ZTree.com  | ZEN  | About...  

 Index   Back

[Forum Bug] All posts from Oct 3 thru Oct 23 are lost   [Forum Bug]

By: John Gruener     Orlando, Florida  
Date: Oct 28,2017 at 15:17
In Response to: [Forum Bug] All posts from Sep 23 thru Oct 23 are lost (Victor Garcia)

> Hello John and all,
>
> The script of the forum and its database have not been touched in an
> indirect way in several months, that is to say, no specific action on my
> part has caused the loss of some posts.
>
> Does anyone know for sure how many posts are lost?

First, a correction: The last post that has not been lost was number 121051 on Oct 2 by Art Kocsis. So all posts from Oct 3 thru Oct 23 have been lost.

On Oct 22 I posted "[Zeta] INF Files v2.4.174 Now Available" which at that time was number 121102, and is among the missing posts. The uploaded ZIP, however, is still on the server.

After that I believe there were a few more posts that were lost. Apparently Kim posted v2.4.175 which I didn't see, but Ben had a copy of it before Kim re-posted it.

> I have reviewed the forum database and did not detect any
> inconsistency. Nor have I received messages from the ISP regarding
> unusual operations. The sequence of the post number is not indicative of
> something missing, because when a user writes a post and deletes it, that
> consecutive number is lost.

There were at least 51 index numbers, and likely a few more, that are now being assigned the same numbers with these new posts. As you point out there were probably not that many actual posts, but I'm guessing there were at least 30 or so that are now gone, including 10 of my own posts. Included among the missing are the Zetas and a number of "Fix verified" and other messages in the v2.4.172 thread.

> What I think may have happened is that someone who has generated a
> branch with a few answers, then delete the original post and took the
> others, but the above can only happen with the privilege of moderator or
> administrator.

But wouldn't that just delete the posts in that branch or thread? All posts between the above dates were lost, regardless of which thread they were in.

In any case, this is a bit scary. If you or your ISP have the tools, I encourage you to run a malware scan to be sure nothing has been injected into the code or in any stored messages or uploads. I'd be especially concerned about a Cross-Site Scripting (XSS) injection, which can be hard to find, and may already be deleted. It's important that all input from users or potential new users (including the messages, user name, uploads, etc.) is automatically scanned and filtered for suspicious code.

Also be sure to change the admin and moderator passwords, using something very strong.

> The backups I have are prior to that date.

That's unfortunate. Does your ISP not provide at least weekly automatic backups?

> Otherwise there is no change in the server or in the script that puts
> the new posts at risk, therefore, you can write with confidence.

Well, respectfully Victor, I don't have a lot of confidence at this point. Something obviously caused the loss of a considerable number of posts, and we don't know what it was. Unless it was an accident by one of the admins or moderators, there is some kind of vulnerability somewhere.

You perform a great service here for us, and we all appreciate it. Please feel free to PM me if you'd like more of my thoughts on this.

- John

959 views      
Thread locked
 

Messages in this Thread

 
96,637 Postings in 12,231 Threads, 350 registered users, 87 users online (0 registered, 87 guests)
Index | Admin contact |   Forum Time: Mar 28, 2024 - 8:59 pm UTC  |  Hits:62,380,282  (32,679 Today )
RSS Feed