While I can sympathize with vB and what they're going through with this ddos thing, I really cannot agree with what they're doing. After weeks of not being able to access, and assuming it's due to the ddos attack, I find out they're running o.k. and their server as in vB.org is up, but only blocking ips from vB.com! Can't those who are blocked ddos vb.org to bring the server down?!?!

This sounds fishy to me, technically, and especially having no attempt at explaining any of this to us blocked customers, even by email, to alert us that we need to constantly update vB support with our IP's if we need to access our accounts.

The excuse so far is that vB staff are busy handling the attack? That's a big mistake, IMHO, as throwing more staff at handling the attack doesn't help. Have the ones with network security background handle it, or hire an expert, let them do their job, and let the rest do other things, like minimal updates and communication with customers. Send a lousy email, have vb.org create a temporary forum to update us (or mirror vb.com's announcement on vb.org), etc. There are so many things the rest can do.

The way it looks so far is like a high way accedent, where all spectators want to watch the wreck and monitoring those who are doing the rescue, while stopping traffic, and no one wants do do anything else useful.

That's just my opinion, and I don't know sh*t about what they're doing and what's going on, but that's not my fault, it's vB's fault for being so silent, uncommunicative, keeping customers uninformed about the situation, so we're left to guess what is really happening, and what's being done.

Nothing can help the situation with your customers better than being open, communicative and transparent. Explain what is going on and what's being done, constant updates, etc.

Update, I was able to access through a proxy, and thanks for the tip, but that's still a lousy way to find out and finally get access...

For those still unable to access, here's a quick update, RC1 is out, and from the chit-chat forums, it seems the attacker has been identified, and it's just a matter of convincing the authorities to take action.

Until then, email your IP or use a proxy if you can't access.

I have used the VB for a while and this really sucks, no access then I get a email my account is up for for the 30 dollar renew.
But can't access the site .. we have stayed with the updates and lived without a portal til they pull this together.
There are to many less expensive products out there that will give us the portal for a homepage and a message board.
They have to pull this together within the week, or we bail. I know of three other boards that started with VB due to us. And this no hacking rule .. come on ...

The "no hacking rule" doesn't apply anymore.

This is a temporary solution to a very serious and determined DDoAS attacker. Believe me we like this even less than you. However for now we have one choice - protect ourselves from the zombie machines under this attacker's control and keep service open and available for the vast majority of our customers - or let this attacker have his way and knock us completely off the net.

That's our choice right now. The latter scenario is obviously worse for our customers since NO ONE would be able access and of the vB sites.

We are currently investigating better long-term solutions but each of them requires a significant amount of money and time to set up.

I emailed support and got a responce 5 minutes later with how to temporarily access the site.

No complaints over here. I just downloaded my copy of RC1 I'm upgrading the forums tommorrow :)

Bungee] Understood,

But why have you still not sent out an email to all registered users explaining the situation? Surely that could be done quickly enough?

I've read some of this how do I get access to vb.com ? ;) I'd love to download RC1 from members to get to testing.

Email your IP to support@vbulletin.com and they will take care of it.

I don't understand that either. I thought the site was down for everyone so writing to support hadn't occurred to me. Thankfully I found this site but what about the customers who don't visit here. They don't even know they're being blocked.