skyscript.co.uk
   

home articles forum events
glossary horary quiz consultations links more

Read this before using the forum
Register
FAQ
Search
View memberlist
View/edit your user profile
Log in to check your private messages
Log in
Recent additions:
Can assassinations be prevented? by Elsbeth Ebertin
translated by Jenn Zahrt PhD
A Guide to Interpreting The Great American Eclipse
by Wade Caves
The Astrology of Depression
by Judith Hill
Understanding the mean conjunctions of the Jupiter-Saturn cycle
by Benjamin Dykes
Understanding the zodiac: and why there really ARE 12 signs of the zodiac, not 13
by Deborah Houlding

Skyscript Astrology Forum

moderators -
Goto page 1, 2  Next
 
Post new topic   Reply to topic    Forum Index -> Nativities & General Astrology
View previous topic :: View next topic  
Author Message
james_m



Joined: 05 Dec 2011
Posts: 2637
Location: vancouver island

Posted: Tue Aug 29, 2017 3:50 pm    Post subject: moderators - Reply with quote

deb, mark and paul,

i notice a thread i started is missing - saturn in sagittarius..

mark mentioned to me that a thread had gone missing and he was at a complete loss as to what had happened to it..

i was wondering if the website format for skyscript is part or all of the problem? when i sign into skyscript, i get a message saying it is not safe to sign in to the site.. so, i am speculating that this might be some or all of the reason some threads have gone missing.. delete this thread when you deem it unrelated to the site.. thanks - james
Back to top
View user's profile Send private message
Paul
Administrator


Joined: 23 Nov 2009
Posts: 1391

Posted: Tue Aug 29, 2017 5:36 pm    Post subject: Reply with quote

Hi James

There's something very strange happening here. I have seen this now myself over the last couple of days where a post I've made on the horary forum has disappeared.

Earlier today I created a thread detailing this exact same issue and asking the skyscript community as a whole to comment on it - ironically this post has now disappeared, as has a couple of other threads or places where I've posted the link to that thread.

Something is amiss here, I'm going to get in touch with the server maintenance people and see what's going on.

EDIT

I just realised private messages are also disappearing as I had messaged Mark about this very issue earlier today and it's disappeared as well.
_________________
"The only true wisdom is in knowing you know nothing" - Socrates

https://heavenlysphere.com/
Back to top
View user's profile Send private message
james_m



Joined: 05 Dec 2011
Posts: 2637
Location: vancouver island

Posted: Tue Aug 29, 2017 6:52 pm    Post subject: Reply with quote

thanks paul,

here is what i get from firefox signing into skyscript -

https://support.mozilla.org/en-US/kb/insecure-password-warning-firefox?as=u&utm_source=inproduct

if that doesn't bring you to the page where the info is, i will copy and paste some of it here below

Insecure password warning in Firefox

Firefox will display a lock icon with red strike-through red strikethrough icon in the address bar when a login page youíre viewing does not have a secure connection. This is to inform you that if you enter your password it could be stolen by eavesdroppers and attackers.

Starting in Firefox version 52, you will also see a warning message when you click inside the login box to enter a username or password.

Fx52insecurePW

Note: When you start typing in your login information, the warning message can obscure the password entry box. You can press the Enter key after you type in your username (or click outside of the password area) to dismiss the warning.
What can I do if a login page is insecure?

If a login page for your favorite site is insecure, you can try and see if a secure version of the page exists by typing https:// before the url in the location bar. You can also try to contact the web administrator for the site and ask them to secure their connection.
Not recommended: You can also continue to log in to the website even if the connection is insecure, but do so at your own risk. If you do go this route, try to use a unique password or a password that you donít also use for other important sites.
About insecure pages

Pages that need to transmit private information, such as credit cards, personal information and passwords, need to have a secure connection to help prevent attackers from stealing your information. (Tip: A secure connection will have "HTTPS" in the address bar, along with a green lock icon.)

Pages that donít transmit any private information can have an unencrypted connection (HTTP). It is not advised to enter private information, such as passwords, on a web page that shows HTTP in the address bar. The information you enter can be stolen over this insecure connection.
Note for developers

For developers looking to learn more about this warning, please see this page. The page explains when and why Firefox shows this warning, and will also provide some details on how to fix the issue. For more information, see this blog post and this Site Compatibility document.


Share this article: http://mzl.la/1ZNx7IP
Back to top
View user's profile Send private message
Paul
Administrator


Joined: 23 Nov 2009
Posts: 1391

Posted: Tue Aug 29, 2017 9:50 pm    Post subject: LOCKED OUT OF ACCOUNT Reply with quote

It's come to my attention that some people may be locked out of their account. This could be as a result of some test the server maintenance guy is doing or it could be as a result of whatever bigger problem we're having at the moment.

The problem should be remedied by resetting the password. You can reset your password here:
http://skyscript.co.uk/forums/profile.php?mode=sendpassword

Within a few minutes you should receive an email with a temporary new password which you can use to log back into the system. From there you should change your password to something more memorable which you can do from this link:
http://skyscript.co.uk/forums/profile.php?mode=editprofile

If anybody does indeed have this problem, could you just let me know here on this thread so we can keep a record of it?

Thanks

Paul
_________________
"The only true wisdom is in knowing you know nothing" - Socrates

https://heavenlysphere.com/


Last edited by Paul on Tue Aug 29, 2017 10:02 pm; edited 1 time in total
Back to top
View user's profile Send private message
Paul
Administrator


Joined: 23 Nov 2009
Posts: 1391

Posted: Tue Aug 29, 2017 10:02 pm    Post subject: Reply with quote

James

This seems like a fairly generic message - basically there are two main ways in which traffic is transmitted over the web; HTTP and HTTPS.

HTTP is hyper text transfer protocol and describes a series of protocols which takes place as information from a website is broken into manageable messages and encapsulated and sent through various stages until ultimately being sent across the wires of the internet through the world and finally making its way back up to your computer where you can read it and subsequently send similar messages back from your computer to the server - such as to make a post or log in and so on.

Now in reality HTTP, because it is relying on sending information across the networks of the world, is vulnerable to 'attack' where someone could intercept a message, such as you logging in, and use that to 'steal' your log in and log in as you. That's really not so terrible with a site like skyscript - it would not be worth anyone's time to actually do that.

It's another story if it was a commercial transaction such as inputting your credit card information - something never done on skyscript at all.

With that in mind, there is a secure HTTP protocol, HTTPS, in which the messages that are sent between you and the server are first 'scrambled' using a predetermined code that only your browser and the server know about, so anyone intercepting will get gobbledeegook.

Skyscript doesn't do financial transactions so it's just a HTTP site which should be totally fine. In theory someone could have intercepted an admin or a moderator password (like my password for example) and used it to maliciously remove threads for the sheer sport of it, however my PMs have also disappeared as well as several threads and replies all of which appear to be time driven - that is all the content on the forum after a certain date has disappeared.

This makes me believe this isn't a hack but instead for some reason the database reverted to a previous state - possibly due to a corruption on the database itself. Hopefully the server maintenance people will be able to investigate and get answers for us.
_________________
"The only true wisdom is in knowing you know nothing" - Socrates

https://heavenlysphere.com/
Back to top
View user's profile Send private message
Astraea



Joined: 04 Oct 2004
Posts: 347
Location: Colorado, USA

Posted: Tue Aug 29, 2017 10:59 pm    Post subject: Reply with quote

I haven't been locked out so far, but I've had to sign in again repeatedly (even after checking the box to stay logged in). It's not a big deal, and this post doesn't need a reply, just reporting for the record.
Back to top
View user's profile Send private message
james_m



Joined: 05 Dec 2011
Posts: 2637
Location: vancouver island

Posted: Tue Aug 29, 2017 11:13 pm    Post subject: Reply with quote

thanks for the additional info here paul.. hopefully who ever is working with the website are able to resolve the issue, or issues as the case may be..
Back to top
View user's profile Send private message
Part of Fortune



Joined: 29 May 2017
Posts: 142

Posted: Wed Aug 30, 2017 4:58 am    Post subject: Reply with quote

Hi All,

I'm so glad to be back in Skyscript Forum . . . I got my new password and was able to reregister myself. Thank you very much Paul for the instructions! Thumbs up



>>> This message is for you, pankjdubey. Thanks for your reply on my Horary topic "Did Skyscript send me reply emails?" (My three recent topics all disappeared from horary section including your reply below).

Quote:
Posted: Tue Aug 29, 2017 5:45 am Post subject: Reply with quote


Or you could have first checked the profile section for enabling notifications for private messages, and another for notifications about posts .
Then you are within your rights to ask a Horary if someone from NSA or MI6 is deleting your emails before you read it (at a great expense to the exchequer) Wink


I have an amusing story for you here: many years ago, I did some experiments by using different middle initials whenever I sent some mail order or sent for a subscription for some magazine, etc. So my name read as: Ms. Jane A. Doe or Ms. Jane B. Doe, etc. The reason behind this was trying to find out the source of the plentiful weekly junk mail I had been getting from various locations.

One day I received a jury duty notification from the city of San Francisco, California (US). I saw it was addressed to Jane G. Doe . . . that was the middle initial I used in order to subscribe to The National Geographic Magazine!

The common belief then was that the government went by your driver's license to pick candidates for jury duty. In spite of growing up and going to school in Los Angeles, I never managed to own a car or a driver's license (and never ever served on a jury duty until . . .) Shocked

Anyway later, I was with a bunch of artists at a workshop and told my story -- but one elderly female refused to believe that The National Geographic magazine was behind the jury duty listing. She kept saying "There's no way they are tied to the government!" Well, she was definitely a minority in our city.
Back to top
View user's profile Send private message
sabumnim



Joined: 22 May 2017
Posts: 70
Location: Canada

Posted: Wed Aug 30, 2017 6:12 am    Post subject: Reply with quote

What's odd is that I can log in, no problem, but pm's and posts tend to go missing !
Back to top
View user's profile Send private message Send e-mail
Paul
Administrator


Joined: 23 Nov 2009
Posts: 1391

Posted: Wed Aug 30, 2017 6:46 am    Post subject: Reply with quote

Sabuminim

Moderators etc have no access to your PMs, the fact that PMs have also disappeared and everything seems to be gone after a certain date convinces me it's a database issue and not a hack.

Of course if it happens again we'll lose this thread too
_________________
"The only true wisdom is in knowing you know nothing" - Socrates

https://heavenlysphere.com/
Back to top
View user's profile Send private message
sabumnim



Joined: 22 May 2017
Posts: 70
Location: Canada

Posted: Wed Aug 30, 2017 4:48 pm    Post subject: Reply with quote

So, Paul: I NEVER said that moderators (specifically) are deleting my PM's. But, it's good to know that one less source has been ruled out. James M thinks (as do I) that there are serious security issues going on with your site, and, if true, put a stop to it, asap.

I think that its true that you are running of out of space and something needs to be done to expand the database.
Back to top
View user's profile Send private message Send e-mail
Paul
Administrator


Joined: 23 Nov 2009
Posts: 1391

Posted: Wed Aug 30, 2017 4:53 pm    Post subject: Reply with quote

Sabuminim

Do you have any specific technical training or reason to suspect a hack? I'm curious why you believe it's a hack despite my explanations for the message James is seeing etc. - if the hack was of an admin or moderator password they couldn't read or delete your PMs anyway. So we can rule out a hack such as someone taking for example the password of a moderator etc.

The other hack it would require then would be a hack on the server itself - this is a possibility but of all the things a hacker could do (delete the entire site for example, edit any page they wanted etc.) it remains completely bizarre that their actions would be to go through the effort of taking a particular date in time and then writing up all the SQL to then delete all content in the database after that moment, with no real gain or reward for themselves. Putting aside how untrivial it is to hack the server to begin with, it's also a nice amount of work to write and perform those SQL statements on the database to delete not just forum threads, but also posts and PMs as well.

By far the simpler explanation is that a database corruption required a revert to a previous working state. Sometimes the simpler solution is the most likely.
_________________
"The only true wisdom is in knowing you know nothing" - Socrates

https://heavenlysphere.com/
Back to top
View user's profile Send private message
Paul
Administrator


Joined: 23 Nov 2009
Posts: 1391

Posted: Wed Aug 30, 2017 6:00 pm    Post subject: Reply with quote

So apparently the people in charge of the server moved to the server to anothe resource and basically did a migration of the server itself which isn't unusual in itself but seems like there was some server caching which meant that the calls were still going to the old server - once the migration was complete and we're pointing to the new server, those posts and messages etc. got lost.

So this is probably all fixed now and was nothing to do with security or hacking, just some migration that went a little wrong.

Let me know if anyone else is still having problems or disappearing threads or psots though so we can keep an eye on this.
_________________
"The only true wisdom is in knowing you know nothing" - Socrates

https://heavenlysphere.com/
Back to top
View user's profile Send private message
james_m



Joined: 05 Dec 2011
Posts: 2637
Location: vancouver island

Posted: Wed Aug 30, 2017 6:10 pm    Post subject: Reply with quote

thanks paul,

i am surprised no one said anything about this migration, prior to it happening.. it could have prevented the 'lost threads' perhaps if we had of been informed of this migration..

oh well.. say la vie...

james
Back to top
View user's profile Send private message
sabumnim



Joined: 22 May 2017
Posts: 70
Location: Canada

Posted: Fri Sep 01, 2017 5:52 am    Post subject: Reply with quote

Paul wrote:
Sabuminim

Do you have any specific technical training or reason to suspect a hack? I'm curious why you believe it's a hack despite my explanations for the message James is seeing etc. - if the hack was of an admin or moderator password they couldn't read or delete your PMs anyway. So we can rule out a hack such as someone taking for example the password of a moderator etc.

The other hack it would require then would be a hack on the server itself - this is a possibility but of all the things a hacker could do (delete the entire site for example, edit any page they wanted etc.) it remains completely bizarre that their actions would be to go through the effort of taking a particular date in time and then writing up all the SQL to then delete all content in the database after that moment, with no real gain or reward for themselves. Putting aside how untrivial it is to hack the server to begin with, it's also a nice amount of work to write and perform those SQL statements on the database to delete not just forum threads, but also posts and PMs as well.

By far the simpler explanation is that a database corruption required a revert to a previous working state. Sometimes the simpler solution is the most likely.


Paul in Administration:

I am not all knowing when it comes to computer internet security. The idea of a hacker was brought up in a phone call that I had with James M recently. Nobody knows for sure. However, I have personally built and have written (with my own knowledge of bootstrap, javascript, and html) three widely known websites, that have received a combined 350,000 hits from over 70 countries from around the world.

Security is obviously important with a discussion forum. (I despise hackers, by the way.) I have no interest in managing a discussion forum, btw, too much of a headache, too much conflict for my liking, little financial reward for all of the hard work involved.

What's at stake here is your credibility as a website, hangs in the balance.

Many posts on this site have disappeared and have not come back, including a number of my own posts, so I don't think that the problem has really been solved.

My brother is much better at cyber security than myself. He is a MIT/Stanford trained security expert for a major, Fortune 500 company with over 8 billion dollars in assets. He could likely tell you what is wrong with your site and why data has disappeared from this site, for a price, of course.

I would say that, with Mercury migrating to Leo and still retrograde, the problem is probably not fixed, yet, and a band-aid, temporary fix was made, but the real fix will come after Mercury goes direct, well into September, isn't it true ?

One of the long time axioms of Mercury Rx is that, since Mercury rules websites and computer data, when decisions are made, they will have to be completely revised or changed at a later date, since not all of the facts are known at this time.

That said, since Mercury Rx currently makes a grand trine (120 degree aspect, back to back) with Uranus (the planet of computers) and Mars (the planet of viruses), the forum is likely safe enough, for now.


S.
Back to top
View user's profile Send private message Send e-mail
Display posts from previous:   
Post new topic   Reply to topic    Forum Index -> Nativities & General Astrology All times are GMT
Goto page 1, 2  Next
Page 1 of 2

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
. Powered by phpBB © 2001, 2005 phpBB Group

       
Contact Deborah Houlding  | terms and conditions  
All rights on all text and images reserved. Reproduction by any means is not permitted without the express
agreement of Deborah Houlding or in the case of articles by guest astrologers, the copyright owner indictated