Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsOrcon and iServeMy website has been hacked


6 posts

Wannabe Geek


# 78287 2-Mar-2011 13:44
Send private message

Has anybody else who hosts a website with Orcon been hacked?  The message on the website is "hacked by shiraz" (Also includes a number of symbols etc) 

We have checked on google and found a number of other websites also hacked by this person and found that they are hosted on the same server with Orcon.

We have called Orcon a number of times with no resolution to date.  They refuse to accept that there is a problem and won't even escalate this to tier 2 support.

We have had the most appauling customer service experience and expect that as soon as this is resolved (if it is EVER resolved) we will be looking to new providers.

Please feed back if you have had the same or similar experiences with your own website.


[Mod (N8): Updated subject line]

View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2 | 3 | 4
1140 posts

Uber Geek


  # 444777 2-Mar-2011 13:51
Send private message

How do you know it's and Orcon problem? Sites get hacked all the time and more often than not they get in via the site, CMS's with bugs or forums with bugs, No sanity checking on inputs etc etc. Check your own stuff before blaming Orcon




Most problems are the result of previous solutions...

All comment's I make are my own personal opinion and do not in any way, shape or form reflect the views of current or former employers unless specifically stated 



6 posts

Wannabe Geek


  # 444779 2-Mar-2011 13:56
Send private message

I appreciate your response, however we are 100% sure that it is an Orcon problem. 

What my main frustration is at the moment is the fact that they are not even inclined to look into it.  We can't even seem to get past the front line team.  Can you honestly tell me that a tier 1 support person has the ability to diagnose such an issue?

 
 
 
 


1371 posts

Uber Geek


  # 444785 2-Mar-2011 14:07
Send private message

eariefarie: I appreciate your response, however we are 100% sure that it is an Orcon problem. 

What my main frustration is at the moment is the fact that they are not even inclined to look into it.  We can't even seem to get past the front line team.  Can you honestly tell me that a tier 1 support person has the ability to diagnose such an issue?



Well if your only evidence is that you are '100% sure' i wouldn't be letting you past the 1st tier either - you must have some actual proof it was their servers and not your website code that let them in? 

677 posts

Ultimate Geek

Trusted

  # 444786 2-Mar-2011 14:11
Send private message

eariefarie: Has anybody else who hosts a website with Orcon been hacked?  The message on the website is "hacked by shiraz" (Also includes a number of symbols etc) 

We have checked on google and found a number of other websites also hacked by this person and found that they are hosted on the same server with Orcon.

We have called Orcon a number of times with no resolution to date.  They refuse to accept that there is a problem and won't even escalate this to tier 2 support.

We have had the most appauling customer service experience and expect that as soon as this is resolved (if it is EVER resolved) we will be looking to new providers.

Please feed back if you have had the same or similar experiences with your own website.


Sorry to hear you have been hacked.
Could you please PM/email me your domain so I can take a quick look?

There are a number of ways this can happen to a site so its best we just make sure.

Paul Tinson
Systems Engineer
Orcon




meat popsicle

1140 posts

Uber Geek


  # 444787 2-Mar-2011 14:13
Send private message

Yes, How can you be 100% sure without root level access to the server it's on to inspect the OS.

You're not going to get past 1st level when your spouting crazy




Most problems are the result of previous solutions...

All comment's I make are my own personal opinion and do not in any way, shape or form reflect the views of current or former employers unless specifically stated 

2 posts

Wannabe Geek


  # 444788 2-Mar-2011 14:14
Send private message

My site was also hacked by shiraz, hosted with kiwiwebhost. They didnt respond to my support request



6 posts

Wannabe Geek


  # 444792 2-Mar-2011 14:17
Send private message

Hi everyone, Just want to say that I have had a response from one of the Orcon team and they to help us out. Thank goodness for Geekzone!! Result for phase one. Appreciate everyone's responses.

 
 
 
 


1371 posts

Uber Geek


  # 444793 2-Mar-2011 14:18
Send private message

Maybe posted some information: How was it hacked, and what exactly did he do to the site?

did they replace index.html file or just the code inside the file?
or maybe they edited the code in index.html?

I have a feeling that if the web server was hacked this guy might have done more damage than just a editing a few files.

3889 posts

Uber Geek


  # 444795 2-Mar-2011 14:19
Send private message

So you just choose a smaller hosting company that can just roll your site back to the day before and then help you figure out where the compromise is?





Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - don@i.am.a.can.do.kiwi.nz

2 posts

Wannabe Geek


  # 444802 2-Mar-2011 14:37
Send private message

they replaced the index.php file with html content. I havent found any other damage except my password was changed

1371 posts

Uber Geek


  # 444803 2-Mar-2011 14:39
Send private message

jmcrazy: they replaced the index.php file with html content. I havent found any other damage except my password was changed


So if your password was changed that would suggested they used the "i forgot my password feature" and guessed your secret question or gained access to your email where your temp password was sent.
  

BDFL - Memuneh
64961 posts

Uber Geek

Administrator
Trusted
Geekzone
Lifetime subscriber

  # 444807 2-Mar-2011 14:50
Send private message

Calm down everyone?

To the OP... What kind of site was hosted? What kind of platform (blog with Wordpress, forums with specific bulletin board version)?

The first few answers are quite right... Unless there was a breach directly on the servers, most common defacements are due to unsecure software installations. It happens all the time, when there are known vulnerabilities and the site owner doesn't keep the scripts updated.

Without knowing details it's hard to say it's a hosting provider's fault, or the site owners negligence... Could you please tell us more (how it was done, when, etc)?




Sharesies investment funds | Geekzone broadband switch | Backblaze backup (Geekzone aff) | Amazon (Geekzone aff) | MightyApe (Geekzone aff)

 

My technology disclosure | Digital Transformation | Enterprise Content Management | Customer Relationship Management | Data Insights, Business Intelligence and Advanced Analytics 

 

 

3 posts

Wannabe Geek


  # 444835 2-Mar-2011 15:56
Send private message

Same problem. WordPress site hosted at Orcon, via Kiwi Web Host. index.php hacked.

Just waiting for Orcon to restore the site.

You might be able to see the hacked page: http://www.boutereys.co.nz/wp-content/

BDFL - Memuneh
64961 posts

Uber Geek

Administrator
Trusted
Geekzone
Lifetime subscriber

  # 444836 2-Mar-2011 16:04
Send private message

To all of you I suggest you keep constant watch and update your WordPress pages as new updates come out.

Also make sure you don't use some free themes. There are some dodgy things around and you should read more here.

You should also always make backups of your blogs/sites. There are many Wordpress plugins for that.

At the end of the day you should make sure all your stuff are protected - don't rely on your hosting provider. Even if they make backups, do your own as well.




Sharesies investment funds | Geekzone broadband switch | Backblaze backup (Geekzone aff) | Amazon (Geekzone aff) | MightyApe (Geekzone aff)

 

My technology disclosure | Digital Transformation | Enterprise Content Management | Customer Relationship Management | Data Insights, Business Intelligence and Advanced Analytics 

 

 

299 posts

Ultimate Geek


  # 444844 2-Mar-2011 16:20
Send private message

babye: Same problem. WordPress site hosted at Orcon, via Kiwi Web Host. index.php hacked.

Just waiting for Orcon to restore the site.

You might be able to see the hacked page: http://www.boutereys.co.nz/wp-content/


There are a few things you can do to avoid being hacked if you are using WordPress. There are several good plugins that can help you tighten up the security.  I noticed that your WP login page isn't protected therefore it's possible that a brute force attack maybe have discovered your password.  Also your WordPress version is displayable when viewing the page source - this is a big help to hackers.  Finally your version of WordPress is more than 2 years old - you really should be keeping it up to date.

Here are the first five things that I'd do if I were you:

1. Upgrade to the latest version of WordPress

2. Backup all files and databases on a regular basis

3. Install a plugin like WP DB Backup which can email you scheduled WordPress database backups 

4. Install a plugin like Login Lockdown to help precent brute force attacks 

5. Install a plugin like WP Security Scan (or something similar) to check your server security settings

PM me if you need any help.




Red Jet Web Services
- Affordable websites for small businesses
- Google Email setup and Migrations

 1 | 2 | 3 | 4
View this topic in a long page with up to 500 replies per page Create new topic



Switch your broadband provider now - compare prices


Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Samsung Galaxy Fold now available in New Zealand
Posted 6-Dec-2019 00:01

NZ company oDocs awarded US$ 100,000 Dubai World Expo grant
Posted 5-Dec-2019 16:00

New Zealand Rugby Selects AWS-Powered Analytics for Deeper Game Insights
Posted 5-Dec-2019 11:33

IMAGR and Farro bring checkout-less supermarket shopping to New Zealand
Posted 5-Dec-2019 09:07

Wellington Airport becomes first 5G connected airport in the country
Posted 3-Dec-2019 08:42

MetService secures Al Jazeera as a new weather client
Posted 28-Nov-2019 09:40

NZ a top 10 connected nation with stage one of ultra-fast broadband roll-out completed
Posted 24-Nov-2019 14:15

Microsoft Translator understands te reo Māori
Posted 22-Nov-2019 08:46

Chorus to launch Hyperfibre service
Posted 18-Nov-2019 15:00

Microsoft launches first Experience Center worldwide for Asia Pacific in Singapore
Posted 13-Nov-2019 13:08

Disney+ comes to LG Smart TVs
Posted 13-Nov-2019 12:55

Spark launches new wireless broadband "Unplan Metro"
Posted 11-Nov-2019 08:19

Malwarebytes overhauls flagship product with new UI, faster engine and lighter footprint
Posted 6-Nov-2019 11:48

CarbonClick launches into Digital Marketplaces
Posted 6-Nov-2019 11:42

Kordia offers Microsoft Azure Peering Service
Posted 6-Nov-2019 11:41


Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.