Hey all, I have a serious question. For the last 2 months, I see my sites being modified constantly by someone else...without my permission. I see hidden links placed all over the place.....and once I even saw in my counter that visits went from 2k uniques per day to 0 per day. Then I checked things up and saw that there was a redirection script installed which was redirecting all visitors to this site www.mostplays.com I ran a whois to that site and it appeared that the person who is owning the site was using the same hosting (Midphase). I contacted midphase and they declined to ban this person. Moreover they told me that the problem is because I have security issues myself. However this is the site which uses the master account, and I have not set any other ftp accounts. In addition, last time I got this response I have requested a password change, and then couple of weeks later, i see this guy again. Can please someone tell me how I can seek my rights, and what can I do? Isnt Hacking a criminal act? And isnt it illegal to cooperate to a hacker, the way midphase are doing? Here are my last emails. My email......... OK I have spotted the problem. A person who is a client of yours is harrassing me. He has access to my masters account and is hijacking my sites all the time. He own the site mostplays.com He is placing hidden links all over and messing with my files. He has tried to mess with my .htaccess files and thus damaged the sites functionality. You either do something or lose me as a customer and I take leagal actions, because this is the second time I notify you of such activities and you do nothing. Last time I asked you to protect me you told me that you cant find any traces because I repaired my site files back to normal. However everyone knows that cpanel keeps an ftp log where you can see that this person has logged without my permission. I am logging each time from Bulgaria, Europe. My programmer just logged from 72.64.24.230 or something. All other is not me. The weird stuff started happening 2 days ago. Looking forward in your cooperation of ending this crazy thing. I understand that you are not online police, but we are talking of another client of yours who has my master account. Account which I changed through a phonecall ot the suppor and now he has it again. This time he hijacked 2 sites. Notice on my homepage, at the top right the link "Register" it points to mostplays.com...this is his site. And this site has your DNS!!! I am sick and tired of this. This bastard is placing hidden links all over my sites. Either help me or I switch hostings. And then the response.... Hello, I strongly advise you to contact your web-site developer in order to check your web-site functionality. We never edit web-sites of our clients and never change anything on their accounts without their confirmation. Please let me know if you need our help. Thank you. Sergey Knazjuk System administrator midPhase Services, Inc. -- #1 Recommended Web Host! My email..... ARE YOU READING WHAT I AM WRITING TO YOU!?>!!>?! I AM GETTING HARASSED BY ONE OF YOUR CUSTOMERS. HE IS BREACHING CONSTANTLY INTO MY ACCOUNT AND PLACING HIDDEN LINKS AND MESSING UP MY SITES. I NEVER SAID THAT YOU CHANGED ANYTHING! The links he is placing point to mostplays.com which is a site obviously hosted with you. JESUS!!!!! IF I DONT GET AN ADEQUATE RESPONSE THE MY PREVIOUS EMAIL I AM GOING TO TELL THE WHOLE WORLD, AND YOUR SUPERIORS ABOUT YOUR NEGLIGENCE! please this time READ what I have written to you in my last email. In case you have lost it, here it is again. OK I have spotted the problem. A person who is a client of yours is harrassing me. He has access to my masters account and is hijacking my sites all the time. He own the site mostplays.com He is placing hidden links all over and messing with my files. He has tried to mess with my .htaccess files and thus damaged the sites functionality. You either do something or lose me as a customer and I take leagal actions, because this is the second time I notify you of such activities and you do nothing. Last time I asked you to protect me you told me that you cant find any traces because I repaired my site files back to normal. However everyone knows that cpanel keeps an ftp log where you can see that this person has logged without my permission. I am logging each time from Bulgaria, Europe. My programmer just logged from 72.64.24.230 or something. All other is not me. The weird stuff started happening 2 days ago. Looking forward in your cooperation of ending this crazy thing. I understand that you are not online police, but we are talking of another client of yours who has my master account. Account which I changed through a phonecall ot the suppor and now he has it again. This time he hijacked 2 sites. Notice on my homepage, at the top right the link "Register" it points to mostplays.com...this is his site. And this site has your DNS!!! I am sick and tired of this. This bastard is placing hidden links all over my sites. Either help me or I switch hostings. And then the response..... Hello, Actually there are only three ways how your web-site can be hacked. 1) You have shared your login information with somebody else.. 2) The wrong permissions are used for some folders or files on your account 3) Or unprotected software is used for your web-site. The first thing you should do is password change. Then please check if you don't have insecure permissions (777-full access). And then you need to update all your software to the latest versions. These three things are the best way to safe websites. Please let me know if you need more help. Thank you. Sergey Knazjuk System administrator midPhase Services, Inc. -- #1 Recommended Web Host! Phone: 312-386-1640 E-mail: Now I am not going to show all the other emails.....because they are ridiculous. This guy even have the nerves of yelling me that I submitted 2 tickets. And...in one email he even said "We have not done anything to your hosting...we do not have the priviliges" I kinda have the feeling this guy does not know english....or something. Ok I need advise. How can I seek liability from midphase, and from this sonofabitch.
I do not think you can held midphase responsible for this. As they mentioned, the hacker got access to your site through a security bug in your script or since you kept the passwords easy to crack. How can the hosting company keep your sites hack free? Security is your job. You can consider legal actions against the hacker. Otherwise you need to work with your programmer and findout the security hole. Changing the passwords is a must but it is more important to find how your passwords were cracked. You may need to lookout for any loopholes in the script, known bugs and weak passwords. You should change the hosting also. Thinking from your hosts side, you can not expect them to ban someone simply because your side redirects to his. From an IP address on your FTP log, they can not call someone hacker. As you rightly mentioned, they are just hosts not online police. From the information provided, they can not: 1. make sure that your site is actually hacked! 2. make sure that the person you accused is actually doing it. It is natural to feel angry when all this happens. But you have to admit that it is your responsibility to ensure the security of your site. Host can only provide a standard security(new cPanel, updated server software and PHP etc.) Good luck.
Especially if your provider's contract spells them out. Then again, people generally don't care about anything except getting results based on what they're willing to pay for. Unrealistic expectations lead to a lot of avoidable problems. Nikolaalx, youd better learn this now, but read your provider's contract you've agreed to, even if you don't out of personal principle. I'm sorry to read you've learned things the hard way, but learn from this experience to help you make a stronger and better effort to protect your hardwork.
Most likely it's a bug in your script, still just to make sure do the following: >Ask your hosting company to change your "username", and the name of the "folder" which stores all your files. If possible get a username which is not related to your folder name on server. > Check your scripts to see if they reveal any type of "server path" information. PHP does this all the time. Like: home/username/public_html This could be a very tiring task, so you can alternatively "turn off" error reporting in php. Turn on only at development time. If problem still continues, and your host does not cooperate, switch host... regards
- Are you using any scripts? - Keylogger on your comp? I find hosting companies never want to take responsibility for anything, half the time I don't think they read the email, they open a default document and do a random copy and paste.
I completely agree. Post the message in the Technical and Security issues forum. Are you running any free php scripts? Do you have any files or folders chmod 777?
That depends on how simple or complex the issue is, and their contract spells out your respective responsibilities. Obviously one should go with a provider who can do what you expect, but it won't necessarily be cheap.
Thank you guys for the help. I am having this investigated currently. btw, mipdhase suck ass....never use them...NEVER..
I guess thats the catch 22 - get a good price, get bad service. Get a bad price, get good service. There are some out there who are both cheap and have good services, it's just finding them! I have also noticed some peoples hosting doesn't work, while others work fine and has for ages, and they are with the same company. I don't understand it lol
Next thing you know, you'll post here saying host sucks ass because they do not assist on issues like what you experienced.
I am not saying that they are not assisting. They are plain imbeciles.... For example, I submit a ticket....and then after 3 hours I receive a response, saying something absurd, simply because they did not read my request thoroughly. Then I respond, basically explicitly saying to them to read the initial ticket and after 4 hours I receive a response, which shows that this kinda got their attention. then I respond with more information which would help them identify the problem....and I receive no response. after an hour I send another response saying "Are you going to respond to my ticket?" and after another hour, I receive a response from a new tech support guy (obviously shifts have changed), saying... "I am sorry, but It is not clear what you want as a response, because It is unclear what you are saying with your last email"... This guy is not aware of the very reason why the conversation has been undertaken, and kinda says "I am sorry but I am a retard, and since my colleague has went home, I cant tell what you want from me, because I dont know what you have been talking to previously. Do you need any more help? " And now, tell me? Am I wrong to say that midphase sucks ass? I am not judging them because they allow hackers to use them as a foundation for malpractice. I don't judge them for not defending their loyal customer who are abused by a hacker who is using their hosting. I am judging them for being incompetitive in the level of quality of service which they provide, and the incapacity to maintain a normal dialogue. In addition I am judging them because their support system is so full of shi*...each time I want to receive some help I get totally disapointed! I have the conversation logged and emails. Frankly If I did not have 10 sites which are of around 7 gig space, I would have immediately changed hosts....but I have too much on my head to do this now. I advise you as DP peers and friends. NEVER use Midphase! Problems started from the very moment I started using them. I bought a site, which was hosted there. I created an account because I thought that it would be easier to transfer the files from one account to the other. well it proved not only to be harder (due to the retarded support which kept saying to me that it is unpossible), but also they somehow messed both accounts (mine and the seller) and mixed them. As result I was able to login into the seller account, and the seller did not have access to his site. The site went down for couple of days. Database messed....IT was a nightmare. for more info ask user danthorpe...he was the seller. Now, what do you think? Am I really that bad to say that they suck? And do they not? And now, am I really that bad for asking a normal
I believe we should make a sticky list of the worst hosts.....this will help alot of newcommers. I know I would have appreciated such a list when I was looking for a hosting. And a list which is here on dp...and not on any other bullshit place...where nothing is canding and objective as it is supposed to be.
I see they said it in their email, but yes... #1) fix your permissions #2) don't run buggy scripts, keep up to date on patches.
Help educate them...or confuse them? Google Hostgator. You'll find both lots of good reviews and bad reviews. But are they the worst? They probably are in some people's minds, but those who experience/d good service with them won't agree. There are good registrars and bad registrars, good ISPs and bad ISPs, as well as good hosts and bad hosts. User experiences vary. Sure you can put up your own list of worst hosts. But will you allow others to challenge it?
When it comes down to statistics, that is the moment when people make conclusions for themselves which hosts are better or worst. Gaining feedback from people wont do any confusion. It will show what is the overall level of satisfaction for people which are in this community.
yes but they did not write #3) dont get mad when we wont move a finger when we know that someone who is a client of ours is abusing you....even though you have perfect evidence.