Golden-Road.net
Studio 46 - Non-TPiR Discussion => Technical Support => Topic started by: JayC on July 30, 2019, 03:57:27 PM
-
I received an email saying the Forgot Password function was applied to my account, but I did not do anything myself. Is this just an error, is it just that I was required to change my password, or is it because someone tried to log in to my account? As a precaution I did change my password.
-
I got one too. No idea why.
-
I didn't get one.
-
I did as well.
-
Access to the boards for guests has been temporarily revoked. To access any feature of the forums beyond the login screen, a user must register or log in.
-
Access to the boards for guests has been temporarily revoked. To access any feature of the forums beyond the login screen, a user must register or log in.
Why?
-
Never mind. I just got one an hour ago.
-
I received another password reset email a little bit earlier today.
-
For what its worth, I've banned a lot of spambot accounts lately... not sure if it's related.
-
Another thing: It mentions an IP address in the range of 68.X.X.X, which does not match any of my common locations. If it's not an G-R server address, it's probably the IP where the "clicks" are coming from (though it's wouldn't surprise me if it's coming from more than one computer).
-
Another thing: It mentions an IP address in the range of 68.X.X.X, which does not match any of my common locations. If it's not an G-R server address, it's probably the IP where the "clicks" are coming from (though it's wouldn't surprise me if it's coming from more than one computer).
There are sites out there that can localize an IP address; I'd be rather curious to see what result you got if you ran the IP in question through one of them.
/Related: I got a security alert from one of my accounts last week that someone was trying to get into it with the password-reset function; it was from a country on the other side of the world that I've never even heard of, and because it's not where I log in from every day, it locked the account immediately until I did some things on my phone, and the bad guys never got in...but it's a good reminder that the bad guys are always trying to do bad things, and all it takes for them to do it is one mistake from us.
-
The registration restriction was enacted to test for a few possible security vulnerabilities.
I have no reason at the moment to believe any accounts, passwords, or data was compromised, and will be lifting the restriction shortly.
The 2.1 release of our forum software has hit release candidate 2 and I'm considering their timeframe for release of the final version and the stability of the release candidate to potentially upgrade. 2.0.x is several years old at this point, although security patches have continued to be put out. If my involvement with the site IS being being stepped up (moved to address the security certificate issue today but hit a paywall issue I don't have the credentials to move past), may also look at other forum software options.