Hey all, those of you who know me know that I work as an admin for one of the big hosting companies. So heres a little common sense advice. DONT leave blackhat files outside of the public_html directory and think they wont be found and for the love of god at least rename the damned things. We tend to notice shit like "NULLEDRANDOMcrack.exe" I cant count how many sites ive disabled due to this. In the name of everything holy use a bit of common sense and your sites will be fine and stay up. Thank You
That's great advice that should never have to be given. I'm always surprised when people do such stupid things. No brains. Thanks for the tip.
Nice advice. I will keep this in mind. Since Im using HG and host couple of my site there. Of course sometimes I use NULLED scripts.
No problem using nulled scripts here and there, I think we have all done that, just make sure the file is renamed to something like superhappycatfuntime.exe or something else not so obvious.
Wait a moment here. So if something is stored outside of the public_html directory, then that person is not using their account to provide access to whatever tool they have; they are simply storing it there. So what you are saying is that you are like Nazi Germany, going into people's homes without their permission, just to see if MAYBE they own something that COULD be used to break the 'law' (terms of service)?
Wait a moment here. So if something is stored outside of the public_html directory, then that person is not using their account to provide access to whatever tool they have; they are simply storing it there. So what you are saying is that you are like Nazi Germany, going into people's homes without their permission, just to see if MAYBE they own something that COULD be used to break the 'law' (terms of service)?
That's one way to look at it, but unfortunately it can't be avoided on a shared server on any sizable hosting operation. Usually admins are more concerned with stuff like like eggdrops and xss exploit scripts though.. if we shut off every account that uploaded something questionable pro-actively, we'd lose 90% of the clients out there. Still, better safe than sorry, if you have a choice of uploading something with a sketchy filename vs. not, choose not. That goes for inside or outside your public_html, egrep will find both just as well.
Thats exactly what im saying. Have you ever read the TOS your agreeing to when you sign up with the big companies. I really feel sorry for anyone who actually agrees to it. But hey thats what you give up to pay 4 bucks a month for hosting, you have to realize your basically giving the hosting company power of attorney over anything you host on THEIR servers. Again read what your agreeing to when you sign up. If you dont like it dont sign it.
Im not just talking about webscripts. We just nuked someones site who had the following stored in his cgi-bin of all things. SeNukex.xxnull.exe Kaboommailbomb.exe ScrpBoxnullV1.exe he had many others also but the best one of all. renamethisfiletosomethingrandomsoitdoesntdrawattention.exe
The legal problems of me breaking their non disclosure agreement for starters . I have given quite a few hints as to what company it is most people here have already used them from what i've seen. I'll tell you this though, If you are with ANY US based budget host i.e. you pay $6 a month for hosting, I would suggest you read all the fine print in the TOS that you agreed to when you signed up.
