From: Erie,Pa. USA
As you all know the Depot recently suffered a serious security breach that resulted in our database being trashed by a hacker.
Many steps have been taken, in the last week, to increase the security of the site, but the job still has a long way to go. Long before the attack though, I'd been planning on a major upgrade for this place, including a new server that would increase our speed, resources and security. The hosting package I wanted to get for us was priced out of our budget range though, so I was putting it off until after the new year, when some of the revenue from our new affiliate links would start to come in.
The hacking attack changed that however, making it a real priority to get this place buttoned up, and into a more secure environment. Accordingly, I made a major push for donations to the site, and enough of you have responded to my pleas (and BIG thanks to all of you) that we now have enough in the Depot Support fund to move up to a Virtual Private Server package. I just paid for a year's hosting on that package earlier this evening, and we're now starting to get things copied over to the new machine.
While we expect the move to be almost seamless, with little or no downtime for the site, there will be two areas that will have problems.
The first is with messages posted to the forums during the move. We may lose some of them, depending on how the transfer goes. The problem is that we need to change name servers when we move, and that change takes 24-48 hours to propogate through the Internet. Think of it as a series of road signs that direct your browser to our server. When we change servers we'll also be changing those "road signs" but it will take 24-48 hours before they all get changed, so some of you, when you try to access the site, will be directed to the old server, and some will be directed to the new one. Once the move takes place though, a copy of the database will go with it, and anything posted on the old server after that will not be transferred over. My plan then is that once I enter the order changing the nameservers I'm going to lock the forums on the old server, and open them on the new. This should minimize the possibility of lost messages.
The other problem area is going to be with all the Depot issued e-mail accounts. Our new server also includes our own, dedicated, mail server, and all the current e-mail accounts on the old server will have to be hand copied over to the new one. That's not such a big job, and I can easily handle it, but any mail left in the e-mail boxes on the old server will be lost. I regret this, but there's no way around it. E-mail accounts cannot be moved, only recreated. This also means a problem with passwords on those accounts. I do not have the ability to see what password you use on your e-mail account. That information is encrypted on the server. Because of this, when I recreate your account on the new server I will not have the correct password to put on it, and will use a "default" password instead. That password will be sent to you, via PM on here, after the new account is setup and ready to go. If you have a Depot e-mail account, and do not get a PM from me after the account is moved, then PM me and I will let you know what the new password is. After that, you will be free to change the password on your account to anything you want, through our webmail interface.
The move is starting now, but we will not make the actual switchover until everything is ready, and tested, on the new server, probably around New Years Day. I will announce the actual switchover 24 hours in advance, and it will be posted on the main page of the site.
Until we get on the new server I ask that all holders of Depot issued e-mail accounts try to keep their e-mail box as empty as possible.
Now, what benefits do we get with the new server? Well, increased security, for one, and much faster page loads for another. We will also have some new features we can use, larger filesize limits on attachments, and a complete end to all those "could not connect to the database" errors that have plagued us. We'll have a little more disk space than we currently have, about 1/3 more, and double our old bandwidth. Eventually, as I keep upgrading the package, we'll reach a level where we will have the actual capacity to host the entire game for free downloading, something that has been a goal of ours from the very beginnings of the site. We will also have the ability to do our own database backups and restores, so that in the event of a future hack, the database can be restored within minutes, rather than the 36 hours it took this past week.
It's going to cost us a bit more, about five times what we were paying per year, but I consider the cost well worth the benefit. Hopefully, as our affiliate links get used more, we'll see enough income from them to make the site self-sufficient, and we'll be able to just sit back and enjoy this place, without worrying about the bills.