Wasapers.com and the Kwentong Barbero Podcast

What? It’s 2007 already?! Whoa. I guess the crew had one doobie too many last year. Time is fun when you’re having flies, as the great Kermit says. Master Yoda also has some words of wisdom:

So Wasapers.com turned a year old on April 10. The crew split up to have a bi-location celebration. Gato-chrome and D went up to Baguio as GC got a taste of traditional Igorot chiro therapy on his first trip up in the Cordillera mountains. Sarah and yours truly went road-tripping a week early and swung over to Subic Bay and then to Mt. Samat, Bataaan.

Being caught up with activities IRL (i.e. that four-letter obscenity a.k.a. w-o-r-k), the domain and hosting renewal of this website completely slipped my mind! Yes, I am to blame for the downtime. Wasapers.com was offline for a week and a couple of days as I stumbled about the business of renewing the domain and then transferring and restoring our files to a new host. With all that said and done, we are now back to our regular programming. Yay!
(more…)

Despite the total lack of attention given to this crap website by its authors (us lazy-asses), we’ve still been getting quite a lot of hits this past month.

The table below sheds light on what some of our visitors were looking for when they ended up in our twisted little corner of the Internet.

Here’s the official word from our host on what exactly happened:

Dear Valued Client:

Last Friday, September 22, The server MandaOne was defaced by a person or group who call themselves TheHacker. (This) group has not only affected us, but a lot of (other) websites as well and hasn’t stopped until now as seen in www.zone-h.org’s website:

It is normal for (anybody) to ask, “How were they able to break into the server?” and begin to question the server’s security. Upon investigation, we found a file named Ka0tic.pl in one of our client’s directories. This client uses a free Content Management System program as its website builder, and suspected right away that the file was placed there via an exploit. The script defaced all the server’s index files (even the backups) and replaced them with an index file that has “Thehacker // Thehacker” on the page. Also, on that same account there was a delogger script whose code is unreadable, was responsible for some of the server’s services to stop running correctly hence, a reinstall was necessary to fix the issue.

The reinstall was completed after 8 hours and the first batch of sites were made online a few hours after that to insure that there are no more files of the kind mentioned above (that are still) live on the server. You may notice that your website’s page is blank. This was done so that all your other files will not be seen by (internet visitors) without your knowlege while we await for you to upload your index files. The extent of the damage is confined to all home pages and not your emails, databases, movies or pictures that you have on your account.

We have been always doing our part in securing our servers for our clients since day 1 of our existence. We would like to ask for your help also in doing the same by reporting to us malicious files that you may find in your accounts so in the future, we can prevent this from happening again. We also have mapped out new procedures in handling backups and server security to minimize or eliminate damage from these kinds of attacks. If you have suggestions and comments on how this situation was handled, (they are) most welcome.

Thank you and we apologize for the inconvenience that this has done to you and your business.

(xxx)Hosting Team
.

We, our host, and our host’s host were attacked in the past 24-36 hours.

The superficial extent of damage by the security breach was that of a global replace command on all index files on all hosted domains. Meaning, all our index files were replaced with some schmuck’s shit signature.

That wasn’t so bad, but to be on the safe side, our host restored a backup of known clean data files. However, said data files seem to be the standard end-of-the-month backup. Meaning, all website posts, website comments, changes, forum posts, and new forum usernames since September 1 are gone.

Ang buhay nga naman… Give us some time to maybe reconstruct the new blog posts - if we’re not feeling too lazy to. I think there were just a couple of them anyway. As for the forum posts and comments, fresh ones from y’all will do.

Okay, sportsfans. We maxed out our bandwidth limit last night, which resulted in the website being unavailable to you - our beloved readers and new “potcast” listeners.

However, thanks to a few hours of begging on the streets and a couple of cheap macho dances by Gato-chrome & EJ, we were able to cough up some moolah to pay our webhost for the extra website mileage.

So, we are back online in less than 24 hours!
Tuloy ang ligaya!

Thanks for visiting! This event was quite flattering. It meant our website had to “grow” in order to accommodate the increasing number of visitors and listeners.