So what exactly happened to the server anyway? I went to the board one night and found that the server was down, several hrs later it was backup and seemed to be ok. I checked the board the next night and the server was down for good. A few days ago I saw that the main site was back up but that the boards were still down.

Ok, full story. If there is anything unclear, ask.

Prologue: On August, 29th, someone exploited a security hole in the server and got access. Instead of the usual 'funny' deleting-everything-move, he/she/it used the server for attacks on other computers. Portscanning, DoS and so on. The hosting company unplugged the server for AUP violations (rightly so).

1st Stage: I'm under suspicion to have used the server for hacking activities. Talking to the people at Rackshack (the name of the hosting company) in every free minute, trying to convince them this happened without my approval. Eventually, they believe me and run some tests on the server. What I told in the prologue is revealed.

2nd Stage: The standard way to go after a server has been compromised is to wipe everything from it and reinstall the OS from the scratch. At least it is for these hosting companies. For that, they need my approval though since according to the contract I had with them, the data on the server belongs to me. I don't immediately give it to them because there are some databases on the server which have not been backed up (this forum was just one). I'm proposing several ways to them how to solve this situation: they could plug the server back in for five minutes with just Apache running (eliminating the risk of any exploit since this would require Shell access), they just activate Shell access and just for the root user (i.e. me) or they just make some quick backups of these five databases themselves. All declined. When I still didn't want to give in, the following compromise was reached: they reinstall the complete OS on a new hd (so that the user base, the sites configuration and so on is gone and the server is thus safe), but install the old hd as a secondary drive to the server. That was supposed to count as a regular hd upgrade and would be billed as such.

3rd Stage:: The server comes back up, I start working on installing things again, created user accounts from the scratch and last but not least got TGOD running again (it has been online almost all the time btw - just under an URL you didn't know ). In a free minute, I checked the secondary hd in the server and discover it is empty. No data on it! I contact technical support immediately telling them they must have put in the wrong hd and that they should replace it. They claim it's the correct one and that the data has probably gone corrupt in the server attack (which is bullshit because I was online at the time they pulled the plug, I was logged in and everything was working fine). I told them I would not pay for a hd I didn't order, they ignored that, I told it again, they ignored it, I told it again, they ignored it and billed my credit card.

4th Stage: I didn't really see any reason to pay for a service Rackshack hadn't delivered (they couldn't fulfill my order, so they shouldn't get any money for it). So I contacted my bank about declining that payment. They told me this wouldn't work in advance, but I could claim the money back after it had been transferred to Rackshack. Not very satisfying, because as soon as such a company has the money, it'll be even harder to get it back. I contacted Rackshack's billing department now, writing a lengthy e-mail explaining why I will not pay these bills placed on me. Two days later (i.e. on September, 4th), I still hadn't received any answer. I went to their 'chat support' (which I usually despise, but I had to get their attention somehow) and got hold of some customer service person who was responsible for billing. After about an hour of live-arguing, still no solution was found. They insisted on billing me for something I hadn't ordered. To make my next move understandable, I have to add that the current billing period ended on the 4th, i.e. on the day I spoke to this support person. The bills were placed for the next period, starting from the 5th. I had tried everything up to threatening to sue them without any effect, so I cancelled the contract with the alltogether. That way, they had to take the bills back anyway.

Epilogue: I quickly organized this hosting we're on now, started to configure everything and so on and so on. The problem was just the domains: DNS updates take up to 48 hours to spread worldwide! So the site was in fact never down, only the domains were still pointing to the old server which had been taken offline. Rackshack's final blow was that they took down the server only one hour after I had told them I'll cancel the contract. That was approximately 11am their time - I had paid for the whole day. This way, again some data was lost (because in New Zealand, it was night)... As for the board, I searched and searched for a halfway-decent backup - that is why it took so 'long'. Without success

Thank you for the lengthy explenation, and I'm sorry if I bugged you while you were stressing out.

I don't blame you for stressing out either, it really sucks having a server go down on you, but it's much easier to deal with when it is in your own home, unlike your situation where you have a server in America that has to be accessed from Germany.

Well, yes, if I had had direct access to it, it would have been a matter of one day max

Yes, yes it would have.

{Makes mental note never to use rackshack hosting services.}

New Developement: This month's credit card bill was extraordinarily high, so I went to my bank today to get a list of all the exact charges. As I had suspected, Rackshack has not taken back the bills they had promised to cancel, but billed me with yet another month for the server (starting with September, 5th). I've told my bank to get that money back, citing the 'confirmation number' I got when I cancelled the contract. Let's see what comes out of this

The conclusion out of this is clear: I cancelled the order of a new file server I had already being set up again. With these latest unjustified bills, I'm in the red and won't nearly be able to finance any downloads in the near future.

Edited by Mr Creosote at 05:00 on September, 12th 2002

Boy am I glad my host although very busy tries to help me whenever he can and for free may I add.

Hope you get this sorted soon.

Bust their ass, Mr Creosote.

Tuss

Newest developement: my bank has claimed the money back for me and it worked, but I will only get it with next month's credit card bill - for whatever reason. It's annoying that they took the money away from me for a whole month, but I'm really tired of this, so as long as I get the money back then, I'm satisfied.

As for financing a new server for downloads, I'm not sure yet. I somehow enjoy the 'easy' situation as it is now - no worrying about money, no stupid technical questions, no legal risk. Sure, my site's average number of visitors has decreased by 50%, but who cares? Oh well - I have one more month to decide

Good to hear that you got your money back (or are going to... as long as you get it, tenses aren't that important )

After conferring mainly with Tapuak and my host, I've decided to bring back the downloads, but not as it used to be. The traffic and thus the costs got so much out of hand lately that it is impossible for me to continue like that. For The Good Old Days, this means the following: Downloads will be restricted by size and system. For the PC section, there will be only downloads smaller than 1 or 2 MB (exact numbers aren't decided about yet), for the other sections (those being less popular and thus less bandwidth-consuming in general) a bit higher. These borders will be subject to constant changing when I see the site is still using too much or 'too little' bandwidth. Seeing that the biggest downloads were also the most popular ones, that should cut down the costs drastically.

As for the hosted sites, I've given the webmasters the choice to pay for their own bandwidth (taking advantage of the same cheap deal I have made with my host) or stay without downloads (both options a bit more complicated, but that's not important here). None of them has decided yet (or at least they didn't tell me their decisions).

As I told you, for now, 21st Century Oldies will stay without downloads. There are three main reasons for this:

1. Until I get a permanent visa and thus at least some job security, I am not willing to donate money to freeloaders.
2. I've got much more freedom to decide which games to add, without the downloads. With downloads, I've been getting lots of nasty e-mails about not including certain downloads, so I tried to avoid adding games that people could not download before. As a pure review site, all games would be on equal footing.
3. I am very excited about the new features on the site. Mr Creosote is very helpful trying to teach me how to handle MySQL and php. The site will be database driven, which will allow me to add lots of new content, while keeping the site structure very simple.

Considering the fact that all my downloads (with the exception of one or two) are available on other abandonware sites, I will most likely link to abandonware search sites from the game pages.

As I understood it, you just said you wanted to stay without downloads until you've finished your scripting and then decide again. To which I answered there won't be a file server until October, 10th anyway

So anyway, I'll think of some things concerning advertising (as we talked about) then.

My money has arrived, server has been ordered. I don't know how fast it'll be set up, so don't expect downloads to be up again tomorrow As mentioned before, there will be less downloads. For a start, I made a size limit of 1.5 MB for PC and 3 MB for Amiga, SNES and HOF (these sections are a lot less frequented and the files are downloaded a lot less, thus the difference). No limit for the C64 because the games are all tiny anyway. In theory, that would be 3 MB, too, so if anyone can show me a game for that system which is bigger, I'll implement the blocking into the script

The purpose of this is of course to decrease bandwidth usage which has grown too much, especially over the last few months. I'll watch the development for a month to see how good these (relatively randomly) chosen limits work and then reconsider to adjust them. This can be in both ways of course.

I support your decision 100%.

Tuss

Damn! What I wanted to hear is something like this: "you suck gimme my d/l's"

You suck! Gimme my d/l's!

Doesn't sound believable - you used puntuation and correct capitalization (as opposed to for example aLtErNaTiNg CaPs or completely random choice).

yousuckyoufreakinmofo!!!gimmemyfriggindownloadsNOW!!!

Is that more believeable?