I have been trying to reach the Edubuntu website for about three days now. I keep gettign a 404 error "You don't have permission to access this site." Is there something I'm doing wrong?
Asked
Active
Viewed 462 times
0
-
1A variety of sites hosted by Canonical that use Drupal are currently offline for security review. Time until recovery is currently indefinite. – Stephen Michael Kellat Nov 04 '14 at 01:58
1 Answers
5
The site was running Drupal 7. A cached version of one of their pages confirms:
<meta name="Generator" content="Drupal 7 (http://drupal.org)" />
There was recently a vulnerability published for Drupal 7. The disclosure was somewhat bungled and attack code ended up in the wild within ~7 hours of the disclosure. It's thought that millions of sites were exploited before they could be patched.
When an exploit of this ilk arrives, it can very quickly be plugged into existing botnets and the internet is scanned quickly by bad people. Same happened with Heartbleed and Shellshock.
I can't speak for the Edubuntu team, but when your site has a possibility of having been hacked, and you have no method to prove otherwise, or you know you were hacked, you need to audit the site offline to make sure it wasn't exploited, reverse any damage and update it. This can often mean rebuilding a site with a clean codebase.
Oli
- 293,335