide honest suggestions to help you solve your issue.

    ZhaanvrijvlinderUnderDog
  • vrijvlindervrijvlinder Papillon-Sauvage MVP

    Lol I think he was getting attacked by brute force . Just out of curiosity , if you can Zhaan, keep track of how many visitors visit the login page and try to login using admin as a user name , or similar.

    @peregrine there is not enough icons in the world that I could make to make up for your : savoir faire .. Lunch is on me p !!

    peregrineZhaan
  • ZhaanZhaan Professional fool ✭✭

    Yeah, it's certainly possible. We do get huge amounts of bot applications every day.

    Any suggestions as to how I can track a single page?

    UnderDog
  • peregrineperegrine MVP
    edited January 2014

    @Zhaan said:
    Yeah, it's certainly possible. We do get huge amounts of bot applications every day.

    Any suggestions as to how I can track a single page?

    edited....
    I'm working on a plugin. stay tuned.

    I may not provide the completed solution you might desire, but I do try to provide honest suggestions to help you solve your issue.

    Zhaan
  • vrijvlindervrijvlinder Papillon-Sauvage MVP

    Not sure how it could be done with Vanilla besides looking at the logs. In WP there is a plugin called WordFence.

    The idea is to find out if the admin account is under constant attack to gain access. Do not name the admin account admin for starters.

    In wordpress there is a hole in security hence the need for this plugin. The login page is the most hit . http://www.yoursite.com/wp-login.php

    It would make sense that http://www.yoursite.com/entry/signin would have the same outcome. There must be a way to see how many people tried to access that page using admin as a user name.

    Another thing you could do, is create an account called admin and restrict it as a guest to see how many people try to hit that account.

    ZhaanUnderDog
  • peregrineperegrine MVP
    edited January 2014

    edited....
    I'm working on a plugin. stay tuned.

    I may not provide the completed solution you might desire, but I do try to provide honest suggestions to help you solve your issue.

    Zhaanvrijvlinder
  • ZhaanZhaan Professional fool ✭✭

    Plugin champion Peregrine to the rescue :)

    vrijvlinderUnderDog
  • peregrineperegrine MVP
    edited January 2014

    @Zhaan said:
    Any suggestions as to how I can track a single page?

    this may help with respect to sing in page. tracks failed logins. so, if someone is attempting to guess the admin password or a particular users password, this will track failed attempts. you can then add them to a list to block ip (see readme).

    http://vanillaforums.org/addon/signlogger-plugin

    @whu606 - if you want to give this plugin a spin, your feedback is always good.

    I may not provide the completed solution you might desire, but I do try to provide honest suggestions to help you solve your issue.

    UnderDogZhaanvrijvlinder
  • ZhaanZhaan Professional fool ✭✭

    Awesome. Downloading as I'm typing this post. :)

Sign In or Register to comment.