I'm swamped with multiple family crisis going on at the moment. I just haven't had time for anything the past week and likely won't this week either unfortunately. I'll probably need another week after that to recover from all the stress.
I think JLC shipped the boards, but ive ended up with like 10 stalled projects now due to lack of time.
What time I had this week I've been fighting with more server attacks. Some right strange sh*t going on and various attempts at SQL injection. Trying to write files to temp folders in the system, to many things to list. The attacks have been ongoing for the past month it seems. I spent a lot of time debugging it all and nothing was compromised from what I can see.
I've done a massive firewall update to deal with all these new attacks. Yesterday the scripts had clocked 1,409 IP addresses all attacking the server in multiple ways. These were from IPs all over the world. But could well be proxy servers from a lower number of actual hackers. I almost missed a lot of them as they were delaying requests by 15 seconds each time which made actually finding all the common attacks a bit problematic. Each log file is 100MB so that's a LOT of requests to look though.
It really is crazy what servers get attacked with. Just when you think you have seen it all, several more things appear.

There's some right weird stuff going on. Like SQL injection attempts pretending to come from Google search which are attacking all index.php files. It's either a really badly confused attack bot or something really ingenious which makes no sense to me.
I also found a odd nginx "bug" . I have caches enabled and expires after 10 days. So the browser should the download the files again. But that wasn't always happening. I don't think the forum was effected. Only some pages which use server aliases. Like if you use an alias and a cache, it screws up and throws 404 errors even though the files are there. Remove the cache and it works fine, also works fine without a alias . It should be fixed now anyway.
I will try and keep an eye on the logs over the next few days. I don't think I've missed any attack attempts. But with literally millions of requests each week, it's not simple to find them all.