|
I hate cheap webhosts. | |
Posted Sep 24, 2010 - 9:07:07
|
|
 I run multiple websites. Sometimes I've picked the host (like TRHOnline's wonderful host DrakNet, which is awesome by the way) but on one site I most definitely did not make the choice myself. That site is hosted on a cheaper, wonkier host which has been the bane of my existence. Seriously, this host makes me want to hit my head against the wall.
Why? Because of their horrific server vulvernabilities, this site has now been hacked for a second time.
It was a subtle hack, one that overrode our 404 pages (which is how I noticed it happened, as my custom 404 page stopped showing up). What this hack did is if the referral to a 404 came from google, it redirected the user to a hacker's website. It also displayed spam links to google itself. Anyone who just typed in a wrong page address though would get a generic 404 page, and if someone tried to go to a real page, that page displayed without problem.
I spent several hours last night having to go through every file on the server finding every single instance. And I know it's not my fault. The only time I edit files online, I go through their "secure" control panel, so the only way the files could have gotten online and changed is if the hackers had direct access to the server via an unpatched or unupdated part of their server.
When I started googling my webhosts name of course, the first thing Google suggested was "[Webhostname] hacked" - which of course made me more concerned. Looking now, it makes me wish I had googled these guys years ago.
So now the scramble begins. First I need to get authorization from the organization to move the site. Secondly, I need to secure new webhosting. Third, I need to set up the new site (and test all of our custom PHP pages to make sure they work - and if they don't, fix them) while double checking that no hacked pages get moved along too on the off chance I missed something. Four, change the DNS entries on the domain registration to point to the new webhost. Five, raise my middle finger in the air towards the old hosting and cancel that account.
I smell a headache coming on. I'll probably transition the site to DrakNet, as they're a billion times more secure than these chumps. It's only frustrating because when we moved servers several years ago, I told them to go with DrakNet and no one listened. They wanted to save a few bucks, and this is what we get... a hacked site.
So here's the lesson for you which I've known for a long time: Don't go cheap on your hosting, go with the quality hosting. You might pay a whole five bucks more a month, but oh my god is it better as you don't have to spend late nights digging through files that got hacked.
- Traegorn
You know, there's a free scanner now that any host can use commercially that scans, reports and cleans. We're using it - http://www.rfxn.com/projects/linux-malware-detect/ - it took less than 5 minutes to install. Granted, it took a freaking week per server to scan the whole machine, but once that was done, we've caught almost everything within hours.
It's free. There's no excuse.
Well, IXWebhosting is a friggin' mess, and I wouldn't trust them to tie their own shoes let alone scan their servers at this point.
I've gotten the go ahead to move the site by the organization, so I'd expect a new DrakNet account to start in the next few days under the name of their Director. 
|
