Oblivion

Security changes, limits on downloads per file and other tidbits

  • Comment
The past few days have been a bit of a fixer session for me on the site. Here's a quick run-down of the fixes that didn't make the news until now because they were a little small:

  • Ordering files by rating will now recognise files with a rating of 10, and order them by their total ratings too, so files with the same rating will be ordered by the number of ratings they have
  • Morrowind mods are now properly recognised on the Updates Recently log
  • A fix was applied to stop duplicate entries for the same file appearing on the Updates Today page
  • A fix was applied to the "Give editing access to other members" feature on the "Edit File" page that allows you to give editing access to a single other member on the site
  • There is now a new section under your uploaded files for files that you have editing access to, as governed by the "Give editing access to other members" feature on specific files


If you find a bug on this site or you believe a feature is not working as intended please use the feedback forum to make it known. I cannot fix a problem if I do not know about it!

Buddah brought my attention to another problem on the site that requires a mention. There are a few files on this site that have come victim to the nasty site bots from Russia and China. These are nasty bitches that deliberate autonomously spam the site in order to leech its bandwidth in an attempt to bring the site down. You can recognise such files by checking the total downloads counter against the total views counter; if the downloads are greatly higher than the views then a bot has been trying to get its way with the site via this file.

This is not the uploaders fault and steps are being taken to identify the files that have unrealistic download counters and to try and provide a more accurate reading.

In response to this issue I have tightened security on the site and added a few flood control features to the downloading code. A limit of 50 downloads has been placed on files so that members and guests can only download a single file a maximum of 50 times before they are blocked from downloading. Similarly members logged as hitting this limit are automatically moved to a seperate member group, "Suspects", so I can further monitor their activity.

Around 10:30pm GMT security checks on the login cookies were placed on all pages of the site, consolidating the site security. Some members might have been a bit scared when redirected to a "You've been banned" page. I apologise for this, the blurb was misleading and has since been changed.

These changes should help further the accuracy of stats, the prevention of bandwidth leeches and aggressive bots, and the security of the site.

12 comments

  1. Axil
    Axil
    • premium
    • 32 kudos
    Whatever the security updates were they've caused me hassle - I'm just tried downloadin the mod Progress but there's something wrong with the file and it continued loading past the 24Kb. Now Nexus is banning my IP address from downloading the mod. Can this please get fixed - It says to contact an admin but since the contact page is down there's no way to <img class=">

    Axil
  2. SnowyOwlet
    SnowyOwlet
    • member
    • 36 kudos
    From what I read, the 50 limit is per single file, for the life of it existence here? I agree that no one would need to download any one file more than a few times, certainly not 50, unless the file was named the same every update. I have had a few times of disconnects and slow service where I restarted my download though. I expect that it would be possible to tell if there were a valid reason for repeated attempts. It is such a shame that some people get their fun by ruining things for others. Your efforts to make and keep this site a premier location for great mods and community are appreciated, DarkOne. Thank you.
  3. hellbishop
    hellbishop
    • member
    • 69 kudos
    Thanks for the improved security measaures DarkOne. This is a GOOD THING <img class=">

    Dont know why people just dont burn their mods onto a cd once downloaded instead of redownloading them over and over when reinstalling OBLIVION etc.
  4. Galahaut
    Galahaut
    • supporter
    • 85 kudos
    Edit: Oops, misread that.
  5. KevinDAmery
    KevinDAmery
    • premium
    • 15 kudos
    Just had a thought regarding stopping the bots: maybe instead of (or in addition to) limiting the total number of downloads for one file, you could limit the number of times an account can download the same file per day. My thinking is that some modders update their mods regularly, and if they don't change the file name then legitimate users may eventually hit the 50 DL limit--but there's no way anyone would attempt to DL the same file more than a couple of times in one day (assume that maybe their browser barfs so the first DL attempt fails, so they try again... but they aren't going to do that too many times.)
  6. worm82075
    worm82075
    • premium
    • 67 kudos
    I have noticed a lot of other little tweaks and changes to the site in the last week or so. For example the upload progress meter made it all the way up to 180-190 mb of a 250 mb file before it gave out, thats a big improvement. Your are ever vigilant and oh so diligent and I thank you for all your hard work. I can think of only one way to show my gratitude and express my hope that TES NEXUS is still the best ES site on the web when TES X arrives in oh say 2020. That would be to purchase a lifetime membership. In 2-3 days when PayPal clears I will properly show my gratitude by spending a mere 39.99UK/77.58US. The price of a two year membership? That's insane. If you asked me for another 80 bucks in two YEARS I would probably give it to you. And incidentally if this site were ever to get in trouble I for one would definitely give to an emergency member funds drive.

    Praise be to the Dark0ne
    Long live TES Nexus
  7. Sage Rime
    Sage Rime
    • premium
    • 91 kudos
    Nice to see this was manageable.

    I really started to doubt some files after I saw the +80,000 downloads and 14,000 views.

    I guess I was right to report them this time, instead of just being paranoid. <img class=">

    Sage Rime
  8. Ra)
    Ra)
    • member
    • 47 kudos
    Long live TesNexus! Hooray! Best Elder Scrolls site ever! <img class=">
    Thanks a lot, DarkOne.

    -Dume
  9. yearg
    yearg
    • supporter
    • 2 kudos
    one thing, who the heck would download a file more than 50 times except for those bots?
  10. buddah
    buddah
    • supporter
    • 1,230 kudos
    Please don't check my download stats, I will be banned immediately ! ! ! ! !

    Seriously, the report functions are an early warning system: If something doesn't seem to be operating/recording properly let us know....these attacks that leach bandwidth increase the costs of keeping the site operational.

    When and if you use the report function, please include some comment indicating the problem or area of concern you are reporting as it gives us a place to start.

    All reports are taken seriously and are dealt with as quickly as possible, most are dealt with by the moderators within our abilities, but the site problems are dealt with by Dark0ne. Your efforts as an active member of the community are greatly appreciated. Collectively you see everything good and bad on the site, so your input is quite important to keep this mad house running as effectively as possible, keep those reports coming in so as a community we can make Nexus a pleasant experience for everyone.

    Thanks for your help.

    Buddah