Moderators: carlson1, Charles L. Cotton
Cert looks goodCharles L. Cotton wrote:I forgot it was on a secure server. I bet the SSL has expired.bentcursor wrote:Thanks for the suggestion - typing https://www.tsra.com/" onclick="window.open(this.href);return false; takes you to the site.
Chas.
Actually, IDCSoft doesn't have any data centers, but they use facilities provided by Savvis, iAdvantage, and Equinix. As a shared hosting provider, they get to piggy back off of the infrastructure provided by these DC providers without incurring the capex of building one out themselves. A LOT of providers do this and it's quite common. IDCSoft makes their $$ off of squeezing as many customers as they possibly can on to one server. It's a compromise though as you are in a "multi-tenant" environment (fancy word for shared) and if an offending IP is compromised, it can trickle down.Charles L. Cotton wrote:Icdsoft has data centers in Boston, Hong Kong and somewhere in Germany. Unless TSRA changed hosts, they are using Icdsoft.
Chas.
Their SSL expired a little while back, and they called me asking what to do. I said "renew it."pbwalker wrote:Cert looks goodCharles L. Cotton wrote:I forgot it was on a secure server. I bet the SSL has expired.bentcursor wrote:Thanks for the suggestion - typing https://www.tsra.com/" onclick="window.open(this.href);return false; takes you to the site.
Chas.
I'm happy to help out the TSRA team with any tech questions...I've spent the past 8 years in the Hosting industry, so I've seen the good, the bad, and the ugly.
The Annoyed Man wrote:Their SSL expired a little while back, and they called me asking what to do. I said "renew it."pbwalker wrote:Cert looks goodCharles L. Cotton wrote:I forgot it was on a secure server. I bet the SSL has expired.bentcursor wrote:Thanks for the suggestion - typing https://www.tsra.com/" onclick="window.open(this.href);return false; takes you to the site.
Chas.
I'm happy to help out the TSRA team with any tech questions...I've spent the past 8 years in the Hosting industry, so I've seen the good, the bad, and the ugly.
"Oh."
The SSL cert is current.
Looking at the search results it looks like somehow a BUNCH of spam pages were inserted in Joomla at one time and they are in the Google index.Charles L. Cotton wrote:I don't have anything to do with the TSRA site, but here is a link to Google's warning. http://support.google.com/websearch/bin ... CHwQpwgwAA" onclick="window.open(this.href);return false;
I've never seen such a warning before. It's interesting that Google makes such a claim without giving the facts to justify scaring people away from a site. I wonder if it has anything to do with it being a gun-related site?
Chas.
I have Joomla administrator access and I just took a look, and there are no such article ID numbers, either in the Article Manager, or in the Article Trash. One of the link references is to a product ID number in the Virtuemart Cart, but when I checked for any product by such a number, there was no such product ID in the system. Since all of the data accessible from the administrator panel is current and none of what is accessible from the panel contains any meta data to match what is showing on Google, I can only conclude a couple of things. One possibility is that someone used (I'm not sure how) a script to inject some SQL into the database, which is in turn being called to by a malware file that was deposited on the server somehow. Another possibility is that one of the existing Joomla script files got corrupted with malware somehow, and it injected some data into one of the mySQL tables.92f-fan wrote:Looking at the search results it looks like somehow a BUNCH of spam pages were inserted in Joomla at one time and they are in the Google index.Charles L. Cotton wrote:I don't have anything to do with the TSRA site, but here is a link to Google's warning. http://support.google.com/websearch/bin ... CHwQpwgwAA" onclick="window.open(this.href);return false;
I've never seen such a warning before. It's interesting that Google makes such a claim without giving the facts to justify scaring people away from a site. I wonder if it has anything to do with it being a gun-related site?
Chas.
The cache view shows what Google indexed off those pages
As TAM mentioned if they are running out of date Joomla they likely got compromised. IMO Has nothing to do with Anti gun sentiment. Has nothing to do with the web server its on. Its simply failure to keep the software up to date .
See screenshot for cache of what google found
"This is Google's cache of https://www.tsra.com/index.php?option=c ... Itemid=105" onclick="window.open(this.href);return false;. It is a snapshot of the page as it appeared on Jun 29, 2012 04:04:35 GMT. The current page could have changed in the meantime."
http://webcache.googleusercontent.com/s ... =firefox-a" onclick="window.open(this.href);return false;
Looks like the header was compromised some how - or the spam content was inserted ABOVE the real page content
Joomla admin could look for article 109 item 105 and see if that i still a problem
unfortunate that they are changing to an expansive host simply because the admins didnt keep the free software updated
Not exactly a perceived anti gun stance as much as a documented anti gun stance:92f-fan wrote:
Im disappointed that folks here think that Google due to the perceived anti gun stance some how fabricated all this....
So business decides it doesnt want to promote the sale of weapons.74novaman wrote:Not exactly a perceived anti gun stance as much as a documented anti gun stance:92f-fan wrote:
Im disappointed that folks here think that Google due to the perceived anti gun stance some how fabricated all this....
http://www.thefirearmblog.com/blog/2012 ... s-results/
Its likely because that category of products have caused them more problems than others. And they don't want the liability.Google Shopping should be compatible with Google's brand decisions. Google Shopping must be compatible with company brand decisions. Our company has a strong culture and values, and we've chosen not to allow ads that promote products and services that are incompatible with these values. In addition, like all companies, Google sometimes makes decisions based on technical limitations, resource constraints, or requirements from our business partners. Our policies reflect these realities.
There is member information stored in Paypal, but as far as I know there is none on the server, other than a username/password record.92f-fan wrote:Im disappointed that folks here think that Google due to the perceived anti gun stance some how fabricated all this....
The warnings are there to protect the tech innocent .... Not to promote some political stance....
Edit - one open question is does the TSRA store and member info on that server ? Was it compromised also ?
Yes, but versions 2.5.5+ deal with that vulnerability, and the TSRA site is a 1.5.20 site.DocV wrote:A Joomla 1.6-1.7-2.5 privilege escalation vulnerability was announced in mid-March. The site seems clean now.
These attacks are typical of the rogue pharmacy criminals.
Please Support the N.R.A. 
