Web Development Thread, Wordpress - I got hacked! in Coding and Web Development; So PcPro awards = nothing. Summary of last nights info. Will wait for someone to correct me....
13th May 2009, 09:33 AM #16
So PcPro awards = nothing. Summary of last nights info. Will wait for someone to correct me.
13th May 2009, 11:29 AM #17
Thanks for the hosting offers, someone has stepped forwards though (and their PM box is full ).
I also have a backup domain name, www.pitchblack.me.uk , that hasn't cropped up in any phishing reports to my knowledge. Would that help and be low traffic if all the spammers are clicking on a link to ssib.co.uk?
13th May 2009, 01:26 PM #18
Apparently, their actions are because I am not economically viable. I'll post the transcript later (checked it on my phone) but the Marketing Manger stepped in to the dispute saying "30mins of a technicians time fixing hacked accounts equates to 6 months subscription fee." He then said it'd cost £5 extra per month to swap to a dedicated virtual server and £20 to patch it up to make it secure (I expect only once though!).
Apparently they shove customers with breached accounts to a new server so they can grant shell access (which is denied on shared hosting for security reasons) and leave them to do the security.
13th May 2009, 02:05 PM #19
It's their fault for letting customers host vunerable versions of sofware ala wordpress.
Why did their technicians jump in and fix your files all you need to do was delete and upload a good install.
If your db wasn't attacked then your data would be safe.
13th May 2009, 02:11 PM #20
Sorry that I am coming to this late but I am sorry mate if a host as me to pay for a secure server ON TOP of what I pay monthly I would walk away.
He then said it'd cost £5 extra per month to swap to a dedicated virtual server and £20 to patch it up to make it secure (I expect only once though!).
I would expect the server (dedicated or VPS) to be secure from the point I got it, now there are things such as SLA's and non managed servers in that from this point onwards its down to you but the least they could do is give you a secure server in the first place.
Not good if you ask me.
13th May 2009, 05:46 PM #21
Guess the consensus is to jump ship then. Now the fun of fighting for a refund!
[Anonymised Tech Transcript logs removed by the OP since it causes so much offence to their techs. :/]
Last edited by CAM; 15th May 2009 at 12:40 PM.
13th May 2009, 11:53 PM #22
I think this is a little unfair. It's not the hosting providers responsibility to ensure customers keep their scripts up to date. It would be impossible to do this, we have recently purchased some software which scans a server for popular scripts and fetches version details of the script, if a script is out of date it alerts us of this. It is then up to us to notify the customers, however when you have several hundred domains with out of date scripts on it's very time consuming...
Originally Posted by plexer
However it is the providers responsibility to keep the servers secure & related software up to date (PHP/MySQL/Apache etc). It's also good idea for hosting providers to educate their customers on the importance of keeping popular scripts such as Wordpress (and especially Joomla!) up to date to avoid them getting comprimised. We usually do this as a little reminder in newsletters and offer assistance to customers on updating their software
It sounds like the company in question are simply trying to get you to upgrade to a premium package as they've almost given up on shared hosting. VPS's do have their place in hosting, but I'd personally not put anything on a 512MB server. You also need the technical ability (and time) to look after a server/VPS.
The normal way we deal with compromised sites is:
1. Try and find how the site got compromised in the first place via logs
2. Attempt to try and clean up the site and get it back on-line
3. If it can be cleaned up and offending code removed, upgrade the customers script to the latest version and secure appropriately (with correct permissions on files/folders).
4. If it cannot be cleaned up, we will restore the domains content from our backups, bring the site on-line and update the script/secure it.
5. Notify the customer of the importance of keeping scripts up to date/secure, should it be compromised again and we have to use our own backups there will be a charge of £15 + VAT (our standard rate for backup retrievals).
Thanks to CSNM-Carl from:
14th May 2009, 01:20 PM #23
After cancelling my Memset account, they replied "If you feel that way then fine, we will supply a full refund" and they have also granted me access to the my data and EMail system to recover my stuff. I can hopefully investigate the logs too.
EDIT - And to keep things fair, post the good reply now I am back from work and can copy the message.
[Good anonymised transcript removed too by OP].
Last edited by CAM; 15th May 2009 at 12:42 PM.
15th May 2009, 09:31 AM #24
- Rep Power
I must state my intentions here - I'm a systems administrator at Memset.
Any web hosting company worth their salt will suspend/deactivate any web site that has been compromised. WordPress has had it's fair share of vulnerabilities over the years that have allowed hackers and phishers to upload their own content. Joomla also has suffered it's fair share, and we've seen many compromised sites who have not updated when security updates have been released.
What happened in the original poster's case was that he was running an insecure version of WordPress and a phisher had found and exploited a vulnerability in the WordPress (or plugin) module that allowed them to upload the phishing site. We suspended the account because (a) we had received complaints from our upstream provider and (b) it is a potential threat to our other customers, our server and our network.
When phishing sites are detected, what happens is that the security companies acting on behalf of the company that the phishing site is trying to spoof will contact both the web hosting company AND their upstream provider. Whole servers and networks can be blacklisted, null routed and various other fun things if they do not remove sites/code/whatever that is a threat to their operations.
In the case of unmanaged web sites at Memset - it is assumed that the customer is fully responsible for the system administration and maintenance of their own web site INCLUDING security patching, etc. If not, sites are suspended. We have to do this to protect ourselves and other customers, as I have said. On the shared hosting service, we manage the main OS patching, Apache patching, MySQL patching, etc. but it is up to the customer to ensure their applications are kept patched and up-to-date.
Unless you're on a fully managed support contract with *whatever* web hosting provider you're using, I am confident that pretty much every other web host would have done the same thing in our position.
I am thoroughly disappointed with some of the ill-informed comments on this thread. Surely most of you should understand that patching software such as WordPress, vBulletin, Joomla, etc. is very important - as is keeping yourself informed of what security vulnerabilities are out there.
P.S. - It's not particularly polite to repost private communications on a public forum.
Last edited by mbdrake; 15th May 2009 at 09:39 AM.
15th May 2009, 09:36 AM #25
- Rep Power
The problem with shared hosting is that if one customer requires a particular version of MySQL, PHP or a PHP module, etc. it could have profound effect on other customers. VPSes are an ideal way of getting around that limitation. cPanel/WHM is a good way for relatively novice users to manage their own server. And a lot of providers (Memset included) offer a fully managed service with them that takes care of the responsibility of keeping the OS, Apache, PHP, MySQL, etc. updated and patched.
Originally Posted by CSNM-Carl
15th May 2009, 10:23 AM #26
It's also not particularly polite to ignore a customer who has become a victim themselves and is genuinely asking for assistance, and give them a response that equates to 'you are not worth our time to help'. Granted that was not your personal approach, but it was the response given by your Marketing department so I can understand why some of the comments here have been made.
Originally Posted by mbdrake
Your Marketing Manager said himself that he would prefer only to be offering only more secure solutions, and that may well be sensible for all the reasons you've mentioned, but the fact is if you are offering a service you should not turn your back on a customer the moment something goes wrong. That is simply poor customer service. I would be interested to know if he really expected the customer to roll over and fork out more money given that poor level of support?
We could debate the practicalities and financial viability of all this for hours, but what it comes down to in this case is that the response of your company to this incident was not handled well from a customer service perspective. My overall point is that you should ensure your own house is in order before lecturing other people on etiquette.
15th May 2009, 10:36 AM #27
- Rep Power
That still does not excuse posting private correspondence to a public forum - poor customer service or not. That said, the points raised about customer service here has been noted and I ensure these will filter back to the right people. I can't comment about pricing - my duties directly relate to ensuring that our services are operational and secure.
Originally Posted by AngryTechnician
As for not supporting the shared hosting customers when they need help - this is absolutely not true. I (and my colleagues) have gone out of our way on many occasions to assist our shared hosting customer base. However there must be some limits to this support for these services. I've found that shared hosting takes up far more support time than providing support for VPS and dedicated server customers. We're now focusing on businesses rather than the consumer market (of which there are plenty of web hosts out there for home users) and indeed, our shared hosting facilities are being phased out (I don't believe you can buy any shared web hosting packages with us now).
Last edited by mbdrake; 15th May 2009 at 10:49 AM.
15th May 2009, 12:30 PM #28
I have to admire your courage considering the thread was very much against you before you joined it! I think it shows the frustration and disbelief of an up and coming IT guy, he never purposely got hacked, support should have been there for him rather than threatening him/pushing him to take another package, I don't condone the pasting of the PM but you need to understand that approaching someone informally through a forum is unlikely to result how you want.
Originally Posted by mbdrake
15th May 2009, 12:49 PM #29
- Rep Power
Nobody sets out to be hacked (well, unless you're looking to become a honeypot), but even so, clearing up after vulnerability is both time consuming and costly in terms of support (there is also the issue of replying to those reported the phishing site, the upstream provider, etc. to tell them that we have dealt with the issue and re-assure them that this will not happen again from the same customer). When you weigh that against the cost charged for the actual hosting and the clean up operation, it an becomes expensive process. The balance of giving lots of support to shared hosting customers and VPS/dedicated customers is a difficult one. Sometimes it doesn't work out - like it has here.
Originally Posted by dwhyte85
I've used a lot of web hosts myself over the years. I started my career as a technical manager/systems administrator/developer for small ISPs/web hosts before working for six years in the film industry for a busy visual effects facility in London. I used a LOT of web hosts during that time and none of them gave me the kind of level of support that my employers give our customers - especially those shared hosts that I used (and gave up before moving over to VPSes and dedicated servers). Sometimes paying that bit more money to get quality support is a necessity. Oversold cheap hosts do not work out well at all.
I DO believe in good customer service, yes, absolutely. But I feel that our recommendation of upgrading to a miniserver was a reasonable one given the circumstances.
Last edited by mbdrake; 15th May 2009 at 12:55 PM.
15th May 2009, 01:28 PM #30
Right, as per your request I have removed theanonymised transcripts from my posts. I'm sorry for doing it and may have made a mistake, butI saw no wrong in posting them and felt it would provide better clarity to the situation as I have never been in this situation before and didn't want to come accross as one sided. Yes, there are a few "angry customer" moments but what do you expect when you are left feeling like your dangling from the end of a rope with EBay's legal sharks circling below you?
In response to your claims of an old version of Wordpress, if you read the thread you will see I posted that as far as I knew, it was the most up-to-date version. The control panel bugs the hell out of me if I don't update, so I do. We all know that keeping web software up to date is as critical as keeping Windows up to date. It may have been Image Gallery which I assumed would be no threat if disabled in the control panel. But I did ask for this information plus more and it wasn't given, hence why I opted to leave.
I have spoken to the company MD who I have to say was incredibly good and helped calm the situation down and clarify the potential source of confusion. I have dealt with the matter and putting it behind me to move on and deal with more important things (like dodging the camera lenses of our school leavers ).
By GrumbleDook in forum Virtual Learning Platforms
Last Post: 3rd May 2009, 09:23 PM
By TechSupp in forum Internet Related/Filtering/Firewall
Last Post: 20th February 2009, 09:27 PM
By sgknowler in forum Web Development
Last Post: 30th April 2008, 12:51 PM
By mark in forum Web Development
Last Post: 1st May 2007, 05:09 PM
By beeswax in forum Web Development
Last Post: 25th February 2007, 03:59 PM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)