Thread: How is security of the sever
View Single Post
  #4 (permalink)  
Old 22-04-2007, 13:11
DavidAllen's Avatar
DavidAllen DavidAllen is offline
Premium Member
  
Join Date: Jan 2007
Location: Amersham
Posts: 360
Send a message via MSN to DavidAllen Send a message via Skype™ to DavidAllen
Default Jaguar has been attacked
For the past 3 weeks website hostings on jaguar have had files changed - pornography, pharmaceuticals, shell scripts and even ring tones have all been added. Now i have been 'communicating' with support over these 'intrusions' the whole time. They have been polite and occasionally helpful - however there suggestions as to the causes have not been satisfactory.
Explanation 1. "It's individual website hostings where a weak password has been set and the hackers are using brute force methods." This is indeed posssible - however today following support's latest response I reset the password on 3 of my accounts (I'm a reseller with over 60 domains on this server) Within a couple of hours (less than 30mins in one case) the files had been altered to include links to woficlub.com. From my experience over Xmas, (see elsewhere in the forum) when a website hosting wide attack occured, I have a list of other domains on this same server that are nothing to do with me (300+ domains). I've just checked a random sample and yes they too have had the same links added.
Explanation 2 "There was trojan on server due to which the website hosting got infected.
We have updated the required security patches on server, so that such problem wont happen in future" - well it has - several times now. The most common has been to add a hidden iframe at the bottom of the index.html page.
I am at my wits end with all this. Every time i report infections and clean website hostings up another one happens. It has got so bad that yesterday I ordered reseller hosting from another provider - once that is set up and working properly I intend to migrate all my website hostings over and so after many years of reliable service (and i do think you guys geniunely try) and invaluable help all this time - not to mention this forum - i will have to bid adiou
If anyone else is on the jaguar server (64.38.20.21 you might like to check your website hosting and pay particular attention to the dates when files were last changed and check them (the code not just the look of the page in your browser)
Please sort this out EUK
Regards
David
Reply With Quote