Uncategorized

Brute-Force Attack

If you visit Rare Puzzles often, you surely noticed that the website has been down for maintenance for several days. We have gone through a brute-force attack.

When you visited the website on May 25th, you could only see a white blank screen. It is the White Screen of Death, and most webmasters are quite familiar with it. The software we use to build our marketplace has multiple components or plugins. Their interactions and updates sometimes cause glitches and malfunctions. No big deal. In most cases, we can identify and solve the problem easily.

We isolated the source of the problem and the website was up and running in a short time. However, one of our regular visitors (thank you, Elke) noticed something weird when browsing the site. Her virus protection program blocked what looked like a scam website that popped up while scrolling Rare Puzzles. Everything looked normal from our side and the initial test showed that the website was clean. However, we closed the site in order to investigate further.

That’s when we detected that Rare Puzzles was being the target of a brute-force attack. They were trying to get access to a few vendor accounts and, above all, the Administrator account, with thousands of login attempts from multiple IP addresses worldwide. The security audit showed that they were not able to get access, but we took some preventive measures anyway.

Strong Passwords

First of all, we set a strong password for the accounts that were the target of the attack, just in case. After that, we ran a program that analyzed the quality of the passwords stored within the database. Although all passwords are encrypted and we cannot actually see them, the program could detect if it is was a weak password (easy to crack) or not. We found a few accounts with weak passwords and set strong passwords as well.

But why would a hacker want to break into the account of one of our users? We keep wondering. After all, they could register for free and create their own account by themselves. But, if you have a weak password, chances are you might be using the same password on other accounts. Perhaps even in the email account you used to register on the website. And what could happen if they accessed your email account? That’s why it is so important to use strong and different passwords in your different accounts. A password manager is a very useful tool and it can become your best friend.

Firewall

From now on there will be an extra layer of security in order to log into your account. If you try to log unsuccessfully several times (3), the system will lock you out for some time (24 hours) until you can try again. This is a small personal inconvenience that increases the security of the website. It also reduces drastically the possibility of bots and hackers trying to get access to random accounts at Rare Puzzles. And remember that if you have trouble logging in, you can always reach out to us at [email protected].

Finally, we have now placed Rare Puzzles behind a firewall service provided by Sucuri, which is one of the best security companies for WordPress sites like ours. Attacks will now be blocked before they reach our servers, while the legitimate traffic can pass without trouble. They will also monitor the website daily in order to detect spam or malware that uninvited guests might want to place within our code. One of Sucuri‘s developers has been assisting during these days in order to configure everything properly, but there are still a couple of very technical (albeit not urgent) things that need to be set in place, so it is likely that in the next few days you will still see the We’re down for maintenance sign every now and then. Being puzzle enthusiasts, we take your patience for granted, but we appreciate it very much anyway.

Thank you very much to the different users that emailed us letting us now that they couldn’t access the website. That way we could react much faster. Our apologies to the few users that got their passwords changed as a preventive measure, since they will have to set a new password now.

And thank you all for your support.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.