Website wasn’t compromised. I know that for sure. However, It looks like bot web scrappers. I’m seeing many nonhuman IPs in the logs. Whenever we comment on the forum or inside Wordpress, our user names get put in metadata or some html. Super easy for bots to scrape. The other option is a phish. I’ve put in some better recaptcha (which bots and AI can still fool) to the login/register screens. Seems to have helped mitigate some bots.
Best course of action is to change passwords to something very difficult and just continue to monitor. The good news is, they didn’t get into your account on the blog or forum. We blocked them/it. We caught that. You should be good there, but a password change would be safe.
How would they get the passwords without an entity giving it to them? Not as familiar with scraping…? Interested to understand it as I always assumed it’s either a site gets compromised or a user gets phished. The latter being most common.
To get his password, they need to access the database. But it is salted, so they wouldn’t have an easy time decrypting it. They didn’t have his password so they brute forced attempted with his username and multiple wrong passwords and we locked the account after 5 attempts that occurred in under a minute. Unfortunately, that locks the user too but resets after 1 day. Teaches the bot to give up.
Edit: they didn’t have access to the DB so they beat their heads against the firewall.
That makes sense. Appreciate the explanation.
So I’ve debated on whether this was important enough to share but don’t remember seeing it in here previously.
I only use the mobile version on Android and I don’t have a chamber icon anymore. Nor can I access it from the website.
I can only get her by what shows up after typing “pistols firing” into chrome and under the main site link it has subheadings I can access and one is the chamber. Once I click that I get the access. It is all current as well.
Not sure if any of that makes sense or is helpful. I’m an #old
Mines gone too. I have been clicking the menu tab in the home page then the + icon next to pfb+ option then click on the pfb+ forum option. It’s the only way I’ve been able to access it
@matt15 - That was one of the casualties through the updates. It’s on my list to put back on, but for now, I’m going to add a ‘The Chamber’ link in the menu.
Thank you sir!
Good luck with this mess!
Menu should be back in working order. A few modifications have been done, let me know if things looks/behave off.
Kind of a non-issue, but maybe you want to address…
Notice how the + logo, to expand options, isn’t quite centered/aligned with the menu indicator? So for instance, if I want to expand the PFB+ menu, I have to click/tap above the + sign a bit to get to open the options.
Definition of first world problems.
I thought about saying something about ads again. Just figured it’s a known thing.
Anyone having issues getting here on a phone? I can get into the chamber on computer and tablet, but I don’t have a link on my phone?
I’ve had to go to the main menu, expand PFB+, then click on forum
When I do this, it takes me to the page to sign up, but I can’t find the chamber logo/ log in?
I have the same problem with the chamber icon no longer located at the top of the main page. Luckily have it as one of my frequently visited sites, but new subscribers might have a difficult time finding it
Sorry just saw this thread again. Please @ me or @MiggityMac when you guys have issues.