

Did someone hack Posterous's home page? (update: back to normal) - giladvdn
https://posterous.com
For some reason it displays some blog by DJ Paul Phusion instead of the regular landing page...<p>Update: seems to back to normal.
======
wofser
Reminds me about a big site in (www.bilddagboken.se)

Its a site where people can register and post pictureblogs. If I register as
ryan the adress to my page would be ryan.bilddagboken.se.

After YEARS of running the place (around 800.000 users) someone registered the
username "www". This resulted in all visitors that typed www.bilddagboken.se
(or used a bookmark) was directly redirected to the user "www" page. His/Hers
page had thousandths of angry comments accusing him/her of hacking
bilddagboken.se

~~~
mseebach
On the old Twitter, if you had Javascript disabled, clicking "sign out" took
you to the Twitter profile of @sign_out (or similar, can't remember).

~~~
code_duck
Every once in a while, signing into Twitter I get redirected to
'twitter.com/sessions' and instead of it handling my log in, it's an actual
Twitter account which is inactive. Pretty odd. I think they finally fixed
it...

------
kristofferR
Ehe, this is the latest tweets from the DJ, Paul Phusion:

paulphusion: @posterous Something went wrong yesterday when I tried to forward
my own url to my posterous account. I'm sorry! What was the reason? 17 hours
ago

paulphusion: @scottgould did I crash posterous? omg! was just trying to
forward my domain to my posterous account. I'm sorry! 17 hours ago

~~~
giladvdn
How did his domain change break the main site?

~~~
chacha102
I believe that is what the site developers are asking themselves at this very
moment.

~~~
ceejayoz
And their managers are asking "how was this not fixed until 18 hours after it
happened?"

------
vincentchu
No hacking here, just a simple misconfiguration in our Rails app. Nothing to
see here, move along. ;)

~~~
elliottcarlson
It would actually be interesting in what kind of misconfiguration lead to this
- was it a simple DNS misconfiguration that wasn't accounted for?

~~~
vincentchu
The explanation is really pretty innocuous. We had an unaccounted-for edge
case that cached paulphusion.de's pages under our root domain, posterous.com.

Like many software bugs, it was an edge case that we didn't foresee, but that
happened extremely rarely. We've been running Varnish for the better part of a
year, millions upon millions of requests and this was the first time something
like this has ever happened.

Of course, none of that wipes the egg off of our face. ;)

~~~
kevinpet
Hash collision?

------
kirchhoff
Nice exposure for DJ Paul though.

------
drtse4
Looks like the main domain is displaying paulphusion.posterous.com. Other
subdomains are working as usual. Misconfiguration?

------
JackWebbHeller
I would guess it's some kind of internal error, seeing as the incriminating
content is powered by Posterous itself...

------
jagtesh
If they don't fix it, DJ Paul Phusion will soon be a household name

------
wccrawford
I would guess that they were doing something experimental and messed up. No
reason to think it's a hack.

------
edandersen
Looks like a fake DJ's homepage with Twitter SSL certificate errors on iPad. I
would not visit it while logged into Twitter.

~~~
jonknee
He certainly appears to be a real DJ.

------
braindead_in
As per the tweets it seems that it was because of some domain cloaking/masking
thing.

------
totoroDomo
YAYAY Its fixed!

