Difference between revisions of "Blog"

From PinWiki
Jump to navigation Jump to search
(Created page with "'''2/8/2020:''' All, PinWiki has had some issues for several months now, and they are currently getting fixed. I do appreciate everyone's patience on this matter. With that...")
 
Line 1: Line 1:
 +
'''2/12/2020'''
 +
 +
This will be a short one, as I am preparing a more thorough "Going Forward: the next 10 years of the wiki" type post.
 +
 +
All uploads have been vetted and brought back online, this includes all archived uploads (the beauty of MediaWiki is that both uploads and page edits keep a history, so any time an upload has been changed (original was blurry, too small size, etc) the original gets archived in case of accidental removal, something malicious, etc.
 +
 +
With that said, uploads are still temporarily disabled, and are still going to be until some time later this week so that we can verify a few more security settings and configuration items. This will still adhere to the 2/16 timeline originally placed on it.
 +
 +
With the rebuild of the website, caching of pages has been temporarily disabled to flush some things through the system. What this means for you is that page loading speed may be impacted, however within the next day or two it will pick back up.
 +
 +
 +
Casey
 +
 +
 
'''2/8/2020:'''
 
'''2/8/2020:'''
  

Revision as of 10:04, 12 February 2020

2/12/2020

This will be a short one, as I am preparing a more thorough "Going Forward: the next 10 years of the wiki" type post.

All uploads have been vetted and brought back online, this includes all archived uploads (the beauty of MediaWiki is that both uploads and page edits keep a history, so any time an upload has been changed (original was blurry, too small size, etc) the original gets archived in case of accidental removal, something malicious, etc.

With that said, uploads are still temporarily disabled, and are still going to be until some time later this week so that we can verify a few more security settings and configuration items. This will still adhere to the 2/16 timeline originally placed on it.

With the rebuild of the website, caching of pages has been temporarily disabled to flush some things through the system. What this means for you is that page loading speed may be impacted, however within the next day or two it will pick back up.


Casey


2/8/2020:

All,

PinWiki has had some issues for several months now, and they are currently getting fixed. I do appreciate everyone's patience on this matter. With that said I wanted to give an update on everything, in mostly an FAQ format.

1) Why has this taken so long to get taken care of???

I wish there was a simple answer to this. It's a multifaceted, complex answer on that. PinWiki is not my full time job. 9 years ago when PinWiki launched, I had never expected the growth we have had over the years. We have had many upgrades over the years both on server side as well as the actual mediawiki software to keep things running smoothly. Part of these upgrades occur for security sake to help keep the wiki running without malware tied to it. With that said, I have run into some temporary personal affairs that had pulled me away from taking care of the issues at hand in a timely fashion. Things have slowed down for me finally and are expected to keep that way. This is going to allow me to be more actively involved again on keeping things going.

2) So what is going to change? We have lost faith in things!?!?!

Well, first and foremost, I am making myself more available with more scheduled time set aside specifically to reviewing, growing, and maintaining both front and back end sides of PinWiki. Chris Hibler has been basically an ambassador for the wiki since day 1. Previously he had only had minimal ways to contact me. Going forward, he now has both my cell and work phone number to be able to reach out to me in the event of any issues, questions, comments, etc. On top of this I have added a contact page on the home page of PinWiki so that I can be more easily reached. Secondly, I have put together a small team of people I trust and are local, who are in the field (various computing fields), to be able to step in and take care of things in the event I am not available on an immediate basis. While this team is not pinball focused (and will not be working on adding content), they are a technical team of people I see on an almost daily basis, and along with my experience, they bring a new level to our team. Reviews of performance, security, potential new features, etc. will all now be monitored so we can continue to keep PinWiki around for the community for years to come.

3) How did we end up in this situation?

An older version of MediaWiki that we used to run had an exploit in it that was used to hijack the website. When we upgraded MediaWiki to a newer version that fixed this exploit, we had missed a corrupt file in the uploads (this was not uploaded maliciously, the exploit used the uploads folder to hide itself). This file was still being used to continue to replicate and re-infected the website. We have now stripped and rebuilt the website from the ground up so that this is not an issue again.

4) Where are we at right now? Why are no images loading? Why can't I upload new images?

The wiki is back online, sans media. Both myself and someone who is directly in web security have been involved in this recovery effort. As stated above, with some prep work, we stripped the site down and have done a full rebuild with new file copies. This was done to prevent the unintentional re-upload of the exploit. The one piece of this we can't just upload as new is our media content (images, videos, etc.). Instead, we will need to review each and every file one by one and step by step bring media content back. With 9 years of uploads and revisions of files, this equates to a LOT of work and very time consuming. We will be working on restoring this content as quickly as possible. We are expecting that by the end of next weekend (2/16/20) to have all content restored. Until then, we will be restoring files gradually, and you may see some (or all depending on the page) media missing, and uploads will not be currently available. Once all files have been reviewed we will be bringing uploads back so that you may add your content as needed.


I appreciate everyone's patience with this. I know it has been incredibly frustrating to get redirected to spam websites and not be able to access your pinball info that you expected. We are well on our way to getting past this mess and moving forward with continuing to be THE place for everything pinball. Once we get through the final file review and close up this issue, we are going to next provide our "next 10 year" plan. Thank you for everyone who has ever contributed to the website. We would be nothing without the community. I also want to thank those who have offered to help get things fixed, I was able to get someone in person that is a security expert to assist and review things. I have my strengths and weaknesses in web technology, and was able to fill in the gaps. They are also going to be part of the "team" that is continuing to monitor and assist in improvements.


With everything said, look for another update sometime next week(end) on where things are at.

- Casey (Pinball Wizard) Founder