Hi,
My site has been hacked about 4 times with Serv Hosting and by now I thought I have taken every single security measure known to man. Yes, I know WordPress has it's issues. In fact, WordPress at it's core as I have come to understand is pretty rock solid and it is the Plugins most of the time that have the vulnerabilities.
Of course, with that in mind I make sure my sites are up to date, my plugins are from reliable sources and up to date and that I have followed as many security measures as I can.
Serv Hosting has been known to change their users passwords numerous times and from articles I have read as far back as 2008, they are a hackers paradise. So I am moving.
The last hack warned that I should change my FTP password immediately (red flag; their FTP has been breached again) and then begin the process of sorting out the virus. I left it for a few days because I got too busy and the site had not been defaced...yet. The only thing I did on Friday was to change my FTP password.
Yesterday, Sunday, I open my site and sure enough, the site is defaced with the following screen. It would seem from this screenshot, that the hackers would have full access to my site and the only reason nothing else happened was because I had changed my password.
I have spoken to Hetzner and they've said that without being in that environment, they cannot prove that Serv Hosting has not done enough to secure their servers. As you can imagine, when the majority of your sites are hacked, you do not want to spend hours and hours fixing issues if the ISP is at fault. I have gone as far as to find out if there is an Ombudsman for ISP's in SA to which I have found out that unless they belong to ISPA, which is voluntary, there is not much else anyone can do. So, you are liable for your own damages.
Please take a look at the screenshot. If anything, I hope the ISPs will take note of it and flag is in their systems for something to look out for.
Thanks
My site has been hacked about 4 times with Serv Hosting and by now I thought I have taken every single security measure known to man. Yes, I know WordPress has it's issues. In fact, WordPress at it's core as I have come to understand is pretty rock solid and it is the Plugins most of the time that have the vulnerabilities.
Of course, with that in mind I make sure my sites are up to date, my plugins are from reliable sources and up to date and that I have followed as many security measures as I can.
Serv Hosting has been known to change their users passwords numerous times and from articles I have read as far back as 2008, they are a hackers paradise. So I am moving.
The last hack warned that I should change my FTP password immediately (red flag; their FTP has been breached again) and then begin the process of sorting out the virus. I left it for a few days because I got too busy and the site had not been defaced...yet. The only thing I did on Friday was to change my FTP password.
Yesterday, Sunday, I open my site and sure enough, the site is defaced with the following screen. It would seem from this screenshot, that the hackers would have full access to my site and the only reason nothing else happened was because I had changed my password.
I have spoken to Hetzner and they've said that without being in that environment, they cannot prove that Serv Hosting has not done enough to secure their servers. As you can imagine, when the majority of your sites are hacked, you do not want to spend hours and hours fixing issues if the ISP is at fault. I have gone as far as to find out if there is an Ombudsman for ISP's in SA to which I have found out that unless they belong to ISPA, which is voluntary, there is not much else anyone can do. So, you are liable for your own damages.
Please take a look at the screenshot. If anything, I hope the ISPs will take note of it and flag is in their systems for something to look out for.
Thanks
Last edited:
