Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.
View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 | 4 | 5


419 posts

Ultimate Geek
+1 received by user: 71


  Reply # 469267 15-May-2011 12:39
Send private message

Well it looks like Servage are now taking this seriously. I just got the following email:

Dear Geoffrey,

Unfortunately we have to notify you about suspicious activities we have seen on our
FTP servers in conjunction with at least one of your FTP accounts.

It seems like an FTP account that belongs to your account, has been abused to modify
files in your account.
Those modifications are code injections of malware or other unwanted code that are
affecting the visitors of your websites.

We have run a tool to automatically detect and remove some of the inserted code
lines, but the automatic system unfortunately does not detect and remove any code
that might have been inserted, so please review all your files that recently has
been modified.

In addition we disabled the FTP Account for security reasons to prevent any
further file modifications.

As it seems that 3'rd party got knowledge of your FTP accounts password please also
consider to remove the FTP account access data specified in any Installed
application like Joomla or Wordpress, as they might get hacked and the FTP login
details stolen.
Please also scan your local Computer for Viruses as those also can be a reason for
the hack.

Your FTP Account will automatically be re-enabled, when your change the password for
that account.



419 posts

Ultimate Geek
+1 received by user: 71


  Reply # 469268 15-May-2011 12:40
Send private message



We have run a tool to automatically detect and remove some of the inserted code
lines, but the automatic system unfortunately does not detect and remove any code
that might have been inserted


lol what?

13988 posts

Uber Geek
+1 received by user: 1763


  Reply # 469303 15-May-2011 15:05
Send private message

GeoffisPure:


We have run a tool to automatically detect and remove some of the inserted code
lines, but the automatic system unfortunately does not detect and remove any code
that might have been inserted


lol what?



 

They havn't told you how someone may have got your password, and whether the flaw is at their end or yours. 

13988 posts

Uber Geek
+1 received by user: 1763


  Reply # 469304 15-May-2011 15:06
Send private message

GeoffisPure: The attraction of servage was basically unlimited storage, unlimited traffic, unlimited domains....


 

There is no such thing as unlimited...

936 posts

Ultimate Geek
+1 received by user: 26


  Reply # 469321 15-May-2011 15:51
Send private message

GeoffisPure: The attraction of servage was basically unlimited storage, unlimited traffic, unlimited domains....


everybody knows that is just marketing nonsense, they'll have "fair use" clauses or similar

and as soon as you hit any kind of usage above quite moderate usage they'll kick you off.

AND/OR

They pack their servers loaded up with lots of people exploiting these "cheap deals" to the point it becomes unworkable, because sure you might have unlimited traffic in theory but the speed becomes so terribly slow that in practise it worse than if you'd gone with somebody else.


Additionally do you really need such features as unlimited storage for instance? Unless you're trying to store all of mankind's knowledge in one place then I doubt it. Most average websites only require a fraction of a single gigabyte.




13988 posts

Uber Geek
+1 received by user: 1763


  Reply # 469323 15-May-2011 15:58
Send private message

dman:
GeoffisPure: The attraction of servage was basically unlimited storage, unlimited traffic, unlimited domains....


everybody knows that is just marketing nonsense, they'll have "fair use" clauses or similar

and as soon as you hit any kind of usage above quite moderate usage they'll kick you off.

AND/OR

They pack their servers loaded up with lots of people exploiting these "cheap deals" to the point it becomes unworkable, because sure you might have unlimited traffic in theory but the speed becomes so terribly slow that in practise it worse than if you'd gone with somebody else.



Additionally do you really need such features as unlimited storage for instance? Unless you're trying to store all of mankind's knowledge in one place then I doubt it. Most average websites only require a fraction of a single gigabyte.


 

Absolutely right. I think you are best to get dedicated quotas, so at least you know what you are getting. But even then there are many companies that oversell. Most websites do use very little in the way of diskspace and traffic anyway, and if you need that diskspace for email, you are best to use Gmail for your email, which provdes GB's of data on a very reliable network at no cost. 

11 posts

Geek


  Reply # 469430 15-May-2011 22:47
Send private message

Well, Servage is quite a lot faster than HostGator when you live in the EU. HostGator responds with 150ms ping, where Servage clocks in at 47 ms.

There is no doubt that HostGater is faster in the US (or what?) than Servage, but for EU customers, Servage is the place to be hosted.

I got the same email as the one posted in here, and when you contact them after you see over 1000 files of yours has been compromised, it is YOUR problem to get them fixed, and that is editing the files MANUALLY in a text editor and reuploading.

That is one sucky task to do!

16 posts

Geek


  Reply # 469435 15-May-2011 22:58
Send private message

Servage have been very good for us in terms of up-time and speed and it seems like they have closed the FTP-brute-force-attack problem but not necessarily in a way that I would do it. Their system disables the attacked FTP account - pushing the responsibility onto the customer, while I would have just slowed down any attacker that fails a login 3 times and reported the attacker to the customer.

Also, their lack of a backup system is worrying because I believe that all hosts should archive the customer's sites on a daily basis and allow them to revert the site, databases & settings if they have to recover from a hack. It's just lucky that the hacker didn't delete the whole site. Most people can recover their scripts and the site structure easily but databases and uploaded files are much harder to keep backed up if you only have an FTP client to do it with.

11 posts

Geek


  Reply # 469438 15-May-2011 23:02
Send private message

It is not the hosting providers task to provide backup. As the end user, it's just a single click to backup your MySQL databases.

Nevertheless, the log ons were done with the correct username and password the first time, maybe they used an exploit in WordPress to get the usernames and passwords, who knows.

16 posts

Geek


  Reply # 469448 16-May-2011 00:23
Send private message

puttitat: It is not the hosting providers task to provide backup. As the end user, it's just a single click to backup your MySQL databases.

Nevertheless, the log ons were done with the correct username and password the first time, maybe they used an exploit in WordPress to get the usernames and passwords, who knows.



Yes, but any provider that uses CPanelX has been offering customers a backup that backs up all
files, databases and hosting settings with 1 click. The host I use for my own personal sites cost
me $70/year and they do an automatic backup daily. I think it is fair to expect the customer to
decide which level of backup to do and to configure backups but I believe that the host should
provide a better system than "you must use an FTP client". If you have GBs of data to copy this
just isn't a realistic option for commercial sites, in my opinion.

If you read up in the thread you'll see that WordPress has been ruled out as the point of entry
and it seems to have been a brute-force attack on the FTP server.

13988 posts

Uber Geek
+1 received by user: 1763


  Reply # 469449 16-May-2011 00:32
Send private message

ChrisR: 


Yes, but any provider that uses CPanelX has been offering customers a backup that backs up all
files, databases and hosting settings with 1 click. The host I use for my own personal sites cost
me $70/year and they do an automatic backup daily. I think it is fair to expect the customer to
decide which level of backup to do and to configure backups but I believe that the host should
provide a better system than "you must use an FTP client". If you have GBs of data to copy this
just isn't a realistic option for commercial sites, in my opinion.

If you read up in the thread you'll see that WordPress has been ruled out as the point of entry
and it seems to have been a brute-force attack on the FTP server.



 

When you do your research on a web host, you look what their backup systems are, and whether you want to go with one that has  a decent backup system, or you want to fully manage all the backups yourself (usually the cheaper option). Just a daily back in my opinion is not much use, as it might take you a few days to find that there is a problem, and by that time it will already be overwritten. Also some will charge you a huge fee to restore data from backups, while some charge very little or will do it for free.

11 posts

Geek


  Reply # 469450 16-May-2011 00:33
Send private message

Brute force, yeah right.

My password was a random selection of characters:

17 characters long:

1 special character
2 numbers
1 uppercase character
and the rest lowercase. NO WORDS USED, it was complete nonsense!

So nope, it wasn't brute force... It would take too long for my password to be "guessed".

Meow
7448 posts

Uber Geek
+1 received by user: 3586

Moderator
Trusted
Lifetime subscriber

  Reply # 469456 16-May-2011 01:14
Send private message

I hear about this sort of thing all the time with Shared Hosting Providers and all I can say is if it's a important site avoid them like the plague. I would recommend grabbing a Virtual Server which gives you control over the whole server at a affordable rate. My site has been hosted on one for years + I am also hosting a few high traffic websites without issues.

It may be more work, but it's totally worth it. The 2 Virtual Server providers I recommend are Unleash and Linode - While Unleash might be a tad more expensive since it's hosted in NZ the staff are very knowledgeable and the servers are fast. Linode is about the same, the staff are always there to help you out + the servers are fast, the only downside is they are hosted in America but I do find that the speeds are excellent netherless - Both of these providers offer free native IPv6 too ;)

If you can afford $20US per month to host your site, go Virtual! I am sure you have a friend that can help you out in exchange for you hosting their site too ;) 




16 posts

Geek


  Reply # 469460 16-May-2011 01:49
Send private message

puttitat: Brute force, yeah right.

My password was a random selection of characters:

17 characters long:

1 special character
2 numbers
1 uppercase character
and the rest lowercase. NO WORDS USED, it was complete nonsense!

So nope, it wasn't brute force... It would take too long for my password to be "guessed".

That's pretty convincing ... what did Servage say when you pressed them on how that password could have been cracked?  

11 posts

Geek


  Reply # 469461 16-May-2011 02:10
Send private message

ChrisR:
That's pretty convincing ... what did Servage say when you pressed them on how that password could have been cracked?  


Servage Support:



Hello Troels,

We are sorry for the incident. And, no, we don\'t have back ups. But, also, please understand that Servage is not in charge if FTP accounts are hacked. The user is in charge for using long and elaborated passwords and to change the passwords from time to time to increase the security.

We ask you to clean the application from malicious code and to secure your account. Thank you.

Kind Regards
Helge, Support
Servage Hosting


Please do laugh out loud! That must be a joke.

Can you guys recommend some Virtual Server host in the EU? I live i Denmark, so NZ / US servers are out of the question.




1 | 2 | 3 | 4 | 5
View this topic in a long page with up to 500 replies per page Create new topic

Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

N4L helping TAKA Trust bridge the digital divide for Lower Hutt students
Posted 18-Jun-2018 13:08


Winners Announced for 2018 CIO Awards
Posted 18-Jun-2018 13:03


Logitech Rally sets new standard for USB-connected video conference cameras
Posted 18-Jun-2018 09:27


Russell Stanners steps down as Vodafone NZ CEO
Posted 12-Jun-2018 09:13


Intergen recognised as 2018 Microsoft Country Partner of the Year for New Zealand
Posted 12-Jun-2018 08:00


Finalists Announced For Microsoft NZ Partner Awards
Posted 6-Jun-2018 15:12


Vocus Group and Vodafone announce joint venture to accelerate fibre innovation
Posted 5-Jun-2018 10:52


Kogan.com to launch Kogan Mobile in New Zealand
Posted 4-Jun-2018 14:34


Enable doubles fibre broadband speeds for its most popular wholesale service in Christchurch
Posted 2-Jun-2018 20:07


All or Nothing: New Zealand All Blacks arrives on Amazon Prime Video
Posted 2-Jun-2018 16:21


Innovation Grant, High Tech Awards and new USA office for Kiwi tech company SwipedOn
Posted 1-Jun-2018 20:54


Commerce Commission warns Apple for misleading consumers about their rights
Posted 30-May-2018 13:15


IBM leads Call for Code to use cloud, data, AI, blockchain for natural disaster relief
Posted 25-May-2018 14:12


New FUJIFILM X-T100 aims to do better job than smartphones
Posted 24-May-2018 20:17


Stuff takes 100% ownership of Stuff Fibre
Posted 24-May-2018 19:41



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.