502 Errors

Post Reply New Topic

It started doing it again in past 24 hours including few minutes ago before logging in. It wasn't an error message but showing the website is hosted by insecure domain. I have a feeling the SSL Certificate failed to process.

Just realised that wrongplanet.net is not secured website. That explains why lot of errors, being hacked and that.

Ah so it's essentially like an open book then. That would be more plausible to me vs mass DDOS attacks. If there are no security measure to speak of, just about any teen can be able to do it easily from looking it up on google. Anyone reading here can know how within 30 minutes to an hour max, assuming absolutely no experience with netcode. This is why I falsify my personal information, use throwaway emails and always run adblock. I assume everything I put literally anywhere on the site is easily readable by anyone even if it's supposed to be private. If I am ever really unsure when browsing I also use a bunch more stuff to lock down even more.

If they can get full admin access just like that it becomes really easy to try phishing attacks, insert malicious redirects. banner ads can define the click-through button as taking up the entire screen and immediately install & execute virus like trojans. Some can even do so without requiring clicks by the user, even rendering can be enough.

Damn it it's still happening

I was gonna make a thread about this. Something's up with WP's servers.

That's what I've been wondering too.

You wanna DDoS WP? Just cancel one of your posts. That alone will crash the server for 1 to 5 minutes.

A two hours or so outage recently finished

It uses https, it is a secure one to one connection between the server and your computer. The SSL certificate isn't signed (verified by a third party), therefore your browser may tell you it's using a certificate that isn't secure. A caveat about that: it's an industry scam to strong arm website hosts into investing money with said third party verifiers. Again, the only thing off about the SSL certificate is that it hasn't been verified by a for profit third party. I can guarantee you it's legit because with all the other issues the site suffers from there's obviously not the technical expertise to spoof an SSL and run a scam with it, not to mention no incentive to do so with a 'help' forum.

Has there ever been a single announcement to put the loyal, long-suffering WP membership in the picture as to why these outages are occurring? If so, I must have missed it. Just sat by my laptop for over two hours, checking every five minutes or so, only to find on each occasion the Cloudflare message which appears in the previous post. This no doubt makes me a very sad person, but isn't it a reasonable question all the same?

I am really tired of it, the frequency with which it happens seems to have been greater lately.

No but it's clearly due to someone hacking the website daily. No action ever taken about it so I think we can safely assume the site admins are never around. No posts in this topic also proof of this. Even if an admin doesn't really care they'd post some standard "higher than usual traffic", "technical difficulties" or other thing at least.

Site security is nonexistent meaning the most rudimentary methods will work. I'd avoid having personal info on the site like where you live since it's basically an open book. Anyone with no technical knowledge could hack the site after 15 minutes of Googling. View everything you post even in PMs as public information, viewable by anyone. Without security anyone can get admin access. What I am surprised of is the hacker hasn't indiscriminately banned users since they'll have full ability to do so.

If they want to kill a community, fastest way is IP banning everyone and posting any sensitive personal information found. Or just nuking all website code and locking out the actual admins.

Last edited by SSJ4_PrestonGarvey on 18 Jun 2018, 1:52 am, edited 1 time in total.

I'm not an admin and I did post in this thread, so did others...

There is only one admin and that is the site owner AFAIK.

No security means the hacker can easily gain access level equivalent to the owner. With admin level access they could remove all the moderators if they wanted.

It's probably a bored kid, not an autism hater as I'd assume a hater would try to eliminate the website entirely as quickly as possible.

Would a bored kid take the trouble to access the site at pretty much the same time every day, and if so why? What is the point of 'hacking' it on such a regular, repeated basis over a period of well over one year?

There is also some reason to think that the site can be immobilized for a brief period (around 2 minutes) when a member deletes a post - on such occasions Cloudflare displays the same message as during the regular extended outages. That's definitely not caused by hacking. I'd put my money on all of this being the result of technical defects, not malicious human intent.

That's an interesting observation, I'd consider technical defects to therefore be a credible conclusion.

Are there daily processes that could trigger this? Like clearing some kind of cache.

Hypothetical bored kid might if the same time each day happens to be when he gets home from school. Though in light of your post I'd find this much less likely. Probably the answer is between two extremes, likely it's largely the same code as when the website started in 2004, and has problematic scenarios come up when used in the late 2010's.