GopherHole has been hacked

[Plato]

When I enter through the web site and click on 7 National Titles I am directed to adware
When I google "Gopher Hole" Google tells me the site has been hacked.
If I enter directly at 7 National etc it works.
I know this is not football related but is the only way to alert the administrators.

 

[swelna]

I messaged them about this a few days ago and got no response... At least it's easy to close the tab that opens up but still, expect some sort of response from them.

 

[A_Slab_of_Bacon]

operateoriginalheavilyapplication

That's a fun domain name.

 

[GopherHole Staff]

Thanks for the heads up. We just alerted our IT guys and they are looking into it now.

 

[MplsGopher]

I noticed a while ago that the main link, that used to bring me to the main forum page didn’t work anymore. But the link directly to the football forum still works. So I started using that one.

If you put www.forums.gopherhole.com or www.forums.gopherhole.com/boards , it sends you to /forum.php which the server declares is not an accessible resource.

But if you put the correct board addresses it’s fine. Although there is a security warning, I just assumed something wasn’t setup correctly with https.

 

[Section209]

About a week ago my server security system started blocking malware attempts every time I came to gopherhole. Never happened before that.

 

[A_Slab_of_Bacon]

About a week ago my server security system started blocking malware attempts every time I came to gopherhole. Never happened before that.

That was that guy from Wisconsin posting....

 

[forever a gopher]

I tried going directly to the football forum on my work computer with the same results as the past few days (blocked). I’ve had no problems accessing on my phone, so I’ve just been doing that.

 

[NorthernLakesGopher]

About a week ago my server security system started blocking malware attempts every time I came to gopherhole. Never happened before that.

Same here. My firm has now blocked the site. I have to use my phone now.

 

[Taji34]

I hope GopherHole maybe takes this as an opportunity to move to https:// rather than http://. It may help prevent future problems.

I have set up a personal website before though, and know the process to go from http:// to https:// can be really difficult, so I would understand if they didn't.

 

[MplsGopher]

^^^ probably because something is wrong with the https (secure) connection. Maybe a certificant went obsolete, or who knows. Something is fouled up with it.

When logging in on my computer, Firefox says "Connection not secure"

 

[MplsGopher]

I hope GopherHole maybe takes this as an opportunity to move to https:// rather than http://. It may help prevent future problems.

I have set up a personal website before though, and know the process to go from http:// to https:// can be really difficult, so I would understand if they didn't.

I cannot type in "http://www.forums.gopherhole.com" , it forces the browser into https mode.

 

[#2Gopher]

Same here. My firm has now blocked the site. I have to use my phone now.

Work productivity has gone way down due to texting and the internet. I can see why they blocked the site.

 

[MplsGopher]

The main www.gopherhole.com page works fine in https mode. Firefox says "verified by Cloudflare, Inc." It only shows the insecure connection warning when you go to the forums.

 

[MplsGopher]

Work productivity has gone way down due to texting and the internet. I can see why they blocked the site.

Not to derail the thread or anything ... but productivity goes way down if you just sit there like a drone for 8-9hrs a day with no breaks.

Your mind needs breaks, constantly, if you hope to keep your productivity at a fairly high level all day long.

 

[Taji34]

I cannot type in "http://www.forums.gopherhole.com" , it forces the browser into https mode.

Ah, I hadn't noticed that. However, my browser reports it's "Not secure" which means something is still not right I believe.

 

[Plato]

I am very, very cautious about malware.
But I admit I did try the update said to be needed and got a bunch of malware that Malwarebytes. removed.

 

[hungan1]

Virus is everywhere.

 

[alchemy2u]

damn Covid...

 

[TNGophfan]

Had same issues. Appears they have fixed problem. Thanks

 

[JMGIII]

I hope GopherHole maybe takes this as an opportunity to to https:// rather than http://. It may help prevent future problems.

I have set up a personal website before though, and know the process to go from http:// to https:// can be really difficult, so I would understand if they didn't.

Https has nothing to do with protection of the web server. Only 3rd party validation of the server identity, and encrypting the communication with the client.

 

[matt]

Not to derail the thread or anything ...

That has never stopped you before, why let it now?

 

[Taji34]

Https has nothing to do with protection of the web server. Only 3rd party validation of the server identity, and encrypting the communication with the client.

Right, but would it not protect from Man in the Middle attacks? While I am not very educated in cyber security, that's what it seems like is happening in this instance since only the home page seems effected.

 

[MplsGopher]

All of the forum pages still report as "not secure", on my Firefox browser.

They did indeed fix the issue with being directed to /boards/forum.php when you enter forums.gopherhole.com or www.forums.gopherhole.com . Thanks!

 

[MplsGopher]

@GopherHole Staff

Is anything further going to be done about the https issues with the forum pages, at this time? Not a criticism or judgement, either way. Just wondering, thank you!