It was bound to happen. That we have gone this long without being infected is pretty incredible.
The root of the issue is that your moderators (me and ALX) have not really stayed on top of things. ALX is in charge of the backend stuff and I'm in charge of everything else. This site is hosted on an AWS server that ALX set up. I really was not all that involved with it. Initially, it was running on a private server somewhere in Cali, I think. ALX has been generous enough to provide free hosting for us. The only thing we pay for is the domain name and that's set up on automatic renewal for something like $15/year. So there's no real expense involved.
That said, we do have a duty to keep things well-oiled.
Currently, the BBS system we are sitting on is long overdue for an update from the publisher. This could be why we are vulnerable. But to do the update, I need FTP access. It has been a long time and I have lost my FTP login. I have a request in to ALX to see if he can get that reset.
In the meantime, I've deleted/blocked all the spam accounts, deleted their posts, and reset the account creation criteria. I've also disabled new member registrations for now. Maybe these guys are just practicing for the Olympics (2020 elections)
Now that I'm aware this is an issue, I'll do my best to stay on top of it until we are back to being somewhat 'anonymous'
The alternatives include:
- Moving the site to FB (many people do not have FB accounts)
- Getting additional admins. I realize this has been offered in the past and I'm certainly willing to tap a few others who would like to be admins. Probably something we should have done long ago.
- Shut the board down - not something I want to do - and start from scratch. Considering Scantlings has gone on a decade (or more???) longer than I ever imagined, perhaps this would be a good solution. If anyone would like to try such a thing, I can give you some direction on how to do it.