Well, folks… Someone swiped (spoofed) the IP address of a big, famous (and therefore unlikely to be filtered out) technology company and used it to pound our database server to smithereens yesterday. No one got in and no internal data was accessed. It was basically just keeping our server too loaded up to respond to normal users – also known as a Denial of Service Attack. As of now, everything is turned back on, and server loads look totally normal. Please let me (Jim) know if you have any trouble accessing anything on our site. My email is on the footer of every page.
There are three legs to getting web information to you. The first is our site, which is fairly complicated machine under the hood. This allows us to organize information more easily, and to translate the presentation depending on what kind of browser or device you are using to view it. The second is our host, who operates the server you talk to when you access our site. We pay for enough performance to get you the information, and they make sure the information is somewhat protected and delivered quickly. The third is the internet at large, which goes through lots of steps from here to you, and is subject to all kinds of bad actors trying their best to wrestle money out of the network at both our expenses, finally filtering through whoever you pay to deliver the internet to your computer of device.
When something goes wrong, we have to check all of those things in that order. Is the machinery of our site running haywire for some reason? Perhaps a new update has a bug. That means that we turn everything off and see how the server responds. Then we and our hosting company check everything about the server itself to see if something is misconfigured, or the server itself has a bad software update. In this recent case, it was the internet at large causing the problem. Let’s just blame the Russians. That seems popular.
For our part, we take the security aspect very seriously. Our site runs security on 8 levels, counting the two that are part of our hosting package. When you make a purchase, you can add all of the PayPal security mechanisms on top of our local security. It’s tight. All of this to say that we will always err on the side of caution, even if it takes the site down for a day. As always, thank you for your patience, and thank you to those who let me know things were amiss. More information is always a good thing.Share This: