# Contacting Forum Admin?



## bitfield (Apr 7, 2014)

I sent an email to the admin address warning them about the malware infection which has been discussed in earlier posts and explaining how to find and remove it. I haven't heard anything back and the link hijacking via url4short.info is still happening for all Google search results on the forum. Here's the link with the details:

http://peter.upfold.org.uk/blog/2013/01/15/cleaning-up-the-ip-board-url4short-mess/

Does anyone have contact with those in a position to find and remove this malware from the server?


----------



## mach 0.0013137 (Jan 10, 2005)

I have left a message for those more senior then myself regarding your post :wink2:


----------



## Stan (Aug 7, 2003)

mach 0.0013137 said:


> I have left a message for those more senior *than *myself regarding your post :wink2:


Fixed it for you.:wink1:


----------



## mach 0.0013137 (Jan 10, 2005)

Stan said:


> mach 0.0013137 said:
> 
> 
> > I have left a message for those more senior *than *myself regarding your post :wink2:
> ...


Thanx Stan, I rarely should have payed moor knowtise in my inglish classes at scool :smartass: :lol:


----------



## jeffvader (Jun 10, 2008)

The url4 thing is still happening.


----------



## Silver Hawk (Dec 2, 2003)

It's a shame this issue is not taken more seriously. Not good for the reputation of this Forum.


----------



## jeffvader (Jun 10, 2008)

Happens when using an iPad through a google search. If time you click on the forum it sends you to the url4 page & then opens the app store to a game.

It's something you just live with if you know the forum, but I can see the forum losing out on getting new people if it keeps happening.

Don't search for the forum on the desktop PC so I'm not sure if it happens on that platform aswell.


----------



## no8yogi (Oct 1, 2012)

jeffvader said:


> Happens when using an iPad through a google search. If time you click on the forum it sends you to the url4 page & then opens the app store to a game.
> 
> It's something you just live with if you know the forum, but I can see the forum losing out on getting new people if it keeps happening.
> 
> Don't search for the forum on the desktop PC so I'm not sure if it happens on that platform aswell.


It did two weeks ago saved as favourite now as it was peeing me off


----------



## mach 0.0013137 (Jan 10, 2005)

A message has been sent to our resident technical boffin.


----------



## mel (Dec 6, 2006)

A PITA on a few sites, not just here, although I don't have a problem using an Andoid tablet, but these damn things should be blown up, along with spam factories :yes:

Mach? I thoughI was the only "Senior Personage" that was older than you on the forum - - or was it not age you were talking about :rofl2:


----------



## mach 0.0013137 (Jan 10, 2005)

mel said:


> Mach? I thoughI was the only "Senior Personage" that was older than you on the forum - - or was it not age you were talking about :rofl2:


I was of course referring to to those fine gentlemen who had been moderators longer then myself & therefore have more experience 

BTW, recent information has shown that there are others on the forum who are more chronologically senior then me ldman:

Though possibly not as advanced as your good self Mel







:lol:


----------



## sehrgut (Apr 22, 2014)

Bumping this one too. It's a very simple fix, it's been known since December 2012, and there's no reason it should still be here. I've stopped bothering to follow google links to this forum (I use WUS and PMWF), and just joined because I was trying to help, and no one will respond to my emails about it.


----------



## ESL (Jan 27, 2004)

Yeah, this is an annoyance.


----------



## jasonm (Nov 22, 2003)

I will give Roy a call today......


----------



## sehrgut (Apr 22, 2014)

jasonm said:


> I will give Roy a call today......


Any progress? The issue persists.


----------



## jasonm (Nov 22, 2003)

I called him yesterday and he said he will look into it...


----------



## sehrgut (Apr 22, 2014)

Jason, he still hasn't looked into it, apparently . . .


----------



## Iceblue (Sep 4, 2013)

I was speaking to a fellow member who does not now how to get around this and when had try's to get on to the watch forum it diverts him straight to another page so he has not been on the forum for a few months , so this needs to be addressed before you start loosing members etc


----------



## mach 0.0013137 (Jan 10, 2005)

As Jason mentioned Roy has been informed of the problem, if your friend has difficulty getting to the forum send him this link- http://www.thewatchf...dex.php?act=idx


----------



## bitfield (Apr 7, 2014)

From my experience clicking on a Google result which leads to this forum causes the malware to redirect you to the spam page. If you go back and click again you will get the forum page as expected. It seems to remember your IP address or set a cookie which lasts 24 hours; try again the next day and you will be redirected once more.

It may be that the malicious code is smart enough not to redirect anyone logged in as admin - this may make it difficult to reproduce. However, following the instructions in the link I posted should make it fairly easy to find the infected PHP code.

It's very likely that every single person who follows a link to this forum is redirected away. I would expect this to seriously affect visitor numbers, and the fact that the forum is infected with malware would probably cause many people to think twice about using it. The problem seems to have been known about for a long time, too, judging by the number of threads discussing it.


----------



## Caller. (Dec 8, 2013)

Yes, it made me very wary and the first time I tried to access the forum and got redirected I jumped out as quick as I could. But as I constantly saw links to here, some seemingly recent (at the time), I thought there must be something behind the redirect. Had another go and made it here.

I still curse if when looking for something, I see a link to here and forgetting, click on it before realising my mistake.

It must put people off.


----------



## jonti (Mar 1, 2014)

"Famous last words" perhaps, but I have not once had a problem.


----------



## brooksy (Nov 26, 2008)

Unfortunately it is still happening


----------



## jeffvader (Jun 10, 2008)

Is happening on RLT Watches too


----------



## jasonm (Nov 22, 2003)

I will call him again...


----------



## bitfield (Apr 7, 2014)

Any update on this?


----------



## PC-Magician (Apr 29, 2013)

Maybe RLT don't want anymore members, its the only reason I can think as to why the problem hasn't been fixed.


----------



## greasemonk (Oct 4, 2012)

hi,i was without broadband for a few days and had to use my phone to get on the forum.the EE signal in my area is poor so had to wait for ages to get on the forum only to get redirected elsewhere.this was mildly annoying but its a free forum which i am gratefull for the use of, but i can see how offputting and confusing this could be to newcomers to the site,cheers..greasemonk..


----------



## JoT (Aug 12, 2003)

PC-Magician said:


> Maybe RLT don't want anymore members, its the only reason I can think as to why the problem hasn't been fixed.


The reason it hasn't been fixed is that there is nobody to fix it at present.

Judging by the member application numbers we get every day it doesn't seem to have affected new membership, but thanks for your concern


----------



## PC-Magician (Apr 29, 2013)

JoT said:


> PC-Magician said:
> 
> 
> > Maybe RLT don't want anymore members, its the only reason I can think as to why the problem hasn't been fixed.
> ...


Your very welcome, Watch collectors are seemingly not easily put off.


----------



## Roy (Feb 23, 2003)

I have been looking into this for ages. I did a few tweaks last week and it seemed to correct it. I cannot replicate it and it is not now happening on my computer, is it still redirecting for anyone else ?


----------



## jasonm (Nov 22, 2003)

Yep... Just googled 'the watch forum' and goths first hit, click it and the redirect is dodgy...


----------



## William_Wilson (May 21, 2007)

Yes, I just did a Google search for keywords. I clicked on the thread that came up in the results and was redirected. I run IE11 in Windows 7.

Later,

William


----------



## sehrgut (Apr 22, 2014)

Roy said:


> I have been looking into this for ages. I did a few tweaks last week and it seemed to correct it. I cannot replicate it and it is not now happening on my computer, is it still redirecting for anyone else ?


As I've posted before on this forum, this is a known piece of malware with a known solution.

http://peter.upfold.org.uk/blog/2013/01/15/cleaning-up-the-ip-board-url4short-mess/


----------



## bitfield (Apr 7, 2014)

JoT said:


> The reason it hasn't been fixed is that there is nobody to fix it at present.


I can fix it. I've already offered by email to help out, but got no response.

Happy to provide references for my bona fides from the clients whose websites I manage on a professional basis, as obviously this would mean giving me access to the forum server. But it would take me about five minutes to do.

Would you pass on my offer to the forum owner please?


----------



## jasonm (Nov 22, 2003)

Hi Bitfield, I've spoken with Roy this morning and he would like you to contact him at [email protected] to discuss .... Many thanks for your offer!


----------



## Roy (Feb 23, 2003)

This has now been fixed. Thank you so much Bitfield


----------



## PhilM (Nov 5, 2004)

Top job Bitfield, thanks for fixing this issue :cheers:


----------



## mach 0.0013137 (Jan 10, 2005)

Thanks for doing a great job Bitfield :thumbup:

Do you think you could spare the time to sort out BT? :huh: :lol:


----------



## Mutley (Apr 17, 2007)

I still get the same problem it I get to the forum via a google search :wallbash:


----------



## mach 0.0013137 (Jan 10, 2005)

Mutley said:


> I still get the same problem it I get to the forum via a google search :wallbash:


That`s because you`re a 200m Monster owner


----------



## William_Wilson (May 21, 2007)

I tried it yesterday and all was fine. Tonight it is back to the way it was before.

Later,

William


----------



## Silver Hawk (Dec 2, 2003)

Yep, it's back!  :wallbash:


----------



## PhilM (Nov 5, 2004)

Balls :taz: :taz:


----------



## Caller. (Dec 8, 2013)

Yup, same for me. It was fixed and now it isn't!


----------



## bitfield (Apr 7, 2014)

The forum software is a bit out of date, so it's probably been re-infected via the same loophole that was originally used to infect it. We could keep scrubbing it, but ultimately it needs to be updated, secured, and a few other measures taken which I've mentioned to Roy.


----------

