Advice for you guys who are hosting with big companies.

ghostpix777

Registered Member
Joined
May 3, 2010
Messages
68
Reaction score
26
Hey all, those of you who know me know that I work as an admin for one of the big hosting companies. So heres a little common sense advice.

DONT leave blackhat files outside of the public_html directory and think they wont be found and for the love of god at least rename the damned things. We tend to notice shit like "NULLEDRANDOMcrack.exe" I cant count how many sites ive disabled due to this. In the name of everything holy use a bit of common sense and your sites will be fine and stay up.

Thank You
 
That's great advice that should never have to be given. I'm always surprised when people do such stupid things. No brains. Thanks for the tip.
 
Nice advice. I will keep this in mind. Since Im using HG and host couple of my site there. Of course sometimes I use NULLED scripts. :p
 
No problem using nulled scripts here and there, I think we have all done that, just make sure the file is renamed to something like superhappycatfuntime.exe or something else not so obvious.
 
Since when are web scripts .exe?????
 
Wait a moment here. So if something is stored outside of the public_html directory, then that person is not using their account to provide access to whatever tool they have; they are simply storing it there.

So what you are saying is that you are like Nazi Germany, going into people's homes without their permission, just to see if MAYBE they own something that COULD be used to break the 'law' (terms of service)?
 
Wait a moment here. So if something is stored outside of the public_html directory, then that person is not using their account to provide access to whatever tool they have; they are simply storing it there.

So what you are saying is that you are like Nazi Germany, going into people's homes without their permission, just to see if MAYBE they own something that COULD be used to break the 'law' (terms of service)?
 
Wait a moment here. So if something is stored outside of the public_html directory, then that person is not using their account to provide access to whatever tool they have; they are simply storing it there.

So what you are saying is that you are like Nazi Germany, going into people's homes without their permission, just to see if MAYBE they own something that COULD be used to break the 'law' (terms of service)?

That's one way to look at it, but unfortunately it can't be avoided on a shared server on any sizable hosting operation. Usually admins are more concerned with stuff like like eggdrops and xss exploit scripts though.. if we shut off every account that uploaded something questionable pro-actively, we'd lose 90% of the clients out there. :)

Still, better safe than sorry, if you have a choice of uploading something with a sketchy filename vs. not, choose not. That goes for inside or outside your public_html, egrep will find both just as well.
 
This is one of the few times I've laughed today. Thanks for that! I'm truly tickled.
 
Wait a moment here. So if something is stored outside of the public_html directory, then that person is not using their account to provide access to whatever tool they have; they are simply storing it there.

So what you are saying is that you are like Nazi Germany, going into people's homes without their permission, just to see if MAYBE they own something that COULD be used to break the 'law' (terms of service)?

Thats exactly what im saying. Have you ever read the TOS your agreeing to when you sign up with the big companies. I really feel sorry for anyone who actually agrees to it. But hey thats what you give up to pay 4 bucks a month for hosting, you have to realize your basically giving the hosting company power of attorney over anything you host on THEIR servers.

Again read what your agreeing to when you sign up. If you dont like it dont sign it.
 
Eggdrops can't even be launched on most shared hosts
 
Since when are web scripts .exe?????

Im not just talking about webscripts. We just nuked someones site who had the following stored in his cgi-bin of all things.

SeNukex.xxnull.exe
Kaboommailbomb.exe
ScrpBoxnullV1.exe

he had many others also

but the best one of all.

renamethisfiletosomethingrandomsoitdoesntdrawattention.exe
 
why dont you mention the company name so we stay away from it?
 
The legal problems of me breaking their non disclosure agreement for starters . I have given quite a few hints as to what company it is most people here have already used them from what i've seen.

I'll tell you this though, If you are with ANY US based budget host i.e. you pay $6 a month for hosting, I would suggest you read all the fine print in the TOS that you agreed to when you signed up.
 
Back
Top