Hidden 8 yrs ago 8 yrs ago Post by ArenaSnow
Raw
OP
Avatar of ArenaSnow

ArenaSnow Devourer of Souls

Banned Seen 4 yrs ago

I don't think it's too likely that roleplayerguild was hit, but if you're on planetminecraft.com and curse's minecraft forums, this may be relevant. This is especially relevant if you're on Discord. A security exploit's been running from September 22nd of last year up to not long ago that, along with other things, might have screwed your password.

github.com/pirate/sites-using-cloudflare

Edit: Roleplayerguild users should also change their passwords. Official report as provided by a below poster:
blog.cloudflare.com/incident-report-on..

Here's a few comments with steps to take.
First, clear all cookies and cached info associated to the affected sites from your browser. Then log back in and change your password. This should take care of your account being a "weak link".

A possible evil-doer would, in this instance, gain access to the still-vulnerable account - so all you could do, they could.

Backuping is always a good idea - might not be an attack, might be server problem, might be anything - easiest for shorter RPs might be to just make an arbitrary dedicated folder on your computer, and then right click on each page of your RP - "save webpage as". HTML works.


For changing password:

@GoddessSophia Go to your profile and press the "edit" button next to your username. You should be able to change your password from the page where it takes you.

or

@GoddessSophia Just use the "Forgot password?" link at the bottom of the login window.


8x Thank Thank
Hidden 8 yrs ago Post by Shienvien
Raw
Avatar of Shienvien

Shienvien Creator and Destroyer

Member Seen 16 days ago

Aha, good, this is now here, too - was not sure whether to post my original notice in bugs/issues or straight in the official news.

This is the CloudFlare official blog notice again: blog.cloudflare.com/incident-report-on..

I can confirm that yes, RPG is affected, and as it lacks some of the additional security features, perhaps even more so than the general leaked resource. There is no possibly about it; most what protects the users of this site is predominantly that it's not "critical" in terms of having transaction info or similar going through on any regular basis - it's not a profitable target, in essence. If someone wanted to pull off a mess just because, not much stopping them.
(Didn't have the time to do more digging in the morning, so just remarked that RPG uses CloudFlare then and thus falls under the broad category of affected resources ... checked that there are bits and pieces out there if you go looking now, though it's pretty much a given with any crawled CloudFlare site at the time being.)

The github link is by no means complete. The number of affected sites runs much, much more higher than that. The github link just lists some of the most prominent ones.
2x Thank Thank
Hidden 8 yrs ago Post by SilverRain
Raw
Avatar of SilverRain

SilverRain

Member Seen 6 mos ago

Would it be a good idea for users to go around and start saving local copies of their RPs? I've backed up mine.
Hidden 8 yrs ago Post by ArenaSnow
Raw
OP
Avatar of ArenaSnow

ArenaSnow Devourer of Souls

Banned Seen 4 yrs ago

I'd say a simple change of password is most likely to take care of any resulting issues, but saving data is always a good idea for roleplays anyways... this site probably won't live forever, after all.
Hidden 8 yrs ago Post by Blizz
Raw
Avatar of Blizz

Blizz Grand Chancellor Supreme of the Wizard Council

Member Seen 0-24 hrs ago

Thank you for spreading this.
Hidden 8 yrs ago 8 yrs ago Post by Shienvien
Raw
Avatar of Shienvien

Shienvien Creator and Destroyer

Member Seen 16 days ago

First, clear all cookies and cached info associated to the affected sites from your browser. Then log back in and change your password. This should take care of your account being a "weak link".

A possible evil-doer would, in this instance, gain access to the still-vulnerable account - so all you could do, they could.

Backuping is always a good idea - might not be an attack, might be server problem, might be anything - easiest for shorter RPs might be to just make an arbitrary dedicated folder on your computer, and then right click on each page of your RP - "save webpage as". HTML works.
Hidden 8 yrs ago Post by GoddessSophia
Raw
Avatar of GoddessSophia

GoddessSophia Broken Girl

Banned Seen 5 yrs ago

Where do you change your passwords? I haven't seen that link anywhere.
Hidden 8 yrs ago Post by Emuxe
Raw
Avatar of Emuxe

Emuxe Addicted to italics.

Member Seen 1 yr ago

@GoddessSophia Go to your profile and press the "edit" button next to your username. You should be able to change your password from the page where it takes you.
Hidden 8 yrs ago Post by Shienvien
Raw
Avatar of Shienvien

Shienvien Creator and Destroyer

Member Seen 16 days ago

@GoddessSophia Just use the "Forgot password?" link at the bottom of the login window.
↑ Top
© 2007-2024
BBCode Cheatsheet