Last month was exceptionally busy, but the blueberries are harvested. The garden still needs to be finished up and the produce needs to be preserved for winter. I’m actually not going to be able to attend to much of that on my own.

Yup… I have had to literally hire people to deal with my garden tasks – including preservation. Fortunately, this isn’t a problem. However, I’m 99% positive that I’m paying way above market rate for my fucking veggies! Like, way more than I should be.

Meh… They’re pretty tasty!

Anyhow, I wanted to reply and say two things.

We take our responsibilities, with regards to the security of this site and any data you give us, pretty seriously.

We are constantly under attack. The number of attacks increases – seemingly daily.

In the past 30 days, there have been over 350 attempts to hack the site.

Yup… 350+ attack attempts.

Also, while I’m here…

Thank you for your contribution. Articles about a specific guitarist are *probably* better suited for my guitar site – which you’re welcome to join.

Your contributions must be approved – which is a simple process. It just requires that COF or myself give them a quick read and ensure they’re fit for publication.

This is VERY LIKELY to only happen around the 1st of the month. That’s our “publication schedule” and that’s when I slot in new articles and give the site a block of time.

You’ll hear me mention “blocks of time.” I say that frequently. While I often have some spare minutes, I don’t have many blocks of time. Blocks of time are periods where I can devote myself to a single task – without interruption.

I don’t have many of them.

So, articles that you write will be pushed out sometime around the 1st of the month. We absolutely appreciate and encourage user-generated content. Ideally, the site will reach the point where it’s self-sustaining, with users generating content. I’m pretty sure we’d like nothing more than that, though I don’t think I’ve actually had that conversation with @COF!

Still, I’m pretty sure that’d be awesome. If you feel like writing more, we’re absolutely on-board with that. We will (almost certainly) approve anything you’re likely to submit.

We’re not just telling the stories and keeping the history alive, we’re enabling other people to participate and share their stories. It’s my opinion that even such things as your concert experiences, experiences with bands, and other assorted stuff, is all quite welcome.

If you have any questions, don’t hesitate to use the forum and we’ll get to it.

Again, I’ve been right out straight and it’s been a pretty damned busy month. So, if @cof doesn’t get there first, someone will eventually get around to it. We’re old! We move slow!

(Actually, it’s that we sort of have a publication schedule. We’re consummate professionals, around here!)

So, breaking in won’t actually do them any good – at least not for long. If they do, it’s just a couple of buttons to fix it and then I can start the debug process to see how they got in. But, so far, no intrusion attempts have been successful.

No attacks were successful. They appear to have given up for the day.

The numbers don’t match what I’m seeing in other logs. They never do match, exactly. But, these numbers have a pretty wide margin.

Granted, it only counts people who open the page, but we deep-link it, direct to the page, everywhere. So… I’m not terribly worried, but it’s a curiosity issue. I’m guessing I changed a setting and forgot which one or my lazy-loading effort has broken it.

I’ll get around to looking deeper at it. It’s nothing huge, just a bug that doesn’t really impact functionality.

Oh, wait… Not just spam – they’ve also tried to brute force passwords, but that’s as complicated an attack as they’ve done to date.

I was gonna play the cat and mouse game, but I just said to hell with it and blocked this:

5.188.210.0/24

That means 5.188.210.1 to 5.188.210.255 are banned. They can browse, but they can’t comment. Nope, they just want to spam (you regular folks don’t see it) their pay day loans and, curiously, a massage parlor – though that was an oddity and there was just one of ’em.

This is who they are:

https://rdpguard.com/free-whois.aspx?ip=5.188.210.0

More info:

https://bgp.he.net/net/5.188.210.0/24

And here:

https://bgp.he.net/net/5.188.210.0/24#_whois

I could be talked out of this move, but damned aren’t they annoying. I like to keep things cleaned up and they’re dropping in blog-spam and have made a few attempts (like 8 this month) to brute force their way in.

My goal is to be open about such things, where possible and when doing so doesn’t compromise security. I’d send the IP addresses a complaint, but I’m pretty confident that it won’t help – not even a little.

We don’t really need any help right now – though if your son wants something to do then they’re welcome to “pen-test” the site or contact me at admin (at) musicfor.us.

Financially, the only reason there are ads is so that I can (eventually) get the site to the point where it’s self-sustaining and will remain paying for itself. Right now, while the offer to donate is appreciated, there’s no real huge financial burden.

The site doesn’t look like it’s going to be very expensive and, right now, is hosted for the next year. Maybe when domain name renewal comes up, or something like that? I’ll let folks know and those that want can find a way to contribute.

For now, we use Google’s Ads. I can’t ask folks to click on ’em, ’cause that’s against the rules. I can ask people to unblock them, if they have them blocked. Whitelisting them will help a little. To date, we’ve not made a whole lot – but it’s not about making money, it’s about breaking even.

I don’t believe any of us are terribly hurt for finances, so it’s not too bad – even if it expands beyond what we’re currently hosted on. If it is, there’s an upgrade path with the hosting company and I’ll just have ’em move it to a more expensive package. ‘Snot a terrible process and they can probably do it with zero downtime.

But, that’s a long ways off.

We use less than 400 MB (so far) of disk space and we used less than 1 GB of bandwidth last month. We can go up to 25 GB in disk and 250 GB of bandwidth per month. So, it’s going to be a while before it’s a problem.

I’m partially colorblind and have no patience for CSS or learning GIMP very well. You do not want to see my design efforts. No, no that’s not something you want to see. I’m pretty sure a third grader would do better than I do. Probably not even a very talented third grader.

I am pretty familiar with SMF and gave it some serious consideration. They call it ‘bridging’ and I pondered it – probably for a total of 20 or 30 minutes. Then, I came to my senses and realized how ugly it’d end up being. It’d be even worse than this!

This site *is* pretty much my best effort! 😉

It’s too late to change now! I’m never gonna master SQL enough to move the comments and topics. Though there aren’t many, I’m kinda partial to ’em. (Also, I’m pretty verbose, if you’ve not noticed.)