# Was Arboristsite Hacked? Is Arboristsite Down?



## StihlRockin' (Oct 3, 2013)

Ok, from a SEO professional,(look it up) I'm typing this along with a legitimate concern...

We know this site was hacked and would like to know what happened and what has been done(without revealing important info) as to what has been done to secure it in the future?

I "StihlRockin' ", personally LOVE this site. I'm starting this thread so that our members can really get a grasp on what happened and learn "where" we can go if this happens again... instead of another forum!

I ask the management to please accept my post so that the search engines can find us to learn what happened why arboristsite.com got hacked or why arboristsite.com was down(google stuff.. LOL!) and offer a place that is a one-stop-shop or conglomerated place where we can gather to get a "fix" on wtf took place! You feelin' me?

Anyway... I was having an "Arboristsite" moment and wanted to ask y'all a question and about had a fit when I couldn't access the %[email protected]*%! forum!

Can someone give us a concrete explanation to as what went wrong or what happened?

Personally I'm very happy I can access the forum again, but for present and future reference, would like to know the situation, etc, etc.

Thank you very much for allowing me here on this fine forum and to learn and edumucate myself in the fine art of wood, trees and everything in between!!!!!!!

They call me...
*
StihlRockin'*

P.S. "Management, iffen you have problems or questions about my post or questions, I mean no harm and feel free to contact me about my intentions... which are only meant to clarify my fit. LOL!"


----------



## Gologit (Oct 3, 2013)

StihlRockin' said:


> Ok, from a SEO professional,(look it up) I'm typing this along with a legitimate concern...
> 
> We know this site was hacked and would like to know what happened and what has been done(without revealing important info) as to what has been done to secure it in the future?
> 
> ...



Have patience. They're working on it.


----------



## Toddppm (Oct 3, 2013)

I think all of those link spammers I keep reporting finally got pissed off enough to gang up and shut us down


----------



## mckeetree (Oct 3, 2013)

My computer seems to have picked up some sort of malware from that linkbucks deal.


----------



## Gologit (Oct 3, 2013)

mckeetree said:


> My computer seems to have picked up some sort of malware from that linkbucks deal.



Some of the other guys have said the same thing. I ran Norton on mine and it came up clean but I'm no computer genius and I wouldn't have known otherwise.


----------



## StihlRockin' (Oct 3, 2013)

From my side all is well. And I'm not necessarily asking this on my own behalf, but for Google to pick it up and for our users to know what's going on. When I couldn't get here, instead being redirected to another page, I had to find out the problem by going to a different forum.

If Arboristsite had a brother site that can be used as a temp back-up in the event this site crashed or got hacked, etc, at least the members could know what's going on and where they can re-group instead of being refugees having to go to a different forum. It's simply a preemptive plan in case of something similar happening again. I once had the fastest growing forum in another industry/venue, so I know a bit about these concerns.

*Stihl*Rockin' :msp_smile:


----------



## Grouchy old man (Oct 3, 2013)

> My computer seems to have picked up some sort of malware from that linkbucks deal.



Don't know about that but I didn't like what I saw. So I blocked linkbucks at my router so they can't bother anything on my network. Arboristsite will only load to the point it gets redirected to linkbucks then nothing. I too would like to know what's going on and how they are getting into the site. I'm an administrator for another unrelated site and can understand the frustration. After all of this I probably would want to make somebody pay for messing up my site.


----------



## Darin (Oct 3, 2013)

I haven't been getting the redirect today. Let us know if you see it again. Huge relief so far. You can't sue somebody when you don't know who is responsible.


----------



## Mastermind (Oct 3, 2013)

Darin said:


> I haven't been getting the redirect today. Let us know if you see it again. Huge relief so far. You can't sue somebody when you don't know who is responsible.



The settings page is blank, and email notifications are random at best......


----------



## Mrs. ArboristSite (Oct 3, 2013)

Mastermind said:


> The settings page is blank, and email notifications are random at best......



Yup...same issues I am reporting on the fan page. https://www.facebook.com/groups/56478707772/


----------



## pdqdl (Oct 3, 2013)

Yep. My settings page is blank, although it was working up until yesterday.

If it helps, I have not had any problems with the previously mentioned redirects; probably because I have a strongly edited host file that prevents many of those from working.


----------



## KenJax Tree (Oct 3, 2013)

There is no place for me to sign in all i see in the right corner is 'register' and 'facebook'


Sent from my AutoTune carb


----------



## Darin (Oct 3, 2013)

KenJax Tree said:


> There is no place for me to sign in all i see in the right corner is 'register' and 'facebook'
> 
> 
> Sent from my AutoTune carb



Thanks for bringing this to my attention. From your PC, hit www.arboristsite.com/search.php and it will bring you to a login page for now.


----------



## roundhead (Oct 3, 2013)

Darin said:


> Thanks for bringing this to my attention. From your PC, hit www.arboristsite.com/search.php and it will bring you to a login page for now.



I was able to login this morning through tapatalk app on my phone


----------



## 802climber (Oct 3, 2013)

I just got the linkbucks thing within the last hour.

I went and blocked their site in my router settings.

So far so good.


----------



## KenJax Tree (Oct 3, 2013)

I just got linkbucks again


Sent from my AutoTune carb


----------



## jefflovstrom (Oct 3, 2013)

This ain't fixed,,,


----------



## KenJax Tree (Oct 3, 2013)

jefflovstrom said:


> This ain't fixed,,,



All the newbs you've bullied have teamed up for revenge.


Sent from my AutoTune carb


----------



## 802climber (Oct 3, 2013)

I wish whoever it is would find something better to do.


----------



## tree MDS (Oct 4, 2013)

jefflovstrom said:


> This ain't fixed,,,


----------



## yoyoman (Oct 4, 2013)

jefflovstrom said:


> This ain't fixed,,,




My current settings to get here.
I'm sure the owners are searching for ways to illuminate the malicious Java redirects. 
There are company's that will bid on the process of cleaning the site as well.
I wish them well in getting this fixed.
In the mean time.......




.








Note: The * is a wildcard used to substitute anything the hackers may use to obscure the linkbucks site. In other words, anything before linkbucksDOTcom will be included in the block.


----------



## yoyoman (Oct 4, 2013)

mckeetree said:


> My computer seems to have picked up some sort of malware from that linkbucks deal.


 If you are going to play (internet) you need protection because if you don't get something here you are going to get it somewhere anyway.


----------



## mckeetree (Oct 4, 2013)

yoyoman said:


> If you are going to play (internet) you need protection because if you don't get something here you are going to get it somewhere anyway.



Using Norton. Still got it. There is a lot of that adware Norton won't touch and even Norton will tell you that.


----------



## zogger (Oct 6, 2013)

mckeetree said:


> Using Norton. Still got it. There is a lot of that adware Norton won't touch and even Norton will tell you that.



Security is in layers. there is no one single solution. Analogy-you don't drive a car however you want in traffic because you might have airbags. 

Anti virus software is by nature after the fact of malware being used someplace, they use virus definitions. There is some predictability, but..

You need active on your part javascript control at a minimum.

this is easy to use and quite effective

http://noscript.net/

Those of us who use it never see the redirects. Right now this second I am still seeing the site is infected as one of the numerous potential redirect domains, called any dot gs, is here on the site, and was automatically blocked by noscript, as I have the entire site blocked from executing scripts. I surf all the time default javascript blocked and have learned (and it doesn't take long) which domains to temporary allow in order to get content that might require it. 


I allow *no domain* to have permanent javascript access. never. Temporary only, only for what I might need right then, then back off. 

I knew this site was vulnerable a long time ago when i first joined and had to make a descion on allow/not allow. Once in awhile I allowed, but mostly I didn't. 

vBulletin makes a nice forum, but I never trusted it as per security. It is too juicy a target (very very large user bases on hundreds of thousands of forums) and relies on active scripting all the time.

I was right.

Use noscript, it helps a lot.

Might take one hour tops surfing around to get used to it, but tell ya, it makes the web a lot more tolerable.


----------



## treeclimber101 (Oct 7, 2013)

Since it happened I have only had 2 problems logging on through tapatalk , tapatalk kinda stinks with its format though I much rather log in the other way


----------



## Darin (Oct 7, 2013)

treeclimber101 said:


> Since it happened I have only had 2 problems logging on through tapatalk , tapatalk kinda stinks with its format though I much rather log in the other way


We are trying. Just bought a new Anti Virus for the server that actually detects malware. Should have it loaded today. Darin


----------



## woodchuck357 (Oct 7, 2013)

hackers are encouraged by some anti virus sellers, It is a form of protection racket.


----------



## treeclimber101 (Oct 7, 2013)

Darin said:


> We are trying. Just bought a new Anti Virus for the server that actually detects malware. Should have it loaded today. Darin



I am fine with tapatalk , I've been checking in from time to time to see if it's squared away . No worries Tanksamillion


----------



## 2treeornot2tree (Oct 7, 2013)

I use spybot and avg. Both are free and seem to work great


----------



## pdqdl (Oct 8, 2013)

I have not yet experienced the linkbuck problem. Here is how to whip it permanently:

Edit your hosts file. "C:\windows\system32\drivers\etc\hosts" in Windows7. your system may store the file elsewhere. Use notepad or wordpad.

Insert these two lines:

127.0.0.1 ad3.l i n k b u c k s.com
127.0.0.1 www.l i n k b u c k s.com
(you will need to delete the extra spaces)

You can ban any website from your computer by adding 127.0.0.1 followed by (name of banned website) to this file. Once that command is entered, your computer will refuse all attempts to go there!


----------



## ATH (Oct 11, 2013)

looks like the new board software has fixed it? haven't been here since the fiasco started...just clicked out every time that stupid thing showed up...but kept checking back every couple of days. Hopefully this gets everything back up and running!


----------



## Grouchy old man (Oct 11, 2013)

Nahh. Board was down again this afternoon because of Linkbucks.


----------



## capetrees (Oct 11, 2013)

all good here except the trim colors are blue instead of green.


----------



## Grouchy old man (Oct 11, 2013)

Look again. It's the generic V Bulletin board. No ads, no reputations, no Aboristsite banner...


----------



## Goose IBEW (Oct 11, 2013)

At least its working. Looks like progress.


----------



## pdqdl (Oct 11, 2013)

"Like" functions don't seem to be working for me. If I attempt to view "likes" I get nothing; my listed count still shows up, however.


----------



## Sunrise Guy (Oct 12, 2013)

So far, so good, on my end. It's good to be back, but it still feels weird, like checking out your home after it's been burglarized.


----------



## lone wolf (Oct 12, 2013)

Search is out ,likes are out :msp_mad:


----------



## lone wolf (Oct 12, 2013)

Pics work


----------



## pdqdl (Oct 12, 2013)

Has anyone noticed the warning at the top of their AS "Likes" page when they open up for the first time? It reads like this: Warning: Declaration of vB_ProfileBlock_vBSEOLikes::block_is_enabled() should be compatible with that of vB_ProfileBlock::block_is_enabled() in ..../vbseo/includes/functions_vbseo_ui_profile.php on line 52
ArboristSite.com - Powered by vBulletin 

Doing a search on that topic, I found this solution/work-around: vBSEO 3.6.1 and vBullerin 4.2.2 - Likes warning - vBulletin SEO Forums


The whole thread seems to be related to the problems with the "like" function at other websites, so you may wish to check it out. Hope this helps.


----------



## lone wolf (Oct 12, 2013)

pdqdl said:


> Has anyone noticed the warning at the top of their AS "Likes" page when they open up for the first time? It reads like this: Warning: Declaration of vB_ProfileBlock_vBSEOLikes::block_is_enabled() should be compatible with that of vB_ProfileBlock::block_is_enabled() in ..../vbseo/includes/functions_vbseo_ui_profile.php on line 52
> ArboristSite.com - Powered by vBulletin
> 
> Doing a search on that topic, I found this solution/work-around: vBSEO 3.6.1 and vBullerin 4.2.2 - Likes warning - vBulletin SEO Forums
> ...



For the site or us?


----------



## tree MDS (Oct 13, 2013)

Another banner day for linkbucks.


----------



## pdqdl (Oct 13, 2013)

lone wolf said:


> For the site or us?



I think only for folks with access to the code: administrators/IT dept.


----------



## pdqdl (Oct 13, 2013)

tree MDS said:


> Another banner day for linkbucks.



So far, I have never seen linkbucks yet. Seriously! Follow these directions: http://www.arboristsite.com/commercial-tree-care-climbing/245553.htm#post4540094

You will never see linkbucks again. You won't even be able to see them if you try to go there.


----------



## Grouchy old man (Oct 13, 2013)

Macs don't have a hosts file and neither do mobile devices. Even if you get around the redirect yourself you are going to be very lonely because there's nobody here. This is a problem that has to be handled by the board where it should be. Hopefully it's now taken care of.


----------



## pdqdl (Oct 14, 2013)

Yep. I knew you Apple 'n MOS* guys were out in the cold on the host file. Nonetheless, it doesn't hurt to post a good tip that works for some.




*Mobil Operating System. Android, Blackberry, etc.


----------



## zogger (Oct 14, 2013)

Grouchy old man said:


> Macs don't have a hosts file and neither do mobile devices. Even if you get around the redirect yourself you are going to be very lonely because there's nobody here. This is a problem that has to be handled by the board where it should be. Hopefully it's now taken care of.




It's *both*. Web site owners have an obligation to stay up top speed on security, AS DO joe blow at home people on whatever machine they got.

This is a *technology* forum, slash, chainsaws and assorted wood wrangling gear, but that doesn't alter the fact if you want to hang out on a tech forum, you shouldn't just wave your hands in the air and say you don't get it or can't do it, etc. You, anyone you, generally and broadly speaking, can do the research and learn to use the internet and your own machine better.

There was no excuse other than ignorance. and not taking the time to go look, in getting pwned when the first hack happened, because whomever got redirected, had their javascript set for full acceptance, accept everything. This is a serious no-no.

You learn not to do this within the first five minutes of reading about internet security, any operating system or browser. (except I myself plead ignorance on various mobile systems, talking about desktop/laptop systems now, I just have little experience with mobiles and still learning)

The first thing you learn, is keep your system up to date, second is control active scripting.

There's more after that, but those are the two biggees at the top.


----------



## Darin (Oct 14, 2013)

Hey all we will be reformatting server tonight around 7:30 Est. 
Site will be down for a while to do this.


----------



## LegDeLimber (Oct 14, 2013)

Look forward to seeing y'all on the other side.


and there's nothing in my data here
that can't be easily replaced/reloaded.

So nuke away!


----------



## pdqdl (Nov 6, 2013)

I guess the management has been very busy for quite some time. I've had all my business computers get roasted, so I can sympathize. The whole world goes into slow motion while you bang your head on the wall, endlessly trying to restore what was lost.

Perhaps you can start a thread that offers tips on how to use the new site or perhaps takes suggestions/questions about features that may be missing?


----------



## MasterBlaster (Nov 8, 2013)

All seems back to normal....


----------



## StihlRockin' (Nov 11, 2013)

MasterBlaster said:


> All seems back to normal....



x2!

Haven't had any problems. Thus far smoooooth sailin'!

*Stihl*Rockin'


----------

