Sometimes when patrons try to get to EventKeeper, they are redirected to a page that says that there is a chance that they are trying to attack the site and they are therefore prevented from continuing. Usually this is seems like an unfair (and annoying) accusation.
First, it's not just paranoia on the part of Plymouth Rocket. We have become a site that is popular enough that we are subject to a nearly constant stream of attacks by malicious hackers. Seriously, hundreds of attacks, every day.
So, it's a problem that we have had to start taking very seriously. And don't worry, it's very annoying to us, too. We don't like the time spent on this aspect of the business.
As a result, we have implemented a number of methods to try and detect and repel these attacks. The problem is that, in some cases, it is very hard to tell an attacker from a valued patron. If you are reading this, we have probably made a mistake in your case. And we apologize for that.
There a couple of instances where we know we will get "false positives" in attack identification. What follows is a discussion of those circumstances and what can be done about it.
Click here.
If you are using Internet Explorer, version 6, clicking on this link will identify you as an attacker. In all other cases, you should be taken to Wingnut's World.
Let's say that you want to take somebody directly to a particular event in EventKeeper. You can include the EVENT ID at the end of the URL and the browser will jump down in the event list to that particular ANCHOR.
For example, clicking on http://www.eventkeeper.com/code/events.cfm?curOrg=WINGNUT&curYear=2010#1543877 will take you to the calendar for Wingut's World and jump down to a relevant event on December 1, 2010. As far as we know, this should work in all browsers.
But what if you don't go directly to this link? The most common scenario is that you don't like such a long link and you create a shorter one using, for instance, TinyURL. Very cool.
So, for example, the link, http://www.tinyurl.com/ekattack1 will take you to that same event IF you are using Firefox, IE7, IE8, etc. But if you are using IE6, the redirection is not done quite right. You'd never notice it in most cases, but with an anchor included, it won't work. Most of the time you might not notice that either, but in this case, it creates a URL that EventKeeper has been told to watch out for. And to be safe, the URL is identified as an attack.
There are several things that can be changed, depending on what is easiest.
1. If you are only getting complaints from just one user, getting them to upgrade to a newer version of Internet Explorer could be the way to go.
2. If you are including the link in a web page where you are displaying only Click Here to the user, then you could not use TinyURL and include the complete EventKeeper URL instead. It's longer but the users won't see it anyway.
3. If you want to change things so you can still use TinyURL and have it all work in IE6, you can add an ampersand before the anchor part of the URL and that will force IE6 to parse it correctly.
For instance, the link above would become http://www.eventkeeper.com/code/events.cfm?curOrg=WINGNUT&curYear=2010? and that should work in IE6 as well as later version.
The new URL, redirected by TinyURL, can be seen at http://www.tinyurl.com/ekattack2.
Sometimes when patrons try to get to EventKeeper, they are redirected to a page that says that there is a chance that they are trying to attack the site and they are therefore prevented from continuing. Usually this is seems like an unfair (and annoying) accusation.
First, it's not just paranoia on the part of Plymouth Rocket. We have become a site that is popular enough that we are subject to a nearly constant stream of attacks by malicious hackers. Seriously, hundreds of attacks, every day.
So, it's a problem that we have had to start taking very seriously. And don't worry, it's very annoying to us, too. We don't like the time spent on this aspect of the business.
As a result, we have implemented a number of methods to try and detect and repel these attacks. The problem is that, in some cases, it is very hard to tell an attacker from a valued patron. If you are reading this, we have probably made a mistake in your case. And we apologize for that.
There a couple of instances where we know we will get "false positives" in attack identification. What follows is a discussion of those circumstances and what can be done about it.
Click here.
If you are using Internet Explorer, version 6, clicking on this link will identify you as an attacker. In all other cases, you should be taken to Wingnut's World.
Let's say that you want to take somebody directly to a particular event in EventKeeper. You can include the EVENT ID at the end of the URL and the browser will jump down in the event list to that particular ANCHOR.
For example, clicking on http://www.eventkeeper.com/code/events.cfm?curOrg=WINGNUT&curYear=2010#1543877 will take you to the calendar for Wingut's World and jump down to a relevant event on December 1, 2010. As far as we know, this should work in all browsers.
But what if you don't go directly to this link? The most common scenario is that you don't like such a long link and you create a shorter one using, for instance, TinyURL. Very cool.
So, for example, the link, http://www.tinyurl.com/ekattack1 will take you to that same event IF you are using Firefox, IE7, IE8, etc. But if you are using IE6, the redirection is not done quite right. You'd never notice it in most cases, but with an anchor included, it won't work. Most of the time you might not notice that either, but in this case, it creates a URL that EventKeeper has been told to watch out for. And to be safe, the URL is identified as an attack.
There are several things that can be changed, depending on what is easiest.
1. If you are only getting complaints from just one user, getting them to upgrade to a newer version of Internet Explorer could be the way to go.
2. If you are including the link in a web page where you are displaying only Click Here to the user, then you could not use TinyURL and include the complete EventKeeper URL instead. It's longer but the users won't see it anyway.
3. If you want to change things so you can still use TinyURL and have it all work in IE6, you can add an ampersand before the anchor part of the URL and that will force IE6 to parse it correctly.
For instance, the link above would become http://www.eventkeeper.com/code/events.cfm?curOrg=WINGNUT&curYear=2010? and that should work in IE6 as well as later version.
The new URL, redirected by TinyURL, can be seen at http://www.tinyurl.com/ekattack2.
522 Direct Link = www.answerkeeper.com/pr_attackPlymouth Rocket Status - Index
Sign up for users is at the bottom.
Plymouth Rocket Status - Index
Sign up for users is at the bottom.
522 Direct Link = www.answerkeeper.com/status