Polish users cut off from TalkChess

[Modern Times]

There are issues from the UK as well, but intermittently. When I strike that, I connect to a U.S. VPN and then it is fine. Crazy.

[Rebel]

There are issues from the UK as well, but intermittently. When I strike that, I connect to a U.S. VPN and then it is fine. Crazy.

It's a pattern, it looks like the US is free from attacks and the target is Europe.

[mclane]

Thats why we have to go.

[Scally]

I’m in the UK and am getting this daily:

Forbidden

You don't have permission to access /forum3/search.php on this server.


Al.

[mclane]

Thats a shame

[Eelco de Groot]

I’m in the UK and am getting this daily:

Forbidden

You don't have permission to access /forum3/search.php on this server.


Al.

I wasn't blocked this year, unlike the previous episode. If I don't try to log in can read everything. The forum was just terribly slow a few weeks back, so I just left bcause I had the idea it has to do with the number of users that are active. I could even restore an Avatar. Just posting is difficult because then you are thrown off when you want to submit a message, or for any number of other reasons it seems. Why I don't know, but it is not blocking known IPs I think, just when you log in. But today posting this message I did not get thrown off, could submit without hassle and edit , hurray (you lower your expectations after a while)

[flok]

I'm a bit sceptical about this hacker.
Why on earth would someone try to hack a website selling chess-stuff?

[Ras]

Why on earth would someone try to hack a website selling chess-stuff?

Hacking attempts go automated via bots these days. Even I see a lot of attempts to get access to my Wordpress installation - which fails of course because I don't use Wordpress in the first place.

Some possible benefits of hacking a small chess shop:
- Gaining access to customer data for all kinds of fraud
- Blackmailing the owner (ransomware, threatening to publish data and destroy the website reputation)
- Injecting malicious scripts to attack website visitors
- Adding the server to a botnet for DDOS attacks
- Abusing the associated mailserver for spam
- Abusing the storage for illegal content.

[flok]

Why on earth would someone try to hack a website selling chess-stuff?

Hacking attempts go automated via bots these days. Even I see a lot of attempts to get access to my Wordpress installation - which fails of course because I don't use Wordpress in the first place.

Some possible benefits of hacking a small chess shop:
- Gaining access to customer data for all kinds of fraud
- Blackmailing the owner (ransomware, threatening to publish data and destroy the website reputation)
- Injecting malicious scripts to attack website visitors
- Adding the server to a botnet for DDOS attacks
- Abusing the associated mailserver for spam
- Abusing the storage for illegal content.

After I wrote that post, I got a 403 (writing this via a proxy).
Ok so I'm a hacker apparently.
I wonder then why I still have access to chessusa.com (just checked).

[smatovic]

I am not aware what happens behind the scene, but I guess our sponsor performs a site migration to the CDN and DOS protection provider
Cloudflare. If you do an traceroute you will see that talkchess.com is hosted meanwhile behind Cloudflare at your local provider's CDN server and chessusa.com in the US via Amazon. The actual hosting of both sites might still happen on the same machine or not, with Cloudflare as proxy in front of it for TC. Maybe talkchess.com is currently under DDOS, dunno, according to netcraft TC is on rank 89620 of all websites, so it might be a site of interest for hackers. Since the shift to Cloudflare I get frequently logged out, and TC moved to https, hence I guess the site migration is yet not comlete/perfect. I don't get quite why there is still IP blocking or 403 Errors going on with Cloudflare as front-hoster, in my understanding this should not happen. Again, this is all just my speculation, I am not involved in this.

--
Srdja