anyone having problems with Strongbox today?
 

^ read title..

does this link load for anyone now :(

http://www.bettercgi.com/strongbox/

I noticed the same thing..... i can't log into members area or there site... i msged ray.. i don't think he's up yet, does anyone know where he's hosted?

Jason

nope i don't, we just recently set it up on our site. I hope he get's it up soon..


Great program but downtime sucks

I agree i tried msging him... no reply

I had a problem with my members area and Mike at Phatservers (world's best tech) fixed the problem. My members are able to get in now.

He said to change this:

$check_proxies = 1;

to
$check_proxies = 0;

in their cgi-bin/sblogin/config.pl file

Bit of a worry? What is support like for Strongbox now?

is that a temp fix while the server is down or can it be left like that?

Perfect.. changed it and it works....

I would assume it's a temp fix. Leaving it might leave a hole for hackers.

BUT I AM NO TECHIE. :)

We Ray to shed some light... wake up RAY!

Im about to add strongbox instead of pennywize

My strongbox sites are all working fine. Maybe I have a different version to you guys.

mine was down too, made the change and it fixed things. Hopefully we will hear from ray soon as to whether it was a safe fix to make.

Mine are all working fine..

I had this problem today... all seems fine now though.
Only problem I ever had though, excellent all in all.

well his server looks like it is back up :)

Looks like it's back... :thumbsup

pacino

Damn...we made the change to the config.pl file and we still get the 500 error when trying to log in :(

I can get into all of our sites with no issue and no changes to the .pl file.

Make sure you uploaded it as ASCII as aposed to binary or it will fuck it up... or is it the other way around. 0.o

My sites were all fine too...

No you got it right, perl files should be ascii, binary is for pics, movies, and other 'compiled' data.

On the Strongbox site it says that the Proxy check function is an added bonus of protection, but that if their (strongbox') servers are ever down it should function fine automatically without it ...

wonder what went wrong??

-P

How simple for webmasters would you guys classify Strongbox as being? I'm doing my first paysite, backed by heavy traffic buys, and am considering adding Strongbox since everyone raves about it. But when you have to wear a helmet just to use Dreamweaver as I do, I worry about its complexity possibly being a problem. :)

Hi

when there is a Brute force attack the server load rais upto 50 - 60
on a Dual Xeon 2.8 with 2GB Ram. The server doesnt respond to ssh httpd etc.

Ray told me to raise the maxclient and lower the timeout but that doesn't fix the perl login.cgi load. that;s only for apache.

does anybody know how to fix this. because its a big pain in the ass.

thnx

Paul

There was indeed a problem with our proxy database server yesterday,
which we fixed. Strongbox includes two different features that should
prevent this from cauing a problem, but some installations had a bug such
that when our server was down some members had difficulty logging in.

Kudos to Mike at Phatservers.net, one of the most skilled hosts I know, for tracking
down the appropriate setting while I was away over the weekend and to Ramster for posting it.

Though the server should be good to go now, anyone with affected sites may
want to grab the updated proxycheck.pl and isp.pl files. The new files can be uploaded
to cgi-bin/sblogin/. If you installation is old enough to be installed in /login/ you don't
have or need these files.
I suggest renaming the two old files before uploading the new ones, so you can
easily switch back if you have difficulty logging in with the new ones.
The new ones will also make the login process faster after themember has already
logged in once, as part of the fix was related to the local caching of country,
proxy, and ISP information.
The updated files can be found at:
http://www.bettercgi.com/tmp/proxycheck.txt
http://www.bettercgi.com/tmp/isp.txt

Rename the files to ".pl" instead of ".txt".

Should any of you have any trouble in the future the phone number on the bettercgi.com
web site, 1-979-530-1300, rings my home phone, office phone, and cell phone,
so you should always be able to reach me at that number. If there's no answer,
which should be very rare, leave a message and I'll get right back to you.

Mainswitch, Strongbox has some code designed to set a limit on the server load
that can be generated by an attack, no matter how many thousands of proxies attack
at once. If you are seeing server load much above 1.0 even during a major attack
there are some settings that I can tweak. Though the default settings work quite
well for most people, variables such as your site's traffic and your server configuration
can influence that some and it sound sliek I should adjust yours a bit.
There's also a tradeoff of the number of logins Strongbox will allow
in a given period of time and the server load it can generate.
On a site with 10,000 members we might allow 10 logins per second,
which means allowing a higher server load than we would allow on
a small site siwht only 200 members, where we might allow 1 login per second.

Hi there!

i had strange problem 2 days ago. Noone can't login to members are. 500 error. But support fixed problem and now all ok. Do YOu have the same problem??? Or what???

Thanks Ray...

Kreal, please se my post directly above yours, posted a mere 6 minutes
before your post.