cathal connolly wrote:
Paul, by my count at least half a dozen of our staff have been trying to help you, consuming something close to 30hrs in (free) support time. I myself have spent a number of hours examining your IIS logs and sending email responses - of my emails my last two (sent Tue 15/07/2014 22:56 &
Wed 16/07/2014 20:29) have yet to receive responses. I am confused as to your expectations of free support, and then when I offer it (as security team lead) you seem to not take advantage of it.
No one enjoys the situation that we are in at the minute, and we are working hard on resolutions towards it. Whilst a number of people have been affected (i.e. sites that offer public or verified registration), most have found the workarounds at http://www.dnnsoftware.com/community-... to be effective and allow them to continue working whilst we finalise a solution to this with the 7.3.2 release.
Cathal,
I did receive one email from you today and have tried implementing your suggestion from
http://www.iis.net/learn/extensions/u...
However, this has done nothing. Our problem is that the bots are continuing to try logging in to over 100,000 profiles that don't exist anymore.
We've stopped their ability to register. We've made all profile pages Admin view only to prevent google from indexing the spam links, we've setup redirects in IIS and also tried your suggestions, but still NONE has helped. We even stopped IIS logging for awhile, no help. We blocked the entire country of China, no help. We still are getting 275+ login attempts every single second.
If my post came across as ungrateful, then I failed to write it correctly. I'm grateful for your help. However, (for the sake of a comparison) my house has a HUGE flood in it, and all of the plumbing was built and developed by DNN. Now all my furniture is soaked in water, and is destroyed, my sheetrock walls are falling down and my appliances are floating away.
None of this flood was created by a mistake I made. It happened due to a security leak that was broken by the builders of my home (DNNSoftware.)
My requests to help me save what little is left of my home, what pays my bills, what feeds my kids, what keeps my lights on is not unreasonable to ask of the people who built my house. My posts simply states that if I can't get my builder to help me build my house, then maybe I need another builder. I've been spending money on DNN products for years. I know I'm not a huge spender, but I just looked at my order history and have 200 purchases on Snowcovered/DNNStore. I believe that I've been faithful. I'm just asking for help to keep my lights on. If that sounds ungrateful, it's not meant to be. It's a cry for help in an emergency. I cannot work, I'm losing clients, all of which is occurring due to no fault of my own and I've spent 12-16 hours a day for a 2-3 weeks now trying every single solution that you, this forum, your support staff and anyone else has offered.
None one single thing has helped with my memory overload. I stopped the registrations, deleted the accounts and password protected the profile pages weeks ago when I first saw this happening. Now, I need to get my memory back. My biggest clients are threatening to leave me due to slow loading sites and my server specs aren't bad. They're probably better than most.