Comments on: Site Hacked Daily http://www.befuddled.me.uk/2008/11/site-hacked-daily/ affiliate marketing for the dazed and confused Sun, 29 Aug 2010 03:18:49 +0000 http://wordpress.org/?v=2.8.4 hourly 1 By: leo http://www.befuddled.me.uk/2008/11/site-hacked-daily/comment-page-1/#comment-8725 leo Thu, 20 May 2010 06:42:22 +0000 http://www.befuddled.me.uk/2008/11/site-hacked-daily/#comment-8725 I have tried what Ray suggested about the ftp accounts but it is still happening on one of my sites.As an I.T student and <a href="http://www.mcdstcourse.com" rel="nofollow">mcdst</a> holder Servage support team are not very helpful I’m afraid with generic replies to my questions and little in the way of a solution. I have tried what Ray suggested about the ftp accounts but it is still happening on one of my sites.As an I.T student and mcdst holder
Servage support team are not very helpful I’m afraid with generic replies to my questions and little in the way of a solution.

]]> By: scarum http://www.befuddled.me.uk/2008/11/site-hacked-daily/comment-page-1/#comment-7534 scarum Thu, 12 Mar 2009 04:04:43 +0000 http://www.befuddled.me.uk/2008/11/site-hacked-daily/#comment-7534 They -Servage- have the balls to imply after all these testimonials that is still OUR FAULT for fucking up our attributes on folders? Cheesuz chrysler, wtf are these people thinking? They get hacked nearly 24/7 and they think the users are the ones to blame? They -Servage- have the balls to imply after all these testimonials that is still OUR FAULT for fucking up our attributes on folders?
Cheesuz chrysler, wtf are these people thinking? They get hacked nearly 24/7 and they think the users are the ones to blame?

]]> By: Servage http://www.befuddled.me.uk/2008/11/site-hacked-daily/comment-page-1/#comment-7365 Servage Mon, 09 Feb 2009 15:02:57 +0000 http://www.befuddled.me.uk/2008/11/site-hacked-daily/#comment-7365 Hello ... Servage here. I would like to take the opportunity to inform you on the GeoIP feature we have added to our control panel. This enables you to lock your controlpanel to geographical areas. Read more on: <em>https://www.servage.net/blog/2009/01/27/geoip-security-for-your-peace-of-mind/</em> Please also make sure you remove your ftp-account and create a new one in order to increase security. But I agree with other postings here that proper file/folder permission is vital if you placing content on the Internet. Do not hesitate to contact our customer support if you have any more issues. We are glad to help you. Hello … Servage here. I would like to take the opportunity to inform you on the GeoIP feature we have added to our control panel. This enables you to lock your controlpanel to geographical areas. Read more on: https://www.servage.net/blog/2009/01/27/geoip-security-for-your-peace-of-mind/

Please also make sure you remove your ftp-account and create a new one in order to increase security.

But I agree with other postings here that proper file/folder permission is vital if you placing content on the Internet.

Do not hesitate to contact our customer support if you have any more issues. We are glad to help you.

]]> By: richi http://www.befuddled.me.uk/2008/11/site-hacked-daily/comment-page-1/#comment-7333 richi Sat, 07 Feb 2009 16:24:17 +0000 http://www.befuddled.me.uk/2008/11/site-hacked-daily/#comment-7333 count me in. this is for the second time that all my servage-hosted websites were infested. new index.php apearing... count me in.
this is for the second time that all my servage-hosted websites were infested. new index.php apearing…

]]> By: Dave http://www.befuddled.me.uk/2008/11/site-hacked-daily/comment-page-1/#comment-7323 Dave Sat, 07 Feb 2009 02:47:36 +0000 http://www.befuddled.me.uk/2008/11/site-hacked-daily/#comment-7323 Hi All the same problems as you, I am no longer a customer. Bored of being hacked then ignore by servage, and then all the downtime. Here is my story, its a long blog post, but then its a long story. http://blog.lottomad.info/ab-personal-updates/servagenet-hosting-stay-away Hi
All the same problems as you, I am no longer a customer. Bored of being hacked then ignore by servage, and then all the downtime. Here is my story, its a long blog post, but then its a long story.
http://blog.lottomad.info/ab-personal-updates/servagenet-hosting-stay-away

]]> By: hacked? the solution http://www.befuddled.me.uk/2008/11/site-hacked-daily/comment-page-1/#comment-4711 hacked? the solution Sat, 10 Jan 2009 18:32:36 +0000 http://www.befuddled.me.uk/2008/11/site-hacked-daily/#comment-4711 There are many sites hacked this way on Servage: fishka or .htaccess hack It does not depend on ftp credentials being stolen, but ONLY on ROOT dirs being writable by everyone (777). First of all you need to CHMOD (755) your directories...especially the root !!! Then... You just need to clean the added lines in your index page and your .htaccess file. Carefully check for added subdirs the "hackers" created to upload their scripts and delete them, otherwise those bad scripts would still be active ;-) There are many sites hacked this way on Servage:
fishka or .htaccess hack

It does not depend on ftp credentials being stolen, but ONLY on ROOT dirs being writable by everyone (777).

First of all you need to CHMOD (755) your directories…especially the root !!!
Then…
You just need to clean the added lines in your index page and your .htaccess file. Carefully check for added subdirs the “hackers” created to upload their scripts and delete them, otherwise those bad scripts would still be active ;-)

]]> By: Stefan http://www.befuddled.me.uk/2008/11/site-hacked-daily/comment-page-1/#comment-4404 Stefan Tue, 06 Jan 2009 11:34:50 +0000 http://www.befuddled.me.uk/2008/11/site-hacked-daily/#comment-4404 Hi, I guess I am having the same problem. I am with Servage and one of my websites was hacked - as it appears on December 17 - I only noticed it today. I do NOT have Wordpress on the site. But I do have a PHP forum and some other third party PHP scripts for link exchange. I have deleted ALL php code from the site. I guess the problem is with PHP. It only affects Wordpress because WP relies on PHP. After carefully anaylzing the modification dates of the files I saw that the PHP files were modified first - then the htmlfiles with the code snippet "text block fishka" and many links pointing to the same website. (I did a DNS lookup with domaintool and could see who owns it - but maybe this is just another hacked site - so they hack one site and point links to another hacked site... just a guess) I will notify Servage of the problem. I don't know if moving to another host might hurt my rankings which have built over the last 3 years..It is a PR 4 site so I am not sure if I should just move to another host. Hi,

I guess I am having the same problem. I am with Servage and one of my websites was hacked – as it appears on December 17 – I only noticed it today.
I do NOT have Wordpress on the site.
But I do have a PHP forum and some other third party PHP scripts for link exchange.

I have deleted ALL php code from the site.
I guess the problem is with PHP. It only affects Wordpress because WP relies on PHP.

After carefully anaylzing the modification dates of the files I saw that the PHP files were modified first – then the htmlfiles with the code snippet “text block fishka” and many links pointing to the same website.
(I did a DNS lookup with domaintool and could see who owns it – but maybe this is just another hacked site – so they hack one site and point links to another hacked site… just a guess)

I will notify Servage of the problem.
I don’t know if moving to another host might hurt my rankings which have built over the last 3 years..It is a PR 4 site so I am not sure if I should just move to another host.

]]> By: dlld http://www.befuddled.me.uk/2008/11/site-hacked-daily/comment-page-1/#comment-3008 dlld Fri, 26 Dec 2008 13:47:13 +0000 http://www.befuddled.me.uk/2008/11/site-hacked-daily/#comment-3008 I'm also one of the victims. I've found it also creates a new folder in one of the wordpress' directories and uploads an index.php file. Remember to find and remove it. I’m also one of the victims. I’ve found it also creates a new folder in one of the wordpress’ directories and uploads an index.php file. Remember to find and remove it.

]]> By: Marko http://www.befuddled.me.uk/2008/11/site-hacked-daily/comment-page-1/#comment-2995 Marko Fri, 26 Dec 2008 11:50:01 +0000 http://www.befuddled.me.uk/2008/11/site-hacked-daily/#comment-2995 Make sure you also check all .htaccess files and suspicious folders. I've had to delete a 'web' folder and clean up .htaccess files. Also deleted a ftp account which I have not created. Make sure you also check all .htaccess files and suspicious folders. I’ve had to delete a ‘web’ folder and clean up .htaccess files. Also deleted a ftp account which I have not created.

]]> By: Sean http://www.befuddled.me.uk/2008/11/site-hacked-daily/comment-page-1/#comment-2865 Sean Wed, 24 Dec 2008 11:52:00 +0000 http://www.befuddled.me.uk/2008/11/site-hacked-daily/#comment-2865 I thought I was going crazy when I noticed these links on my Joomla sites hosted on servage. The strange thing is that it has also affected other sites that are pure html too. Have found and deleted rouge ftp account and changed ftp and cp passwords. hopefully this will work. I havnt noticed the issue with a Joomla 1.5 site that I have been working on but then again, this site was not uploaded until 18 November. Just glad that I perform file backups weekly. I thought I was going crazy when I noticed these links on my Joomla sites hosted on servage.

The strange thing is that it has also affected other sites that are pure html too.

Have found and deleted rouge ftp account and changed ftp and cp passwords. hopefully this will work.

I havnt noticed the issue with a Joomla 1.5 site that I have been working on but then again, this site was not uploaded until 18 November.

Just glad that I perform file backups weekly.

]]>