Are we suffering attempted DDoS attacks.

you may not consider it a majour site, but parrot forums was down for two and a half days this week

It happens to the best of 'em, though the more major sites usually have a bigger budget and can get back online sooner.

i'm going to need your email address and password to verify the security of all your domains, because you are the greatest threat to your security

You've probably seen my email address, or at least one of 'em. I'm pretty much the easiest person on the planet to dox, and I'm okay with that. Also, you'd need more than my email and password (for truly important things), 'cause I love 2FA. If I can use 2FA, I use it.

I suspect there's a plugin that'd enable it on ZenForo sites, but I've never looked...

Actually, lemme look...

Heh... It's already an option. If this was my site, any one with elevated permissions would be required to use 2FA. So, mods and admins would have to have 2FA enabled - if it was up to me.
 


It happens to the best of 'em, though the more major sites usually have a bigger budget and can get back online sooner.



You've probably seen my email address, or at least one of 'em. I'm pretty much the easiest person on the planet to dox, and I'm okay with that. Also, you'd need more than my email and password (for truly important things), 'cause I love 2FA. If I can use 2FA, I use it.

I suspect there's a plugin that'd enable it on ZenForo sites, but I've never looked...

Actually, lemme look...

Heh... It's already an option. If this was my site, any one with elevated permissions would be required to use 2FA. So, mods and admins would have to have 2FA enabled - if it was up to me.
well, now you know who you need to mail your phone to.
 
well, now you know who you need to mail your phone to.

That's kinda tempting. You have to deal with all my phone calls and text messages!
 
...plugin that'd enable it on ZenForo sites,

Zen is Buddhist, we use XenForo (probably pronounced the same).

We already have 2FA here - if you go into your account and choose Passwords and Security, it is likely disabled by default but you can enable it there.

On topic, I have not looked for figures but probably can, and would be surprised if we do not have 99% uptime.
 
We already have 2FA here - if you go into your account and choose Passwords and Security, it is likely disabled by default but you can enable it there.

I never spend any time in there. I'll have to enable it, as I'm a moderator with elevated permissions.

Because the site is behind CF, to do real uptime testing have it open the site and pick a word that's always on the page. The uptime monitors can/will test for that if you want. You might pick a phrase like "newsletter", which is on every page but is not on the CF page that shows when the site is down.

Hetrix is a solid service provider for free. You can even share the results with a public URL, but you can't set up a status page without the aid of Rob (as it requires a DNS record change).
 
Update: I don't see it. From looking online, only admins (may) have that option. It's not in any of my account settings.

I am but a mod, so I don't have that option.
 
So you don't have this?

px0Zsqo.jpg


If not, I will have to look into that.

Chris
 
And 2FA has been enabled, with backup codes saved in a safe place.

I chose email, which means logging in via my cell may be problematic, but I'm far more likely to lose my phone than I am to lose my email address and that password is complicated enough so that I don't even know it!
 
Boofhead (and I mean that in the nicest possible way, I will likely be on the rum in about 2 hours) - have you tried clicking it to see if it works for you? You can cancel out without enabling it.
 
That's deep(ish) !!!!
 
Scratch the last part of my above post then, we almost crossed beams - dangerous according to Ghostbusters.
 
Geez, 3 of us will blow up the place and let the goblins out.
 
Not only did I enable it, I've tested it.

Pretty speedy for this many glasses of wine!

(It works wonderfully.)
 
works for me

I use 2FAS

I just logged out....and then back in using 2 factor authentication via that app.

I have some codes stored in case of failure....but I don't think I will need them. The 2fas app works perfectly.
 
but I don't think I will need them

I've had it fail on other sites, not my own, but still... So, definitely make sure to not lose 'em. I'm not sure if even an admin could recover your account? You'd have to ask them to know.

2FA giveth and 2FA taketh away!
 
Update: Now THAT was an outage to be concerned about!

@Rob, that one was a good one. Under normal circumstances, I'd figure you were rebooting stuff, but it was a full 45 minutes with sporadic connectivity.
 
We have DDOS mitigation that can be turned on at a moment's notice.

Has the moment passed yet /?... @Rob
 
Last edited:
This site has way too many Daves/Davids.

I'm glad its a popular name on here ;)

In all seriousness though, I haven't experienced any outages recently so (speaking for myself) I think things are starting to calm down now
 
I'll go out on a limb here and say you can record here if you are experiencing an outage of say more than 10 minutes, and I can take a look. My phone will ping (just got one from Brian, but that is to a conversation). Make allowance for the fact that I live in a state with no daylight saving and it is always at UTC+10. I log out by my 7PM each night to cook the evening meal, and am in bed two hours later.

If you wake me I will be forced to kill you.

Wiz
 

Members online


Latest posts

Top