[Coco] Tandy / Color Computer Forum Access

Fri Mar 25 20:09:02 EDT 2011

On Fri, Mar 25, 2011 at 08:26:21PM +0000, Manny wrote:
> On Fri, 25 Mar 2011 15:06:04 -0500
> Roger Taylor <operator at coco3.com> wrote:
> 
> > At 01:21 PM 3/25/2011, you wrote:
> > >On Fri, 25 Mar 2011 14:10:57 -0400
> > >Brian Blake <random.rodder at gmail.com> wrote:
> > >
> > > > On Fri, Mar 25, 2011 at 2:01 PM, Wayne Campbell <asa.rand at gmail.com> wrote:
> > > >
> > > > > Most of them do recommend periodic changes, but leave it up to the user.
> > > > >
> > > > > Wayne
> > > >
> > > >
> > > > That's what will end up happening. Though if there is ever an 
> > > instance where
> > > > there's a security issue, it'll be required... No major biggie...
> > >
> > >Considering the past problems with coco3.com, I don't see it as an 
> > >evil.  Maybe a longer time in between being forced to change your 
> > >password would be better?
> > >
> > >--
> > >Manny <manney at gmail.com>
> > 
> > 
> > All it takes is one slip to kill a site.  Making everybody change 
> > their passwords periodically really won't make you sleep 
> > better.  There will be bots at work while you sleep.
> > 
> > Having a high ranked site means fighting spammers, bots and hackers, 
> > and periodically changing the base system.  When the site was new and 
> > not easily found, we didn't have any problems except for the common 
> > spam bot signing up or a person setting up those fake accounts.
> > 
> > You will not get around that battle and run a frequented site at the 
> > same time.  There's no easy solution and you, the admin, will take 
> > the heat every time somebody farts out loud in the forums.  You'll be 
> > accused of being asleep at the wheel, a no-show, too busy, 
> > unprofessional, inconsiderate, and a bunch of other stuff before you 
> > finally get to the safest system possible of all that you have tried.
> > 
> > Many forums have come and gone but only one has changed shapes 4 or 5 
> > times since 2000 while porting over almost all of the older content 
> > while picking up some other large forums content since 1985.  When I 
> > get time I'll tweak the look and feel to what people demand tomorrow 
> > (and who knows what that will be).  I also back up the entire hosting 
> > account frequently and automatically which hosts multiple sites of 
> > mine (only 1 gets 99% of the time slice and that's coco3.com), so in 
> > one click and 5 minutes later I have a .zip or .gz file of every 
> > single element in a 26-year historic egg shell.
> 
> I'm not saying that it's your fault, Roger, but I frequent a few highly
> ranked and/or highly visited forums that do not have half of the
> problems your's did.  Backing up, forcing changes of password, having a
> great host that keeps up with all of the updates, etc. are all very
> good bits of advice to keeping the script kiddies at bay.
> 
> Brian, just keep up the good work.  If you need any help, just ask and
> I know that the people of this forum will do their best to help you.  :)

I host several forums and have at least two points in the registration
which requires my intervention before the new member gets full access to
the forums and can post. Like anyone running a forum with more then a
trivial number of users and activity I've had spammers/bots create accounts
so they can spam the forum. I've also had more then a couple of hackers try
to break in. To date I've had mostly complete understanding from the
legit users of the forums and have always responded quickly and decisively.
You spam, you hack or try to you're gone. No questions asked, no
explanations given. There was one time someone complained that I didn't respond
quickly enough for his liking and started a thread complaining about it. I
let the thread go and pick up a little steam before responding. My response
was simply that I don't charge for the use of the forum and ALL resources
used by them are being donated by me and as a result I have a full time job
to support myself and hobbies like hosting the forums and don't have any
staff to monitor the site. I went on to state that if the users of the
forum were willing to pay me enough for me to quit my job and hire people
to run things while I wasn't around I could respond quicker. The thread
ended then and no one has complained since!!! :-)

Sorry about the long winded post. My suggestion is to maintain backups of
the forum so that if it is hacked you don't lose to much data and don't be
afraid to over react by clamping down to hard first and then ask questions
later before loosening things up a bit. Also remember that you're never
going to make everyone happy and there's no point in trying. You're not
charging for the access.

The Other Frank

Frank