Elitehost problems

Ianf1

Ianf1

Expert Member
Joined
Aug 5, 2007
Messages
1,970
Reaction score
201
Location
Johannesburg
Hi
We have been hosting 2 websites with elitehost since 2013.
Now they have just taken the sites down and sent this message.
"The account ???.co.za has been compromised and is sending spam. I have removed permissions on the public_html folder, please restore them to 0750 once you are able to clean and secure the account.

Please see below list of recently modified files:"

Now I go into the files on the control panel and there are no files there. How can you even look when there are no files?

Edit some of the sites are now back ???

We have changed the passwords recently and installed wordfence.

Is this normal for wordpress and prestashop sites?
 
Your best bet would be to contact Elitehost and ask them what's going on.

Unfortunately Wordpress sites do sometimes get compromised. Especially if a plugin is used that has vulnerabilities.
 
i had the exact same issue (also with Elitehost)

To fix
- go into the File manager via Cpanel
- update permissions for the Public Html folder to 0750

this will now make these files visible. Try to clean up your infected files quickly as Elitehosts security will block it again if it continues to spam.


You want to look at your header.php files, .htaccess files, index.php files and footer.php files> These tend to be the culprits.

As mentioned, look at your plugin files too. Anything thats been recently modified is probably infected. But 9/10 times its an outdated theme or wordpress version causing issues.


Also make sure your theme is recent and patched against recent vulnerabilities.
 
My frustation is you can only email them. Who has the phone number?

They have now nulled the script and blame wordpress. But wordfence emails each time someone goes into the WP-Admin and no emails were received.
 
Ianf1 said:
My frustation is you can only email them. Who has the phone number?

They have now nulled the script and blame wordpress. But wordfence emails each time someone goes into the WP-Admin and no emails were received.
Click to expand...

It would not have been necessary to go into your WP Admin page for it to have been compromised. Unfortunately it's a problem with Wordpress. Due to it being so popular it is also a very big target for the evil people. Always make sure that your Wordpress is updated. Same for all plugins. Even then it's possible to be compromised if you use a plugin that has vulnerabilities.
 
sounds like a compromised theme (possibly a paid one you downloaded for free?) wordfence wont pick it up as it will run without needing access to wp-admin dir
 
Thanks guys someone is looking at my site for me as a response to this. Not to sure if they want to be acknowledged publicly?

I just wish elitehost would be more responsive and say which plugin they see as causing a problem.
 
With the help of one of the members here I have updated all the funny plugins and deleted the malicious files. Now just need to get one blog back up and running.
I am sure he will identify himself if he wants to. But thanks anyway.
 
"Elitehost"? L33Thost? Mmm, no.....
Damn! Name taken. Now I must use number two on the list:

"kewlhost"

Also very good and virtuelly the same.....
 
Ianf1 said:
With the help of one of the members here I have updated all the funny plugins and deleted the malicious files. Now just need to get one blog back up and running.
I am sure he will identify himself if he wants to. But thanks anyway.
Click to expand...

Glad I could help :)
Drop me a PM or Email if you get stuck with the blog and need some help.
 
Just keep in mind that even though elitehost has (and always will) go beyond the call of duty, they really don't have the time to help diagnose site specific issues. IMO they've gone beyond what a normal host would do (which is nothing) and notified you of a compromise on your site you might not have been aware of.

Glad Murmaider was able to help you out.
 
As mentioned above, you're realy quite fortunate that they properly notified you and gave you access to your public_html to clean the account.
Many hosts would simpy suspend/terminate the account.
You agree to a Terms of Service when you sign up with a host, that usually states that you won't use the account maliciously (whether intentionally or not) to send spam etc.
They're providing you with a server to host your files. If you stick a bunch of malware-infested files on there, or your website attracts malware because you fail to keep it properly secured or updated, that's unfortunately your fault.

Also, people are so quick to take their issues public thereby harming a company's reputation, before they've even tried to properly contact the host to sort it out, as if posting the issue in a forum will get it sorted out quickly. Just don't get it.
 
chopsky said:
Also, people are so quick to take their issues public thereby harming a company's reputation, before they've even tried to properly contact the host to sort it out, as if posting the issue in a forum will get it sorted out quickly. Just don't get it.
Click to expand...

Agreed. And he makes the subject "Elitehost Problems" when it is actually a user problem. Hetzner for example zips your website and takes it down if infected, end of story. Getting really tired of these public whingers.
 
chopsky said:
As mentioned above, you're realy quite fortunate that they properly notified you and gave you access to your public_html to clean the account.
Many hosts would simpy suspend/terminate the account.
You agree to a Terms of Service when you sign up with a host, that usually states that you won't use the account maliciously (whether intentionally or not) to send spam etc.
They're providing you with a server to host your files. If you stick a bunch of malware-infested files on there, or your website attracts malware because you fail to keep it properly secured or updated, that's unfortunately your fault.

Also, people are so quick to take their issues public thereby harming a company's reputation, before they've even tried to properly contact the host to sort it out, as if posting the issue in a forum will get it sorted out quickly. Just don't get it.
Click to expand...

Yes it was a wordpress problem and it has been sorted. Obviously I expect too much from a webhosting company.

Do you know of a webhosting company who deals with whingers?
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X