Logged out often after phpBB mod.

Here's where to post questions and suggestions regarding forum use. Requests for new forum topics should be posted here as well.

Logged out often after phpBB mod.

Postby Dave_Higgins » Wed Jan 05, 2011 7:26 pm

Hey Scott...

Not sure if it's because of the RSS usage (which seems to be working fine), or if it's Safari's "Top Sites" updating it's "preview" often, but it seems that now when I go a day or two without actually entering the forum in Safari, when I finally do come in I'm being told that I've tried too many times to log in and now have to enter the captcha (which takes a few tries to actually "catch") along with user/pass. RSS seems to keep updating properly right up until I enter the site in Safari.

I'm led to believe that it's Top Sites doing it, because the preview/thumbnail shows all forums "unmarked", same as it does when logged in as guest.

Didn't have any trouble with that before site mods/update (although I wasn't using RSS until after the mod). Heard anything about this in the phpBB support forums?
My two favorite teams are Detroit and whoever's playing Chicago.
User avatar
Dave_Higgins
 
Posts: 454
Joined: Mon Jul 07, 2008 9:50 am
Location: Dark Side Of The Moon

Re: Logged out often after phpBB mod.

Postby Scott » Thu Jan 06, 2011 4:46 am

I haven't heard anything about it... but I have seen it... not here (because I am here everyday), but on other PhpBB based forums. Most recently it was the actual PhpBB support forum itself.

I am not using an RSS feed from any of the sites I have seen this on and I doubt very seriously if the PhpBB support forum is in my top sites (but I'll check when I get in this morning) so I am clueless as to what's causing this. I'll sniff around the support site and see if others are seeing this.
User avatar
Scott
Site Admin
 
Posts: 1213
Joined: Sat Jul 05, 2008 1:37 pm
Location: Northern Sierra Nevada

Re: Logged out often after phpBB mod.

Postby Dan_Kelleher » Thu Jan 06, 2011 6:50 am

I've had the same experience as Dave described here in the last week for the first time
Daniel.Kelleher@umassmed.edu
SC4.7.3 OSX 10.7.2 Mac Pro
User avatar
Dan_Kelleher
 
Posts: 438
Joined: Sun Jul 06, 2008 2:45 pm
Location: Worcester (wouster as in would) Massachusetts USA

Re: Logged out often after phpBB mod.

Postby Dave_Higgins » Thu Jan 06, 2011 8:33 am

I would tend to think that it's phpBB related, also, since I, too, have seen this happen with another phpBB forum that I frequent. Both are locked into my Top Sites.

It appears that Top Sites hitting it isn't the start of the problem, though... I have had this happen with both/any phpBB sites for some time... I often find myself logged out of any/all of them and have to login again.

With the SC forum it wasn't enough of a hassle to bother writing about... A quick click on the login link brought up an autofilled login page, so one more click took me back to where I was.

What I'm thinking is that before the mod/update, once the user/pass or cookie failed (for whatever reason), Top Sites would just keep updating over and over as a guest user, which I could tell by no new message colored icons "lit up" in the Top Sites preview. Now, with the mod, the repeated failed attempts (whatever breaks with the user/pass or the cookie involved) still continues with guest access, but once I actually pull up the site and go to the login page, that's where I'm getting the "too many attempts" message bringing on the captcha requirement. Not a big deal in itself, but it seems to take a few attempts at the captcha before the user/pass will take.

Just a little more info on what I'm seeing if that helps any.
My two favorite teams are Detroit and whoever's playing Chicago.
User avatar
Dave_Higgins
 
Posts: 454
Joined: Mon Jul 07, 2008 9:50 am
Location: Dark Side Of The Moon

Re: Logged out often after phpBB mod.

Postby Scott » Thu Jan 06, 2011 8:55 am

There are at least two threads in the PhpBB forums about this… mostly to do with users of that forum seeing the behavior when logging in. They go back about a year or so.

The consensus of the discussion is that there were legitimate attempts to gain access to the board with the user ID's that were affected (which were quite a few). A 'robot' attack of some sort… if you buy that. Not sure I do.

I have proposed the Safari Top Sites theory there but I don't think I buy that either.

Unfortunately there is no admin user interface for login attempts data. I don't even know just exactly what is stored by the software so I would have to scrub the database to see.
User avatar
Scott
Site Admin
 
Posts: 1213
Joined: Sat Jul 05, 2008 1:37 pm
Location: Northern Sierra Nevada

Re: Logged out often after phpBB mod.

Postby Dan_Kelleher » Thu Jan 06, 2011 9:23 am

Dave Higgins wrote:brought up an autofilled login page,

FWIW, I never see an autofilled login page using the Forum, that would be nice :(
User avatar
Dan_Kelleher
 
Posts: 438
Joined: Sun Jul 06, 2008 2:45 pm
Location: Worcester (wouster as in would) Massachusetts USA

Re: Logged out often after phpBB mod.

Postby Scott » Thu Jan 06, 2011 9:40 am

Do you have AutoFill turned on?

Image
User avatar
Scott
Site Admin
 
Posts: 1213
Joined: Sat Jul 05, 2008 1:37 pm
Location: Northern Sierra Nevada

Re: Logged out often after phpBB mod.

Postby Anderson » Thu Jan 06, 2011 11:10 am

Jumping in here as I've had this too-many-login-attempts thing happen lately and yes autofill is "on". I think I tried the log-me-in-automatically routine as well (and still had the same issue occur). Anyway, normally both fields are filled when I go to log in.

supercardus wrote:Do you have AutoFill turned on?

Image
Anderson.
iMac - Yosemite - SC(4.73)
User avatar
Anderson
 
Posts: 205
Joined: Mon Jul 21, 2008 9:00 am
Location: Perth County, Canada

Re: Logged out often after phpBB mod.

Postby Scott » Thu Jan 06, 2011 4:57 pm

Click the "Edit" button and see if "http://forums.supercard.us/" is in the list and your user name is listed. If it says "Passwords never saved" remove that item and it will ask you to save it next time around.

I am in the process of adding a mod to add user log entries whenever a login attempt fails due to "maximum login attempts exceeded". This will allow me to see if this is a bug in PhpBB or whether actual login attempts are happening.

As my Grandmother used to like to say… there has been a lot of 'monkey business' in the forums lately from would be spammers so I am not going to rule out that these may be real login attempts. I'll post back as soon as the mods have been installed.
User avatar
Scott
Site Admin
 
Posts: 1213
Joined: Sat Jul 05, 2008 1:37 pm
Location: Northern Sierra Nevada

Re: Logged out often after phpBB mod.

Postby Scott » Thu Jan 06, 2011 5:24 pm

Ok… mod installed. I can now see in the user logs when three failed attempts at login occurs and the ip address of who is trying to login. :twisted:

If any of you see this again please PM me and I will check the logs.
User avatar
Scott
Site Admin
 
Posts: 1213
Joined: Sat Jul 05, 2008 1:37 pm
Location: Northern Sierra Nevada

Re: Logged out often after phpBB mod.

Postby Dan_Kelleher » Thu Jan 06, 2011 5:26 pm

My Safari Autofill was NOT ON but it is now.
I'm not sure how it got turned off because I routinely get autofilled on most forms within most sites but I can't say I've spent much time on the web in the last few weeks except for SC.
Daniel.Kelleher@umassmed.edu
SC4.7.3 OSX 10.7.2 Mac Pro
User avatar
Dan_Kelleher
 
Posts: 438
Joined: Sun Jul 06, 2008 2:45 pm
Location: Worcester (wouster as in would) Massachusetts USA

Re: Logged out often after phpBB mod.

Postby Scott » Fri Jan 07, 2011 5:39 am

Ok... Since my last post the following IP addresses have tried to login to the following user accounts:

174.36.199.203 Fri Jan 07, 2011 4:39 am Joe Koomen
199.48.147.35 Fri Jan 07, 2011 3:37 am RandallReetz
93.184.30.22 Fri Jan 07, 2011 3:11 am lorenz
77.191.159.48 Fri Jan 07, 2011 2:35 am onetriadrr
192.251.226.206 Fri Jan 07, 2011 1:32 am Mike Yenco
174.36.199.201 Fri Jan 07, 2011 12:29 am Maria
193.198.207.8 Thu Jan 06, 2011 11:27 pm johnjohnston
204.8.156.142 Thu Jan 06, 2011 10:22 pm Stephane Leys
92.241.190.168 Thu Jan 06, 2011 9:20 pm rpitcairn
94.75.253.73 Thu Jan 06, 2011 8:20 pm marksch
199.48.147.39 Thu Jan 06, 2011 7:19 pm bito
80.62.217.18 Thu Jan 06, 2011 6:17 pm KelleherD

I am willing to bet that none of these IPs belong to these users. For instance the address of the computer that tried to login to Mike's account was based in Germany. And Stéphane's login attempts actually originated from Boston University.

Surprising to see the number of different IPs involved here but a number of them have the use of Tor or Tor networks in common. These are legitimate attempts to access your accounts here so you might want to think about strengthening your password if you are using something simple, or changing it if it is common to other more sensitive logins.
User avatar
Scott
Site Admin
 
Posts: 1213
Joined: Sat Jul 05, 2008 1:37 pm
Location: Northern Sierra Nevada

Re: Logged out often after phpBB mod.

Postby Dave_Higgins » Fri Jan 07, 2011 8:13 am

So prior to the mods/update the same thing was probably happening, only it would leave us logged out and not bring up the captcha?

Heading for the CP to check/update pass (here and other phpBB sites).

[update] You can ignore a few attempts of mine just now... I changed my pass but something went wonky (couldn't get back in with the new one), so I did a reset and changed it again afterwards and it seems to work now. Been logged in and out a few times resetting/cleaning up 1Password. [/update]
My two favorite teams are Detroit and whoever's playing Chicago.
User avatar
Dave_Higgins
 
Posts: 454
Joined: Mon Jul 07, 2008 9:50 am
Location: Dark Side Of The Moon

Re: Logged out often after phpBB mod.

Postby Scott » Fri Jan 07, 2011 9:21 am

Dave Higgins wrote:So prior to the mods/update the same thing was probably happening, only it would leave us logged out and not bring up the captcha?

There have been numerous comments over the years about being logged out at various times. This may well have been the reason all along, but it is not something the software was logging so I had no way of knowing what was happening.

Just checking the new logs again I see more attempts being made and now some like IP addresses are showing up. I will start banning like IPs that are trying to login to multiple user accounts and see if that slows down the little low lifes but this seems to be a pretty widespread issue that has bee going on for some time.
User avatar
Scott
Site Admin
 
Posts: 1213
Joined: Sat Jul 05, 2008 1:37 pm
Location: Northern Sierra Nevada

Re: Logged out often after phpBB mod.

Postby Dave_Higgins » Fri Jan 07, 2011 11:13 pm

supercardus wrote:Just checking the new logs again I see more attempts being made and now some like IP addresses are showing up. I will start banning like IPs that are trying to login to multiple user accounts and see if that slows down the little low lifes but this seems to be a pretty widespread issue that has bee going on for some time.

The actions taken in your recent announcement should certainly help a lot for new attempts, but I wouldn't be surprised if there's a network of these scumbags that's already spreading around the current userName list here to work with.

I wonder if the phpBB folks could come up with some kind of blacklist of known hack attempt IPs (with frequent updates) and a plug-in to use it, and spread it around the various admins/sites?
My two favorite teams are Detroit and whoever's playing Chicago.
User avatar
Dave_Higgins
 
Posts: 454
Joined: Mon Jul 07, 2008 9:50 am
Location: Dark Side Of The Moon

Re: Logged out often after phpBB mod.

Postby Scott » Sat Jan 08, 2011 8:34 am

Dave Higgins wrote:I wonder if the phpBB folks could come up with some kind of blacklist of known hack attempt IPs (with frequent updates) and a plug-in to use it, and spread it around the various admins/sites?

I dunno… I am not sure how realistic that is. All admins would first need to mod existing forums to generate the reports, then they would need to forward IPs to PhpBB, then PhPBB would need to have a mechanism to pass data to all forum admins. It would be very labor intensive to decide which IPs are legitimate… etc.

And then someone could simply scrub all of the posts to get user names instead. I suppose we could block all forum access to unregistered users and make it near impossible to register, but that just hurts the SuperCard community more than it helps.

Another possibility is that I could implement the ability to change user names here (at least temporarily) so the data they have would be useless… but we'd need to first make sure we have no more low lifes among our members. I could delete or deactivate all users who have never made a post but I know for a fact that would remove legitimate members. And then getting folks to change their user name is another issue.
User avatar
Scott
Site Admin
 
Posts: 1213
Joined: Sat Jul 05, 2008 1:37 pm
Location: Northern Sierra Nevada

Re: Logged out often after phpBB mod.

Postby Dave_Higgins » Sat Jan 08, 2011 11:01 am

Once you get a decent list of suspicious IPs, you could compare them to IPs used to sign up for those that haven't posted anything. That might give you an idea if there's any current users in the pool that are bunko. Although there's always the fact that some users have rapid rotating IPs. I get too used to a fairly stable DHCP IP address here.

Wouldn't be foolproof or complete, but you might weed off a couple that way.
My two favorite teams are Detroit and whoever's playing Chicago.
User avatar
Dave_Higgins
 
Posts: 454
Joined: Mon Jul 07, 2008 9:50 am
Location: Dark Side Of The Moon

Re: Logged out often after phpBB mod.

Postby Scott » Tue Jan 11, 2011 9:01 am

As this is starting to get out of hand I have decided to use a brute force method of my own.

1.) I have pruned all users with zero posts that did not have an email address we recognized as a customer or TV user.

2.) All new registrations need to be approved by a moderator.

3.) The board now (at least temporarily) allows you to change your user name in User Control Panel>Profile>Edit account settings. I would suggest you all make some change to your user name to avoid continued attempts to discover your login. This is not only an inconvenience but a server load issue as well.

4.) I will post another global announcement with this info as well as do a mass email to registered users in a few minutes.

With your help (changing your user ID) this should take care of it.
User avatar
Scott
Site Admin
 
Posts: 1213
Joined: Sat Jul 05, 2008 1:37 pm
Location: Northern Sierra Nevada

Re: Logged out often after phpBB mod.

Postby Scott » Tue Jan 11, 2011 2:31 pm

Oh and wouldn't you know, all the little low lifes are using gmail accounts.

Damn anonymous email providers!!! :evil:
User avatar
Scott
Site Admin
 
Posts: 1213
Joined: Sat Jul 05, 2008 1:37 pm
Location: Northern Sierra Nevada


Return to Site News, Questions, and Feedback

Who is online

Users browsing this forum: No registered users and 1 guest

cron