Forum Activity for @strumelia

Send Me a Private Note Button

Design and Skin Customization

Nate, I'm just guessing, but would that code go in your active skin's profile_sidebar template?

And, where does your suggested code put the 'button'?

And I'm also guessing one would place the actual icon button image in a folder in the Core module - the existing folder being named 'images' or 'icon' ?

Looks like my jr domain Mailgun acct was hacked

Using Jamroom

I think I will go ahead and do that Michael- thanks for the suggestion! :D
Oh, a question on that first- will I need to plug that new SFTP password into any other place- like in my JR modules or in my Mailgun account? (Just need to know if I have to fill the new pw in elsewhere or not, before I go ahead and change it)

Looks like my jr domain Mailgun acct was hacked

Using Jamroom

Thanks Michael. As hacking things go, it could have been something much worse I'm sure. I'm choosing to see it as a good learning experience, since no irreparable damage seems to have been done.

BTW just to be extra safe, I also changed my PW here in my jamroom account and also on my jr sites as Master Admin.
updated by @strumelia: 06/25/18 07:45:38AM

Looks like my jr domain Mailgun acct was hacked

Using Jamroom

I received this from the Mailgun Support:
"Last night after you mentioned completing the recommended steps, we re-enabled the domains and account for you so that you could resume sending. As such, the site notifications should indeed be working as we're no longer blocking any traffic on the account."
...So Mailgun had indeed disabled my domains and account from sending any emails out (not surprising, but they mentioned nothing about that, nor mentioned when they turned it back on). I guess they simply waited until I told them I had implemented the security suggestions to 'turn me back on'.
Good stuff to be aware of.

Looks like my jr domain Mailgun acct was hacked

Using Jamroom

So- in retrospect, several RED FLAGS to look out for as a hacker is working their way into your mailgun account:

1- getting emails from a Mailgun support person saying your domain needs to be validated... even though your domains are already validated. I ignored these emails thinking they were from a spammer.. but they were perhaps indicative of the hacker being in the process of infiltrating my account.
2- getting a support email from Mailgun responding to a support ticket request that you supposedly made, asking for a new Dedicated IP on your account. Big red flag!! This support ticket was actually created in my mailgun account by the hacker, and you must immediately contact Mailgun support and report this as a hacker.
3- getting a friendly note from mailgun suggesting you might want to 'upgrade' your account to higher capacity... this was sent to me about a day after the 2 million spam emails had been sent out by the hacker. =8-o

And it's always wise to glance at your mailgun LOG each day for each domain, so that you can see within 24 hours whether a giant mountain of spam has been sent out. Note that these spam emails did not show up on my Jamroom email log... only in my Mailgun account Logs, on the MG site.

My notifications seem to be turned on again and working normally, so I'm going to mark this thread as a "User Tip". Hopefully it will be of some use to somebody else at some point.
updated by @strumelia: 06/24/18 11:31:54AM

Looks like my jr domain Mailgun acct was hacked

Using Jamroom

Thanks Patria,
BTW the mailgun support guy said that THE most important security measure we can take is to activate the "2FA" (2 factor authentication) for our Mailgun account. This I did on my Android phone by downloading an authenticator app.

-It looks like my normal site notifications are now pouring in from last night and this morning- the faucet has been turned back on by ...someone... Yay! :D
updated by @strumelia: 06/24/18 10:22:49AM

Looks like my jr domain Mailgun acct was hacked

Using Jamroom

OK, suddenly 10 minutes after this last post something kicked in and I see a few notifications going through.

Somebody did 'something' to fix it, either from the JR end or from the Mailgun guys whom I also wrote to again 20 minutes ago. Maybe my domain had been deactivated/blocked by MG?
So hold on.... it seems to be working again all of a sudden. Miracle!... keeping fingers crossed and will report back here again in an hour or so.

BTW the MG fellow said he applied a credit to my account for the cost of the spam messages. (whew, or else I'd be maybe posting to here from jail in the future)
updated by @strumelia: 06/24/18 09:43:47AM

Looks like my jr domain Mailgun acct was hacked

Using Jamroom

Hmm, my site notifications are still not working.
Is there a way to refresh my JR email log? it shows no mails sent since yesterday late afternoon. Or else it's just that nothing has been sent out since then, despite all kinds of site activity that should have triggered notifications and emails.

I should note that private messages are still functioning within the site, though not the notifications for them.
BTW...My other JR site domain on the same server, pennywhistleclub.com has all its notifications still working fine (that domain was not the one attacked by the hacker) -I just tested it.

Looks like my jr domain Mailgun acct was hacked

Using Jamroom

Um, well I told the Mailgun fellow I was not going to be paying for those 2 million emails... =8-0 Gosh I hope they don't bill me!

OK, so I simply reset new PWs for those MG smtp credential settings.
Is there a way to refresh my JR email delivery log? I'm not seeing anything newer than like 7 hours ago on it. This despite my having done several actions on my site that should have triggered notifications. I also restarted my JR server and Apache, just in case.

And now I have to go to bed. :-\
updated by @strumelia: 06/23/18 08:50:29PM

Looks like my jr domain Mailgun acct was hacked

Using Jamroom

P.S. resetting the passwords for those mailgun "Manage SMTP credentials" domain areas (as in the screenshot) was the only thing I attempted to do but wasn't sure about what my pws HAD been (wouldn't let me see the prior pws) and how to coordinate them on the Jamroom side. Things seemed to be working ok until I messed with them. My JR System Check is all green. At this point my site mail/notifications are no longer being sent or received I believe. Everything seemed to be working until I tried to fuss with the smtp credentials in Mailgun.
updated by @strumelia: 06/23/18 07:46:50PM