gremlin.net

NOW HIRING

Tuesday 19th December 2023

See? It's possible for me to have enough news to add something to the site at least once a week. Ish. If things annoy me enough.
Things are annoying me enough.
So, first of all, I've got an update on Rebelle7Pro. The good news...it's anticlimactic. The bad news is that, if I'd done what I was told [I know how silly that sounds], I'd still be sitting here sorta wishing things could ever work. Because, after I mentioned on EscapeMotion's FanPage thing at facebook.com that I wasn't able to register the software I'd preordered, EscapeMotions responded broadly—though within the thread I'd created—that they knew there were problems and that they'd deal with each customer individually and that, once a customer had EMailed them about the problem, he should never, ever do that again.
So I didn't EMail them again. That day. Or the next day. Or the next after that. Or even the next. But then, yesterday, on the Eighteenth, while I wasn't getting the software to register, I looked at the Help Tab and navigated around to providing feedback. Which I fed back as: It's Day Four of being unable to register Rebelle7Pro despite having preordered it. Another day that no one's even acknowledged that I've reported this problem.
Somewhat surprisingly, despite breaking the rules and effectively EMailing them a second time, that got a response. Which was this:

Hello,

I am sorry to hear you are having these issues. Please try again to verify the license.

If it does not work, please open the Rebelle trial and click the Try button to get into Rebelle first.

Then:

- go to Help > About Rebelle - you will see your email address and a Logout button below it;
- close and run Rebelle again and register using your Community account @Gremlin (gremlin@gremlin.net)

How is it going?

Looking forward to your reply,
Veronika
Escape Motions

So I did all that, and a little more: clicked on Try and found Logout and actually clicked on Logout [that wasn't one of the rules] and, when I restarted Rebelle7Pro and had it ask me if I wanted to Register, Try, or Buy, I clicked Register and it worked this time. So that's the good news, after all.
But then we're back to the bad news....
Not really. The whole thing with Rebelle7Pro is handled. With what little time I've had to look at it, it seems okay. I'll get back to you with more on that when I've got more time.
Because, meanwhile, there's other bad news. Really pretty bad.
Getting to my computer to try getting Rebelle7Pro up and running, and supposing I could write an update about it, I glanced at the site here in FTP. And everything I haven't touched pretty much this year is all showing modifications over the last several hours. Like, all after sunrise yesterday. Around here. In Denver.
Go into the directory for gremlin.net, and it's just empty.
Reload the site in Chrome: it's blank.
So that's neat.
Stared at the blank site. Reloaded it a bit to see if it was just that something had slipped. And then there's this:


I didn't do whatever this is.

Since I'm already in the backend through FTP, I just click on the index.php I never wrote and rename it to hacked.index.php to prevent it from being called in anymore.
Reload the site. It's just a defaulty Coming Soon thing spit out by some serverside inclusion. So that's a problem halfway solv—
The guy renames it back to index.php.
I rename it to hacked.index.php.
He deletes it and adds the same Indonesian desperation, but as index.html.
Renamed to hacked.index.html.
He renames it back.
If you're wondering whether this is my only option, at this point: it is; but, also, I EMailed the SysOps about it and told them what was going on.
That was around midnight.
Went back and forth, renaming and deleting and fighting this loser from midnight until a few minutes ago when I decided to just write this up because I have a couple other ideas. It's not midnight anymore; it's now 5.57AM here.
Also in the last six hours, I've EMailed the SysOps a couple more times, giving them more information they're not responding to. And I tried getting hold of someone I talked to years ago at twitter.com; but that doesn't work if I don't subscribe to some stupid thing meant to make back forty-four billion dollars. So I tried this, at facebook.com, to exactly this result:


It's looked like this for three and a half hours now.

That accomplished [it's the wrong word; but still....], I started looking for any way to talk to these people in the middle of the night. By searching for ways to talk to these people in the middle of the night. Which led mostly to people complaining online that you can no longer talk to these people in the middle of the night.


When I signed up with them, you could.

So that's troublesome.
While I'm looking at people complaining about DreamHost.com, I'm also seeing people over the last couple years mention that they'd given up and bugged out and moved over to BrandX Hosting.
That being a variable, I looked at a few of them. I'm kinda still looking at a few of them. But the point is that I see an obvious option here: just bug out and move to BrandX. Whichever that ends up being.


There's no Dental.

Which doesn't solve the immediate problem. Though, to a degree, I presolved that recently, when I gave up on WordPress. Which leads to more Good News and Bad News.
The good news is that, if this suddenly gets replaced by something Indonesian, it's just hypertext and I can upload it over the graffiti in about half a second. And that'll just be a reminder that No One Wants to Work Anymore.
Because the bad news is that, in looking for anyone I employ [for the fleeting moment] to be awake overnight, I noticed an extra monthly charge and looked up what the hell it was and why I didn't have the option to unsubscribe from it.
Turned out it was a monthly fee for maintaining outdated releases of WordPress.
That I can't unsubscribe from.
Despite not wanting any version of WordPress anymore.
It's incidental. But it tells you the sorta mood I'm in.
So does this, which came in as I was starting to write this whole thing:

Hello,

Ricardo here, thank you for contacting DreamHost support, and apologize for the delay in response! I am happy to help with your query.

I'm sorry to hear you're having these issues.

Having taken a look into the account, I see that multiple websites are currently under the same user 'gremlin'. While hosting multiple sites under a single user is convenient for you it's also convenient for a hacker as it allows them access to all the sites after compromising just one of them. That's certainly what's happened here, as I see compromise in other websites as well. I have double-checked and the malicious processes are not running anymore, however, due to the compromise in the other websites, this is more than likely how this entity is still able to access your files/sites and make changes. As long as the compromise exists on the other sites as well, chances are very high that you will continue to have these issues on gremlin.net.

What I would recommend is to restore the oldest available backup for each of the websites and then once the restore is completed, to move them to their own users respectively.

Please see the following link which will provide the needed steps to move domains to a new user -
https://help.dreamhost.com/hc/en-us/articles/360020605511

To restore websites using the panel please see -
https://help.dreamhost.com/hc/en-us/articles/215768257

Once this has been completed. A full reinstall of WordPress will need to be done to return the sites to a properly working, updated, and secure state. The following link has instructions on how to proceed with the installation in a way that will help ensure there is no data/content loss.
https://help.dreamhost.com/hc/en-us/articles/214823608

If you're not able to access the WordPress dashboard for any reason you'll then want to start with step 3 and return back to step 2 once the install is completed.

When the reinstall is completed and you've confirmed the site is working correctly you'll then want to immediately remove the directory that contains the old files.

If you feel doing the reinstall yourself is beyond your skill or comfort level any reputable WordPress admin/developer would be able to assist you. We also offer a hacked site repair service ourselves which can take care of the reinstall. Pricing for this service starts at $199.00 US and you can request the service via the following link.
https://www.dreamhost.com/pro-services/management/hacked-site-repair/

Lastly, however, you go about getting the reinstall done I would point out that a lot of WordPress compromises we see are due to out-of-date/vulnerable software. That could be WordPress itself, a theme, or a plugin (active or not). So a very easy way to help ensure the site remains secure after a reinstall is to simply keep things up to date at all times. Current versions of WordPress allow you to set your theme and your plugins to update automatically, and we definitely recommend you utilize that functionality.

If you need anything else or have any further questions please reply back and we'll do our best to help further.

So that, after six hours of ignoring me, was the broad solution: victimblaming.
Followed by this, which came in as I was typing the preceding sentence:


It's informative that they equate the LaughReact to Satisfied.

So, no: I wasn't having issues with adding my own index.html; I haven't deleted everything I've uploaded, but kept the website under the same user; I'm not fully reinstalling WordPress why the hell does no one ever learn that....
No. What I'm doing is Now Hiring.
I might go so far as going through and deleting a lot of things, which might be infected; I might give different sites different users, despite once having been warned that I was running too many fakeusers at once, about fifteen years ago; I might roll back to the Last Stable Backup and see what comes of it, just becuase I'm curious. But, overall, and granting that I'm really kinda busy at the moment, I'm mostly gonna think toward starting up somewhere else and just uploading the sort of basic hypertext [what you're seeing now, really] that I can, in the event that someone gets in and deletes it, just reupload in half a second and solve the problems.
I really hate the whole CMS thing. UserFriendly means IdiotFriendly means GeniusHostile. Miss me with that.
Have a webcomic:

More later....
Gremlin

 

Previous | Main