Jump to content

Stargazers Lounge Uses Cookies

Like most websites, SGL uses cookies in order to deliver a secure, personalised service, to provide social media functions and to analyse our traffic. Continued use of SGL indicates your acceptance of our cookie policy.

sgl_imaging_challenge_banner_30_second_exp_2_winners.thumb.jpg.b5430b40547c40d344fd4493776ab99f.jpg

admin

Important Security Announcement - Please Read

Recommended Posts

Last night (January 12th 2016) as part of our routine security checks we noticed one of the core forum template files had been modified to include some obfuscated code designed to redirect visitors to other websites, presumably for the purposes of advertising or some other malicious activity.

We immediately closed the forum and removed the offending code. We then carried out a full reinstall of the forum software to ensure all traces were removed. 

Attacks like this are notoriously difficult to trace as they are usually automated and carried out through flaws in the software which go undetected by the various server logs. 

There is no evidence to suggest this attack accessed the forum database or any other data but we recommend users change their SGL passwords as a matter of precaution. 

It is wise internet security practice to periodically change your passwords and use a unique password for every site you use. There are some excellent password managers available that provide a convenient and secure way to manage your passwords. LastPass (https://lastpass.com/) and 1 Password (https://agilebits.com/onepassword) are two of the best.

SGL is always kept bang-up-to-date with the latest forum software (the most recent update was only last week) so as of now, there are no known weaknesses in the forum software. But we also use a number of third-party add-ons (i.e. the classified area, tapatalk and the notices system). Some of the developers of these add-ons have not provided an update for some time so we suspect it was one of these non-core parts of the forum that was the attack point.

As a result, we have removed all add-on modules from the forum. We were already planning to change the way the classified area works so this will be brought forward and a further announcement will be made about the classifieds area later today. 

We are also planning to move to the next version of the forum software in about a weeks time, at which point we shall switch off Tapatalk which is being used less and less but continues to be the most burdensome part of the forum to maintain and update. The new forum software has a much better mobile theme anyway so there is no longer a need for Tapatalk. 

From here onwards we will not use third-party add ons and will stick strictly to the core forum software. In addition, we have implemented some additional layers of security on the server. This will likely result in more false positives whilst things settle down so if you find yourself blocked from accessing SGL or doing something while on the site, please email us at contact@stargazerslounge.com so we can investigate.

Rest assured, the security and stability of SGL will always be a priority and we work tirelessly in the background to maintain this.

Thank you for being part of the SGL community,

SGL Admin

  • Like 38

Share this post


Link to post
Share on other sites

Rest assured, the security and stability of SGL will always be a priority and we work tirelessly in the background to maintain this.

Thank you for being part of the SGL community,

SGL Admin

Thank-you for providing the facility, password changed :happy7:

Edited by Charic

Share this post


Link to post
Share on other sites

Without it's add-ons SGL is looking rather sparse but please don't be concerned.

We are moving to the new version of the forum software (not just an update, it is entirely new and much more capable) beginning Fri 22nd, possibly earlier.

Many of the add-ons currently missing (i.e. the 'recent topics', 'latest updates' and 'upcoming events' lists) are baked-in to the new forum software, they will work differently but will be better. 

HTH  :police:

  • Like 5

Share this post


Link to post
Share on other sites

I wonder if thats why I had trouble this past week logging on this site, seems ok today but recently I have been coming on here and it wouldnt load so had to click refresh or i would get a white screen, I thought I had solved it when someone asked was I logged in on something else (laptop) but it still persisted . Today now it seems ok (so far)

Share this post


Link to post
Share on other sites

First of all, thanks for the work you folk do to make this such a useful resource for the rest of us.

Re Tapatalk:

We are also planning to move to the next version of the forum software in about a weeks time, at which point we shall switch off Tapatalk which is being used less and less but continues to be the most burdensome part of the forum to maintain and update. The new forum software has a much better mobile theme anyway so there is no longer a need for Tapatalk.

That will be an enormous relief! A few forums I use are upgrading to options with mobile themes and, without exception, they are better than tapatalk, mostly because they lack the irritating "features" that tapatalk thinks we need.

  • Like 4

Share this post


Link to post
Share on other sites

Thanks for the speedy resolution to a problem which is becoming more prevalent lately on many other sites.

Keeping SGL safe and secure for all of the members is very much appreciated.

Password now changed.

Sandy. :icon_biggrin:

Share this post


Link to post
Share on other sites

Without it's add-ons SGL is looking rather sparse but please don't be concerned.

We are moving to the new version of the forum software (not just an update, it is entirely new and much more capable) beginning Fri 22nd, possibly earlier.

Many of the add-ons currently missing (i.e. the 'recent topics', 'latest updates' and 'upcoming events' lists) are baked-in to the new forum software, they will work differently but will be better. 

HTH  :police:

Not concerned, I'm delighted, without the side menus etc, the forum now loads almost instantly. :)

Suffering with a slow Internet connection, this is a real bonus.

Cheers,

Rich

Share this post


Link to post
Share on other sites

I will add my thanks for all the work that goes on unseen by members and for keeping us all informed.

Share this post


Link to post
Share on other sites

This is the only amateur astronomy forum I belong to and I do look at others from GB/UK & worldwide. It is well managed by the SGL admins & IT dept. SGL members are polite and friendly and come from all walks of life. I do have a twisted sense of humour that I have injected to some of my replies and I admit I have had a few warnings. This is what makes SGL safe, secure and family friendly. Well done guys & girls for making SGL the international success it is.

  • Like 3

Share this post


Link to post
Share on other sites

Please send an email to all members. Many of them will not read this post.

Good luck with your efforts.

Share this post


Link to post
Share on other sites

I was working a night shift last night and so missed Stargazing Live. I logged into SGL to see if I'd missed much and couldn't get in. A full nightshift without SGL!!

Good to know it was due to such keen vigilance by the Admin's and not taken down by an actual nasty cyber attack.

As for Tapatalk, I've been a avid user for years but it lost popularity due to developer tinkering and the fact that many/most mobile devices can easily handle full sites now. I see the loss of Tapatalk as more a sign of the times than anything else. 

Thanks again for the hard work you put into keeping SGL a safe and enjoyable place to visit :)

Share this post


Link to post
Share on other sites

A big thanks from me too.  There's an awful lot involved in keeping a site like this up and running and it all goes very smoothly thanks to your hard work.

Edited by paulastro

Share this post


Link to post
Share on other sites

I would also like to add my voice to thanks all the people who work tirelessly behind the scenes and keep this mammoth website/community living & breathing astronomy.

I good job done by all, I thank you all, & well spotted.

Andrew

  • Like 1

Share this post


Link to post
Share on other sites

Thanks for keeping a great site great. Re: Tapatalk I too was getting frustrated with it so looking forward to the new mobile version. As I work away during the week mobile is my only access so can't wait. Wish I had seen this message earlier though as I sent a fault report via Tapatalk when I couldn't get in earlier tonight - this explains it

Share this post


Link to post
Share on other sites

This really is a great site. Thanks for keeping it secure and easy to use, and to all fellow SGL members for making it live up to its friendly international reputation.

Martin

Share this post


Link to post
Share on other sites

Do you think it is just a coincidence that an attack like this happened when Stargazing Live was on the BBC and the level of traffic to this site is likely to be increased? 

Good job on spotting it so quickly :)

Edited by davedownsouth

Share this post


Link to post
Share on other sites

SGL is off my Tapatalk (says network error, get_config). Might reboot be the reason?

Share this post


Link to post
Share on other sites

Not worried about Tapatalk at all absolutely hated it anyway.

As far as the reasons for the shutdown etc., do whatever you think best, I am certain we all will benefit and you will have our support.

Thanks,

Derek

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.