What is going on with the mobile version?

[fsgrecofolk]

Is anyone else being redirected when accessing the forum on a mobile?

[Bob H.]

I couldn't get on for the last 24 hours or so from either my work or home computers.

[fsgrecofolk]

I was having access issues and also being redirected to porn, phony anti virus, and dating sites.  It was wierd.

[Ray Brinzer]

So, briefly, a few important points:

• I am no longer the tech guy for the site(s)
• The people who are responsible for that are aware of the problems

Both the JavaScript exploits afflicting mobile users and the database errors are real problems. I expect they'll go away soon.

[Ray Brinzer]

Update: if you get a redirect again with a mobile device, please report it here.

[brycemus]

I just tried on my phone which as recently as Monday was still sending me elsewhere.  It was good to go.

[leglace]

Mobile looks exploited again

[FalconWrestlingKY]

Mobile looks exploited again

same here

[Ray Brinzer]

Yes. I now have server access. I have found the problem, and will fix it as soon as I have all the audit information I need.  Should be within the hour.

[Ray Brinzer]

I believe I have fixed the problem.  If you still get redirects, please report it here.

[ViseGrip]

Edit function?

[fsgrecofolk]

What causes the redirects?

[Ray Brinzer]

What causes the redirects?

It's hard to give a simple answer, but I'll try.

The software which serves web pages, and which runs on the server, is called Apache.  Apache is very configurable.  If someone is able to mess with that configuration, they can do naughty things.

There is a main configuration file for Apache, which normally sits outside the directories full of web pages that Apache serves.  Apache also supports per-directory configuration files, which sit in the directories they configure.  These are called .htaccess files.

The .htaccess files in the top-level directory of each website on the server had been modified.  Rules were added which told Apache to detect whether a request was coming from a mobile client, and if so, issue a redirect.

I fixed that problem, and locked those files down so it probably won't happen again.  That doesn't explain how it happened; the fact something on the server tried to modify those files confirms that there's a vulnerability somewhere in the system.  Locking down those files is like locking your bedroom door at night; if that's what keeps you safe, your house is not secure.  But it's no longer my system.

[fsgrecofolk]

Mobile has been compromised again

[FalconWrestlingKY]

There appears to be some sort of cookie on my phone that's identifying my password as incorrect and won't log me back in.

I am pretty certain it's a cookie because it lets me log in just fine on inprivate but claims my password is incorrect when I do it normally

Might be related, might not