We habe been hacked again…

,

Our test server has been hacked again and attacks have been launched against thousands of other servers.
It’s understandable that our hoster, Hetzner, doesn’t like this at all.

I have now completely deleted the (modern, supposedly secure) test server.

The live server with an economical, ancient operating system is still running without complaint, but it’s only a matter of time before it will also fall.

Unfortunately, with the ever-increasing level of professional cyberterrorism – more and more often emanating from government agencies – it is no longer possible for non-specialists, even with in-depth knowledge, to navigate the Internet safely and offer content.

Therefore:
I will try to maintain the service here as far as possible – but it will probably not be possible to maintain my own cloud server.

This means the following in detail:

For now, the download tables, which until now have been based on the fantastic foo-table-plugin, will be converted to normal html, called Accordeon-Falter. The functionality for downloads and direct installation will be fully retained. Only the usability and loading speed suffers somewhat.
Why: The plugin has not been maintained for many years, I myself have adapted it twice to new php versions, but now it is over because a plugin that is not officially maintained is an extreme security risk.

Furthermore I will try to move the website to a normal website account at Hetzner to at least eliminate the hacks below the website on operating system level.
This will certainly mean a massive slowdown in loading speeds.

If this site is taken down (certainly not through my fault) please bookmark the direct download link on the GWDG server:
https://ftp.gwdg.de/pub/misc/openstreetmap/openandromaps/mapsV5/
If need be, you will also find a “read.me” with messages next to the maps

 

I have to admit that I’m getting a bit tired of the whole thing

 

Your Christian from OAM

Translated with DeepL.com (free version)

1 reply
  1. Static website
    Static website says:

    Many small open projects move to static site generators (SSG). As the output is only static HTML and no code needs to be interpreted on browser side, this is much better cacheable and scalable in general, not to mention that there can’t be any vulnerabilities in code which isn’t executed.

    Das ganze entweder auf eigenem Server evtl. mit so etwas wie https://www.cloudflare.com/de-de/lp/ppc/waf-x/ oder direkt auf GitHub oder GitLab pages sollte relativ sicher sein.

    Forum und Kommentare sind bei der Lösung natürlich nicht möglich, könnte aber zum Beispiel durch einen Matrix chat oder ähnliches ersetzt werden.

    Ich finde das Projekt super und würde es gerne noch eine Weile nutzen können! Vielen Dank für eure Zeit!

    Reply

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *