1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

HostGator Warning!

Discussion in 'Domain Names & Parking' started by CyrusVirus, Oct 14, 2010.

  1. CyrusVirus

    CyrusVirus BANNED BANNED Premium Member

    Joined:
    Aug 20, 2009
    Messages:
    1,110
    Likes Received:
    686
    Ok, so i installed Interspire, on a shared hosting account.

    I was only going to use it for a newsletter, all whitehat, no spam.

    So, after installing it, I got a bit busy and kinda forgot about sitting there

    So sitting there, default settings.. guess what happens. someone hacked in and sent out a 9k email list.

    not good, i got 2 notices from my host (hostgator) and then my account was suspended.. for about 12 hours.

    nothing enough to hurt my rankings. so, after going back and forth with them.

    my account was fixed,, and now im changing all passwords and changing where that script is located. and put an ip restriction on it.

    so heres the warning, make sure your sites are secured, even the ones you don't use, if you have a good site going, someone could mess it up.

    So go fix all problems and vulneriabilities.

    Make sure you don't get your domains banned

    time is money !

    CyrusVirus
     
  2. teeniegenie

    teeniegenie Supreme Member

    Joined:
    Aug 28, 2010
    Messages:
    1,296
    Likes Received:
    662
    Location:
    The Cool Part of Vegas
    Thanks for the heads up! In your opinion, was the hack based on some type of vulnerability by HG or is it a general c-panel issue? Something else? I have HG accounts as well as other c-panel based accts I want to secure properly.
     
  3. fanthomas

    fanthomas Registered Member

    Joined:
    Jan 25, 2010
    Messages:
    98
    Likes Received:
    31
    that doesnt have anything to do with hostgator, more of a security issue.
     
  4. Nookie Monster

    Nookie Monster Senior Member

    Joined:
    Mar 28, 2010
    Messages:
    968
    Likes Received:
    463
    Location:
    USA
    What's the best way to avoid such problems ?
     
  5. wickedguy

    wickedguy Supreme Member

    Joined:
    Jul 22, 2009
    Messages:
    1,402
    Likes Received:
    1,379
    Location:
    BHW--> South Africa
    Home Page:
    password protect sensitive stuff or restrict using .htaccess.

    I just use the following code in .htaccess where i don't want somebody to mess around and when i myself want to work there i just rename the file and then back again when done. do it all manually of course, but it's not a big issue

    PHP:
    AuthName "Restricted Area" 
    AuthType Basic 
    AuthUserFile 
    /home/.htpasswd 
    AuthGroupFile 
    /dev/null 
    require valid-user
    :idea:
     
  6. CyrusVirus

    CyrusVirus BANNED BANNED Premium Member

    Joined:
    Aug 20, 2009
    Messages:
    1,110
    Likes Received:
    686
    this guy right here explained it perfectly

    the hack was based on my interspire script, wasn't really hostgator's fault...
    although i did do the .htaccess before it was hacked and no one should have been able to get it. maybe hostgator didn't update my files or something, they are supposed to put a .htacess file on every suvdomain but didn't. per my request. anyway, its resolved now,
     
  7. Markbh

    Markbh Regular Member

    Joined:
    Jul 8, 2010
    Messages:
    224
    Likes Received:
    1,103
    Occupation:
    Freelance Marketing Consultant
    Location:
    High Seas
    Thank you for the code, wickedguy! I am quite a newbie in hackerproofing files. So please do not be mad if my question is stupid.

    Does using this code in .htaccess protect the whole folder where .htaccess is located.
     
  8. shadowfax

    shadowfax Power Member

    Joined:
    Mar 9, 2009
    Messages:
    513
    Likes Received:
    695
    Occupation:
    IM, Marketing, Programming
    Location:
    Where there is money baby
    Thanks for the heads up.. For those using WP sites, you should also protect your login page with Login Lockdown plugin
     
  9. art79

    art79 Newbie

    Joined:
    Feb 5, 2009
    Messages:
    25
    Likes Received:
    1
    hostgator servers 100% safe , ithink the probblem with your pc
     
  10. sangbiru

    sangbiru Newbie

    Joined:
    Jul 19, 2010
    Messages:
    32
    Likes Received:
    3
    Occupation:
    Blackhatter
    Location:
    BHW
    Home Page:
    have u hired someone before? and u forgot to change ur password after he/she completed the task u asked?

    i believe it''s 70% cause of ur problem... :D

    i always asking my customer/client to change their password after shared the info with me, and record my fixed IP as their trusted IP and block the other.
     
  11. CyrusVirus

    CyrusVirus BANNED BANNED Premium Member

    Joined:
    Aug 20, 2009
    Messages:
    1,110
    Likes Received:
    686
    no, it wasn't my pc.. if you read my last post, you would know it was a problem with my script installed on their server