Shady hosting??

spcproman

spcproman

New member
Jun 12, 2011
146
1
0
Sunny South Florida
Ok, so without naming them, I got a host off of this website, it's VERY cheap per month (under $10). Guessing that you get what you pay for in this case...

Anyways, started a few WordPress blogs and I kept getting hacked by this "Bangladesh Cyber Army" until I got a few ''security plugins'' and now they haven't defaced my websites at least but.....I keep getting 404 attempts and apparently some ''changed files''.....the logs are long and seem like it's somewhat legit stuff being changed....but if I didn't manually change it and the security plugin is bitching it has to be hackers right?

Any suggestions about anything? =(
 


The 'host' you are refering to has shocking support. I know its cheap but if you cant offer support dont offer a service. We had several sites hacked on their server and support refused to admit it was their issue and didnt seem to care about security as they just replaced the index file of one of my sites so it appeared to come back but the database was still comprimised and I had the manually clean 8 databases before we got access back, i supect the vuneralability is still there and am waiting to get hacked again
 
Dan_Hostwinds said:
Spc,

That could very well be completely unrelated to your host, and more related to a vulnerable WordPress site (due to vulnerable plugins or a theme). Without posting the whole guide here; https://clients.hostwinds.com/knowledgebase/56/WordPress-Security.html is a very useful tutorial on securing your WordPress site(s).

I hope this helps, feel free to PM me if you need any more advice.
Click to expand...

Thank you for your information sharing! I'm about to go read that. Appreciate the PM invitation, may do so soon. I'll get what I can out of the article. =)


hackrepair said:
Below is a another discussion on the care and feeding of shared hosting accounts, Why Shared Hosting Can Be Bad For The Health Of Your Business « My site been hacked – Google Malware Clearing Service
Click to expand...

Thank you as well for your sharing, will check this out as well. Need all the help I can get, being a n00b ;)
 
butcher said:
The 'host' you are refering to has shocking support. I know its cheap but if you cant offer support dont offer a service. We had several sites hacked on their server and support refused to admit it was their issue and didnt seem to care about security as they just replaced the index file of one of my sites so it appeared to come back but the database was still comprimised and I had the manually clean 8 databases before we got access back, i supect the vuneralability is still there and am waiting to get hacked again
Click to expand...

Not trying to throw anyone under the bus here, just thinking that low cost hosting can quite possibly = low security and as well low support turnaround. It is a pain in the ass to fix stuff that's been hacked. Glad I started using BackWPUp and manually pulling the whole Public_Html folder from my FTP to a non-internet based backup area.

Are you using WP? Or straight up HTML sites?
 
Use only hosting companies that are proven to work well. You can check out their rankings on such websites like top 10 hosting, best web hosting etc.
 
Right, fuck it im outing the host. its affiliatemarketingservers com owned by a member here. Fucking sites hacked again today, looks liek teh same exploit. Bullshit support blamed the theme last time, the them is not being used this time..
 
yea dude - you are outing these people when very probably this is your fault for having a faulty/old/non-updated plugin, theme, or overall installation of wordpress

before you go ruining peoples business model you shuold get your facts straight

just from what you described i am guessing it is you, not your host
 
shawnhag said:
yea dude - you are outing these people when very probably this is your fault for having a faulty/old/non-updated plugin, theme, or overall installation of wordpress

before you go ruining peoples business model you shuold get your facts straight

just from what you described i am guessing it is you, not your host
Click to expand...

I'm still not saying who it is....I was just looking for support from this great community.

The 2 times I have been hacked, it was due to my security problems. After I got WP Better Security and implemented some seriously insane passwords, the breaches have been stopped. Attempts are still made on 404 attacks but...it has seemingly stopped it all.
 
Dan_Hostwinds said:
Good! Normally WordPress site's being hacked are due to the site itself, not the host. As a support tech, though, I deal with many clients who'd like to think otherwise, though. ._.
Click to expand...

It's made me want to design some kind of ''hacker trap'' where they think they are getting into the site and then get a virus! lol
 
spcproman said:
It's made me want to design some kind of ''hacker trap'' where they think they are getting into the site and then get a virus! lol
Click to expand...

its called a honeypot...already been done and done again

yea man - i would pay someone who knows whats up to take a look at your ftp/host and instal to see what is going on.

if this has happened multiple times it is better to have someone knowledgeable, a lot of the times the host is not able to look at this stuff because WP and 3rd party apps are outside of their jurisdiction
 
I am having shared host with ipower.com never got any type of problem.It depends on your host and the security features they provide.Bluehost is also one of the best hosting providers
 
shawnhag said:
its called a honeypot...already been done and done again

yea man - i would pay someone who knows whats up to take a look at your ftp/host and instal to see what is going on.

if this has happened multiple times it is better to have someone knowledgeable, a lot of the times the host is not able to look at this stuff because WP and 3rd party apps are outside of their jurisdiction
Click to expand...

I do all my own FTP, file stuff and can design WP/'wysiwyg' html with some adjustments.

The latest plugin gives a lot of options and logs. My host doesn't have SSL...guess I need to get that sooner than later ;)


iSynergy Media said:
I am having shared host with ipower.com never got any type of problem.It depends on your host and the security features they provide.Bluehost is also one of the best hosting providers
Click to expand...

Will check them out, thank you =)
 
So.....since I installed Better WP Security, I haven't been hacked, just 404 attacks and a few bad logins, nothing crazy. Now....today....it happened again. Different people. Person has their email address on their spam page and says contact me for security - right you fucking asshole.

If I have a Wordpress made them like twentyeleven, is that pretty secure compared to getting a free one from some hackjob?

As well, everything is up to date and I've got a lot of settings turned on to prevent issues....great.

Any advice? I'm such a noob.lol
 
You've really got to watch out since you never know who is watching over the servers or who could have had access to them.
 
I'm sorry to hear about this. This has also happened to me once before and was a vulnerability in the CMS I was using. I'm also ditching my host, they leave my tickets ignored for days...
 
You must log in or register to reply here.
Top Bottom
Back