8                                                                                            THE SOJOURNER

                                            FROM THE WEBMASTER










           You know … it can be rather frustrating when you’re looking for something and can’t seem to find
         it.  You come to me and tell me you can’t find a form – don’t tell me which form – or where you’re
         looking – and somehow think that IT folks are somehow prescient or mind-readers.  We can do a lot
         of things, sometimes even what some folks think are “miracles” – but there ARE limits.

           This becomes even more significant with our new format.  Some folks haven’t used the website in a
         long time, come here  and voila! It’s a whole new experience they’ve never had  before (hopefully
         more positive than our previous incarnation).

           Let’s get to the point … YOU (user) can NOT “break” the system…I can, but if I’m careful, I won’t.
         So, do NOT be afraid to just “poke around” the site.  If you run into something you THINK might be
         a problem, let me (webmaster) know … NOT the HQ folks – they can’t help you and it only delays
         getting the problem to me.

           Recently, I was seeing (literally) HUNDREDS of Russian based hacker attempts trying to penetrate
         our site EVERY DAY!  Good news: our “server” hosting the WORDPRESS site won’t allow any IP
         addresses KNOWN to originate in Russia (or other adversary sites) through and they actively try to
         block .ru email addresses.  Bad News: WORDPRESS uses what are called “plug-in” modules to give
         us flexibility and capability.  One of those is “Gravity Forms” which provides not just the Registration
         Form information if you are a new member/user to the site as well as the feedback forms.  Those are
         WEB BROWSER-based (hint: the email domain screener doesn’t apply) AND many – if not most or
         all – of our friendly Russian hackers use anonymizers to obscure their real IP address, which allows
         them to get past that server block.

           The upshot of this is that NONE of the attacks were ever able to actually get into the site and create
         havoc  (knock  on  wood),  BUT  I,  as  webmaster  was  the  recipient  of  notification  emails  from
         WORDPRESS telling me that such-and-such email address(es) had “registered” on our site.  Well, no,
         they  TRIED,  but  because  they  did  not  complete  ALL  the  required  information  in  the  registration
         process, their form was pidgeon-holed in a folder I called “BOGUS” where I had to review EACH
         and every entry to MAKE SURE there wasn’t a valid submission in there by mistake.  So, that was
         ANNOYING and TIME-CONSYUMING for me, but not a “security risk” for the site because of the
         way we have things set up.

           I finally discovered, by extensive trial-and-error testing, that the Russian hackers were exploiting a
         vulnerability in the Gravity Forms REGISTRATION module, so I removed it.  This caused me to
         have to post a notice that indicated there was a problem with our Registration FORM and have anyone
         wanting to join the site to EMAIL the webmaster with the necessary information.  SUCCESS!  No
         more Russians – at least for now.  But, we’ll stay vigilant for ANY potential attackers.