So it seems serv hosting little security slip with the viagra thing was not a once of thing. Today i tried to log on to my website hosted with them and got an account suspended page. I called them and had to wait over 20min before i got through to an operator. He then told me that my account was suspended due to it being hacked. I asked him for more details on the hack and all he could tell me was that it was hacked via ftp and they are still investigating. It is very unlikely that the hack was due to my negligence as the site is a hand coded html site! and I only access it via ftp / cpanel via my pc which is secure. He also said that they currentlly have over 100 support tickets open and i should open a ticket asap so they can restore my site to their last weekly back up. I have been a client of theirs for several years and have never had to wait 20min to get to an operator. It is clear that other accounts have been hacked too. Serv Hosting is really dropping.
-
Join the MyBroadband community
South Africa’s biggest forum. Discuss, discover, and connect with thousands of members.
-
Question of the Day: What's the most interesting small town you've visited in South Africa?
Serv Hosting AGAIN Beware!!
- Thread starter virtualk
- Start date
macxsanity
Well-Known Member
In the past month they have reset my admin account password 4 times today i got this mail below
Important Notification
We have noticed more and more websites being hacked on our network. One of the primary reasons for this is as a result of insecure passwords. To improve and better the security of your account, we have decided to reset your account's password and resend your Welcome E-mail. You will receive a mail shortly with your account details and the new password. We would like to apologise for any inconveniced caused as a result of this, however trust you can appreciate the reason for this.
macxsanity
Well-Known Member
and that is a lie .....passwords can be brute forced . i think some one compromised thier servers and installed a RAT or some other form of relaying agent Malware i do not buy this crap about weak passwords and $hit ......
They have reset my account details as well. Had a mini heart attack as I thought they recreated it as a new account. I host about 50 odd email addresses.
I did notice some spam in the code of my websites a couple months back.
I did notice some spam in the code of my websites a couple months back.
yea it is bull$hit. My password isn't weak. Their servers are compromised. In my case with this particular website, restoring to a previous weeks back up isn't too tragic, but if it was a larger eCommerce site for example, it would be catastrophic
Last edited:
ABYC
Member
Interesting, reminds me of the story about motorbikers - there are only two types; those who have gone down and those who are going to go down.
I suppose one could apply that to servers and web sites as well; those that have been hacked and those that are about to be hacked.
I do have a relationship with Serv but was not affected. In the interests of good security though I have changed passwords. Just like I changed passwords when LinkenIn was hacked. I suppose that these things are sent to make us stronger.
I remember the first time that a site of mine was hacked - I really lashed out and tried to blame everyone, after the second time I just tried my best to follow stricter security.
Would anyone have any idea if it would be better/safer/more secure to be in a NON shared environment and on a dedicated server?
I suppose one could apply that to servers and web sites as well; those that have been hacked and those that are about to be hacked.
I do have a relationship with Serv but was not affected. In the interests of good security though I have changed passwords. Just like I changed passwords when LinkenIn was hacked. I suppose that these things are sent to make us stronger.
I remember the first time that a site of mine was hacked - I really lashed out and tried to blame everyone, after the second time I just tried my best to follow stricter security.
Would anyone have any idea if it would be better/safer/more secure to be in a NON shared environment and on a dedicated server?
Shared hosting: if someone gets full server access (possibly via another client) then they have access to your environment.
Managed hosting: Similar to Shared but you get to use all the resources
Dedicated server: You're the one responsible for the security.
Tinuva
The Magician
That used to be true in the past.
For our linux shared hosting, we have changed over to another OS that puts each virtual domain in it's own jail. So when a specific website gets hacked, it can't be used to gain access to the rest of the server or other domains, which used to be the case in the past. Since we have done that, I haven't heard of a server where all domains have been hacked again.
When hackers become a problem, I believe the shared hosting company has to grow and learn how to be more secure, I am sure serve hosting will follow the same path that we had to.
ABYC
Member
Clever, Very Clever - and you know I am going to ask you for more info, if you are willing to share as I presume that such an OS will also help myself and others in a dedicated server environment as well?
Tinuva
The Magician
Sure thing.
The os is CloudOS or CloudLinux. It actually makes use of CentOS with their own kernel and a few OS enhancements. It also has integration packages for CPanel and Plesk. http://cloudlinux.com/
It is however not free, but the amount of time it saves you...well worth the investment. Then you can still add stuff like ASL (atomic secure linux) which automates a bunch of other security features although this needs a lot of tuning to prevent problems for customers. ASL have like preset rules for mod_security (mod_security is free, you pay for the rulesets and interface) and a few other things.