Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 | 4 | 5


435 posts

Ultimate Geek


  # 469267 15-May-2011 12:39
Send private message

Well it looks like Servage are now taking this seriously. I just got the following email:

Dear Geoffrey,

Unfortunately we have to notify you about suspicious activities we have seen on our
FTP servers in conjunction with at least one of your FTP accounts.

It seems like an FTP account that belongs to your account, has been abused to modify
files in your account.
Those modifications are code injections of malware or other unwanted code that are
affecting the visitors of your websites.

We have run a tool to automatically detect and remove some of the inserted code
lines, but the automatic system unfortunately does not detect and remove any code
that might have been inserted, so please review all your files that recently has
been modified.

In addition we disabled the FTP Account for security reasons to prevent any
further file modifications.

As it seems that 3'rd party got knowledge of your FTP accounts password please also
consider to remove the FTP account access data specified in any Installed
application like Joomla or Wordpress, as they might get hacked and the FTP login
details stolen.
Please also scan your local Computer for Viruses as those also can be a reason for
the hack.

Your FTP Account will automatically be re-enabled, when your change the password for
that account.



435 posts

Ultimate Geek


  # 469268 15-May-2011 12:40
Send private message



We have run a tool to automatically detect and remove some of the inserted code
lines, but the automatic system unfortunately does not detect and remove any code
that might have been inserted


lol what?

 
 
 
 


15325 posts

Uber Geek


  # 469303 15-May-2011 15:05
Send private message

GeoffisPure:


We have run a tool to automatically detect and remove some of the inserted code
lines, but the automatic system unfortunately does not detect and remove any code
that might have been inserted


lol what?



 

They havn't told you how someone may have got your password, and whether the flaw is at their end or yours. 

15325 posts

Uber Geek


  # 469304 15-May-2011 15:06
Send private message

GeoffisPure: The attraction of servage was basically unlimited storage, unlimited traffic, unlimited domains....


 

There is no such thing as unlimited...

944 posts

Ultimate Geek


  # 469321 15-May-2011 15:51
Send private message

GeoffisPure: The attraction of servage was basically unlimited storage, unlimited traffic, unlimited domains....


everybody knows that is just marketing nonsense, they'll have "fair use" clauses or similar

and as soon as you hit any kind of usage above quite moderate usage they'll kick you off.

AND/OR

They pack their servers loaded up with lots of people exploiting these "cheap deals" to the point it becomes unworkable, because sure you might have unlimited traffic in theory but the speed becomes so terribly slow that in practise it worse than if you'd gone with somebody else.


Additionally do you really need such features as unlimited storage for instance? Unless you're trying to store all of mankind's knowledge in one place then I doubt it. Most average websites only require a fraction of a single gigabyte.




15325 posts

Uber Geek


  # 469323 15-May-2011 15:58
Send private message

dman:
GeoffisPure: The attraction of servage was basically unlimited storage, unlimited traffic, unlimited domains....


everybody knows that is just marketing nonsense, they'll have "fair use" clauses or similar

and as soon as you hit any kind of usage above quite moderate usage they'll kick you off.

AND/OR

They pack their servers loaded up with lots of people exploiting these "cheap deals" to the point it becomes unworkable, because sure you might have unlimited traffic in theory but the speed becomes so terribly slow that in practise it worse than if you'd gone with somebody else.



Additionally do you really need such features as unlimited storage for instance? Unless you're trying to store all of mankind's knowledge in one place then I doubt it. Most average websites only require a fraction of a single gigabyte.


 

Absolutely right. I think you are best to get dedicated quotas, so at least you know what you are getting. But even then there are many companies that oversell. Most websites do use very little in the way of diskspace and traffic anyway, and if you need that diskspace for email, you are best to use Gmail for your email, which provdes GB's of data on a very reliable network at no cost. 

11 posts

Geek


  # 469430 15-May-2011 22:47
Send private message

Well, Servage is quite a lot faster than HostGator when you live in the EU. HostGator responds with 150ms ping, where Servage clocks in at 47 ms.

There is no doubt that HostGater is faster in the US (or what?) than Servage, but for EU customers, Servage is the place to be hosted.

I got the same email as the one posted in here, and when you contact them after you see over 1000 files of yours has been compromised, it is YOUR problem to get them fixed, and that is editing the files MANUALLY in a text editor and reuploading.

That is one sucky task to do!

 
 
 
 


16 posts

Geek


  # 469435 15-May-2011 22:58
Send private message

Servage have been very good for us in terms of up-time and speed and it seems like they have closed the FTP-brute-force-attack problem but not necessarily in a way that I would do it. Their system disables the attacked FTP account - pushing the responsibility onto the customer, while I would have just slowed down any attacker that fails a login 3 times and reported the attacker to the customer.

Also, their lack of a backup system is worrying because I believe that all hosts should archive the customer's sites on a daily basis and allow them to revert the site, databases & settings if they have to recover from a hack. It's just lucky that the hacker didn't delete the whole site. Most people can recover their scripts and the site structure easily but databases and uploaded files are much harder to keep backed up if you only have an FTP client to do it with.

11 posts

Geek


  # 469438 15-May-2011 23:02
Send private message

It is not the hosting providers task to provide backup. As the end user, it's just a single click to backup your MySQL databases.

Nevertheless, the log ons were done with the correct username and password the first time, maybe they used an exploit in WordPress to get the usernames and passwords, who knows.

16 posts

Geek


  # 469448 16-May-2011 00:23
Send private message

puttitat: It is not the hosting providers task to provide backup. As the end user, it's just a single click to backup your MySQL databases.

Nevertheless, the log ons were done with the correct username and password the first time, maybe they used an exploit in WordPress to get the usernames and passwords, who knows.



Yes, but any provider that uses CPanelX has been offering customers a backup that backs up all
files, databases and hosting settings with 1 click. The host I use for my own personal sites cost
me $70/year and they do an automatic backup daily. I think it is fair to expect the customer to
decide which level of backup to do and to configure backups but I believe that the host should
provide a better system than "you must use an FTP client". If you have GBs of data to copy this
just isn't a realistic option for commercial sites, in my opinion.

If you read up in the thread you'll see that WordPress has been ruled out as the point of entry
and it seems to have been a brute-force attack on the FTP server.

15325 posts

Uber Geek


  # 469449 16-May-2011 00:32
Send private message

ChrisR: 


Yes, but any provider that uses CPanelX has been offering customers a backup that backs up all
files, databases and hosting settings with 1 click. The host I use for my own personal sites cost
me $70/year and they do an automatic backup daily. I think it is fair to expect the customer to
decide which level of backup to do and to configure backups but I believe that the host should
provide a better system than "you must use an FTP client". If you have GBs of data to copy this
just isn't a realistic option for commercial sites, in my opinion.

If you read up in the thread you'll see that WordPress has been ruled out as the point of entry
and it seems to have been a brute-force attack on the FTP server.



 

When you do your research on a web host, you look what their backup systems are, and whether you want to go with one that has  a decent backup system, or you want to fully manage all the backups yourself (usually the cheaper option). Just a daily back in my opinion is not much use, as it might take you a few days to find that there is a problem, and by that time it will already be overwritten. Also some will charge you a huge fee to restore data from backups, while some charge very little or will do it for free.

11 posts

Geek


  # 469450 16-May-2011 00:33
Send private message

Brute force, yeah right.

My password was a random selection of characters:

17 characters long:

1 special character
2 numbers
1 uppercase character
and the rest lowercase. NO WORDS USED, it was complete nonsense!

So nope, it wasn't brute force... It would take too long for my password to be "guessed".

/dev/null
9025 posts

Uber Geek

Moderator
Trusted
Lifetime subscriber

  # 469456 16-May-2011 01:14
Send private message

I hear about this sort of thing all the time with Shared Hosting Providers and all I can say is if it's a important site avoid them like the plague. I would recommend grabbing a Virtual Server which gives you control over the whole server at a affordable rate. My site has been hosted on one for years + I am also hosting a few high traffic websites without issues.

It may be more work, but it's totally worth it. The 2 Virtual Server providers I recommend are Unleash and Linode - While Unleash might be a tad more expensive since it's hosted in NZ the staff are very knowledgeable and the servers are fast. Linode is about the same, the staff are always there to help you out + the servers are fast, the only downside is they are hosted in America but I do find that the speeds are excellent netherless - Both of these providers offer free native IPv6 too ;)

If you can afford $20US per month to host your site, go Virtual! I am sure you have a friend that can help you out in exchange for you hosting their site too ;) 




16 posts

Geek


  # 469460 16-May-2011 01:49
Send private message

puttitat: Brute force, yeah right.

My password was a random selection of characters:

17 characters long:

1 special character
2 numbers
1 uppercase character
and the rest lowercase. NO WORDS USED, it was complete nonsense!

So nope, it wasn't brute force... It would take too long for my password to be "guessed".

That's pretty convincing ... what did Servage say when you pressed them on how that password could have been cracked?  

11 posts

Geek


  # 469461 16-May-2011 02:10
Send private message

ChrisR:
That's pretty convincing ... what did Servage say when you pressed them on how that password could have been cracked?  


Servage Support:



Hello Troels,

We are sorry for the incident. And, no, we don\'t have back ups. But, also, please understand that Servage is not in charge if FTP accounts are hacked. The user is in charge for using long and elaborated passwords and to change the passwords from time to time to increase the security.

We ask you to clean the application from malicious code and to secure your account. Thank you.

Kind Regards
Helge, Support
Servage Hosting


Please do laugh out loud! That must be a joke.

Can you guys recommend some Virtual Server host in the EU? I live i Denmark, so NZ / US servers are out of the question.




1 | 2 | 3 | 4 | 5
View this topic in a long page with up to 500 replies per page Create new topic



Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Vodafone integrates eSIM into device and wearable roadmap
Posted 17-Jan-2020 09:45


Do you need this camera app? Group investigates privacy implications
Posted 16-Jan-2020 03:30


JBL launches headphones range designed for gaming
Posted 13-Jan-2020 09:59


Withings introduces ScanWatch wearable combining ECG and sleep apnea detection
Posted 9-Jan-2020 18:34


NZ Police releases public app
Posted 8-Jan-2020 11:43


Suunto 7 combine sports and smart features on new smartwatch generation
Posted 7-Jan-2020 16:06


Intel brings innovation with technology spanning the cloud, network, edge and PC
Posted 7-Jan-2020 15:54


AMD announces high performance desktop and ultrathin laptop processors
Posted 7-Jan-2020 15:42


AMD unveils four new desktop and mobile GPUs including AMD Radeon RX 5600
Posted 7-Jan-2020 15:32


Consolidation in video streaming market with Spark selling Lightbox to Sky
Posted 19-Dec-2019 09:09


Intel introduces cryogenic control chip to enable quantum computers
Posted 10-Dec-2019 21:32


Vodafone 5G service live in four cities
Posted 10-Dec-2019 08:30


Samsung Galaxy Fold now available in New Zealand
Posted 6-Dec-2019 00:01


NZ company oDocs awarded US$ 100,000 Dubai World Expo grant
Posted 5-Dec-2019 16:00


New Zealand Rugby Selects AWS-Powered Analytics for Deeper Game Insights
Posted 5-Dec-2019 11:33



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.