nobsMailing List
Sign up for our free monthly e-newsletter.
nobsNetwork
Nobs Network Forum Nobs Invest - Nobs Investment Community Nobs Forex Blog Forex for Beginner
nobsPopular Entries
Jul 29th 2006
KaOnline Access Issues (Continued)
Tags: No Tags.This is just a quick post to make everyone aware that the KaOnline web site is currently down. It appears to be a database connection error causing the problems, which makes sense as we just re-structured our database over the weekend.
I have personally contacted our sever techs, development team, and our Prolexic Rep to make them aware of the problem.
As soon as I have an answer I will post an update.
Ben Navarro
Managing Director
KaOnline.biz
Popularity: 6% [?]
…and the answer is?………
Server still not accessible as of 8:10pm EST on 8/1/06. Issues with DDoS and now this. I would think you would have posted a follow-up by now. I was in the process of doing my own DD on KAOnline. As you do not have a “bricks and mortar” facility and greatly encourage on-line based communications to you, aren’t technical problems of this magnitude going to be very difficult to overcome? As part of my DD how should I feel about these events?
I have not posted an update because I too am waiting for a clear update from both Prolexic and our Server Techs.
The site was brought down by a DDoS attack that was directed at our server. Prolexic is unable to protect us from this type of attack as the ‘bad traffic’ is not routed through it’s servers. It would seem that we would just need to change servers, or that is what I assumed, but that meant re-coding many parts of the web site as many call back URLs were linked to the old server’s IP.
In short the site is still being fine tuned. We have stayed in touch with clients via forums, newsletters, email, and this blog, however I do not like to post information untill I can confirm it myslef, and each time I was updated on the site issues the story changed a bit.
The fact is that many people can already access the site, and as the re-coding is going on some people run into errors, and they are delt with on a case by case basis.
As far as your personal DD, well I chalk it up to growing pains. It is something that is out of our hands, but we are doing whatever we can to get back on track.
Ben Navarro
Managing Director
KaOnline.biz
Greatly appreciate the quick response….
I am sure that your expertise is more in line with the “making money” side of the house, so I can certainly understand your stance as to the actual technical issues. As far as my personal DD, my concern here would be how costly it is to secure sites like these and at what point does it become overwhelming. In your case in particular, to my knowledge there is no other way to do business with you other than your web site. You can’t grow the business if folks can’t get to you, yet your costs are still there and then some (based on the costs to resolve the technical issues at hand and secure against future ones)….
I’ll keep monitoring things and maybe we can both get to a “happy place” and do something more productive with our time. Good luck with getting back to business….
With respect to the cost; no matter the type or target of the attack we pay the same monthly fee to Prolexic and our server datacenter.
You are correct when you say that our business can’t grow if people cannot reach us, however over the past 3 months we have only seen two periods of downtime. I will admit that both were in the 24 to 48 hour range, however the problems caused were fixed and we continued as business as usual. Once the site is again stabilized we will be protected not only from domain targeted attacks, but also against attacks directed to our server.
We are still a very young company, we just made it through our first quater, really we are in our infancy, and like any newborn change comes with the territory.
In a sense this attack is actually helping us evolve, and more than likely if it didn’t come now, it would have come later.
Ben Navarro
Managing Director
KaOnline.biz
Hey Ben,
Thx for the updates. It’s been about 4 days now, so sure hope things are sorted soon.
Naturally people are nervous with all the recent scammy stuff.
Good luck & hoping for a long & profitable relationship.
Regards, Rob.
We are working as fast as we can to get the site stable. I have been able to access the site since mid afternoon on the 31st, however some people are still have issues.
These problems will be solved and I expect this to happen within 48 hours, perhaps sooner.
Ben Navarro
Managing Director
KaOnline.biz
Thanks for the update
Couple of other thoughts in regards to your following comment:
“The site was brought down by a DDoS attack that was directed at our server. Prolexic is unable to protect us from this type of attack as the ‘bad traffic’ is not routed through it’s servers. It would seem that we would just need to change servers, or that is what I assumed, but that meant re-coding many parts of the web site as many call back URLs were linked to the old server’s IP.”
1. As servers are accessible by name and IP address it would certainly seem prudent to protect both – in particular if traffic specifically directed to the IP address is not routed through Prolexic.
2. If your coding includes references to the IP address of a specific server rather the defined host name (resolvable via DNS) then you should really be following up with your coders as that is certainly not a best practice. If the code referenced the host name then you could change server IP easily as it would just then be a matter of changing the DNS config (which it looks like Prolexic controls) to point to the new IP.
Looks like on my end that I can resolve http://www.kaonline.biz to the proper IP address but the web server still does not respond. Attempts to browse to the IP address also fail.
Thanks for the responses and updates. I’ll keep looking here for more…
In response;
1. It certainly is prudent to protect both the domain name and the numerical IP address of the server, however our main defense, Prolexic, is useless in the case of direct IP related server attacks. Our datacenter does provide protection against server attacks, however they were simply caught off guard.
2. The coding was changed to include the IP address of the server because due to some older Prolexic issues some people could not access the site via the domain name. This caused errors when certain call back URLs, say those that appear after an eGold deposit, directed clients back to the domain name. This same ‘fix’ which allowed for easy site navigation, is now an error that is causing problems. The issue now is to investigate how it can be coded so no more errors are encountered in the future.
Ben Navarro
Managing Director
KaOnline.biz
Hi Ben,
Site is up, many thanks, but when I go to logon the “access pin” is not arriving at my email, although message says “pin has been sent”
This has happened several times over the past 2 days.
Is this a problem with the site still, or just with my a/c.
Also sent email to access@kaonline.biz to advise of the problem, but email was returned undelivered as per message hereunder.
Please advise.
Regards, Rob Bala108
“Your message could not be delivered for 4.0 hours.
It will be retried until it is 5.0 days old.
For further assistance, please send mail to
If you do so, please include this problem report. You can
delete your own text from the attached returned message.
The Postfix program
: connect to kaonline.biz[209.200.152.115]: read timeout”
Rob,
The PIN issue is know to us, it relates to the same problem with our mail server that was causing the bounced emails.
Our server techs have been working on it since early today and I have just started to receive emails that were sent to me early this morning, this tells me they are close the putting this issue to rest.
If you still can’t receive the PIN email by tomorrow morning try giving our call center a buzz and they can set your account to allow access only from your IP.
Ben Navarro
Managing Director
KaOnline.biz
Hey Ben,
Thanks for prompt reply.
Can you give me the correct call centre # to use in case no luck with PIN.
As I’m in Australia I can’t call the U.S. Tollfree # from here.
Best of luck with the tech side & hoping to add more when things are sorted.
Kind regards, Rob.
If you cannot call the US toll free line you can use the UK based number;
44-1234209855
Ben Navarro
Managing Director
KaOnline.biz
Hey Ben, something wrong with the site again?
Jude,
With the site? No.
However the PIN email is a known issue and it is being worked on.
I would say that about 30% of our entire client base cannot receive the PIN emails.
After the DDoS attack we moved mail servers, but the configurations were not changed, thus the problems. Our server techs have been testing and re-configuring the server since early yesterday afternoon.
This task, though it may seem easy, is complicated, and takes time. I understand that we have gone through a bit of a rough time as of late, but we are a very young company, and these things happen. The important thing is that we have a great team behind us that is dedicated to getting us back on track.
Ben Navarro
Managing Director
KaOnline.biz
As of 8/4 I now have access again to the site. First time since 7/29. Login, including PIN via email, worked fine. Having said that I wish I felt better about things. Not meant as a “slam” on any level, but I need to have consistent access to feel comfortable. I hope you can get there….
I don´t think any site can truely guarantee 100% uptime, and even less so in this industry as almost every site is a target for SPAM, DDoS, hackers, etc. What I can guarantee is that we will put our best foot foward in making sure that what happened this past week won´t happen again.
The downtime actually allowed us to enhance a few things on the site, mostly administrative, but still good for the whole of the company. The call center is now functional as well (Mon thru Fri), and the AA Promotion is in full swing. We are also very close to announcing our ´Authorized Accounts Administrator´program. What I mean to say is that even if the site hits a few bumps, we are still working and can always be reached via some form of media.
Ben Navarro
Managing Director
KaOnline.biz