Dreamhost escalation process


#1

Did dreamhost has any escalation process if I am not satisfy with the solution who technical support obligate me to do it?


#2

You can:
turn in another ticket
Post your problem here in the discussion forum
Post your problem on their Twitter Account (though I have never done this…)
Turn in another ticket
Pay for phone-service when turning in your ticket
Try Live Chat
All of the above

I have found that sometimes making a lot of noise(doing all of the above) will get your problem dealt with


#3

I took a look at your site and there are some issues.

  1. You’re still on WP 3.5.1 - That’s both out of date and insecure. You need to upgrade ASAP.

  2. You’re on PHP 5.2 - We strong recommend 5.3 as a minimum for WordPress.

  3. Your site was hacked. If I look at the files in ~/mystjohn.org/wp-content/plugins/wp_config I can see they’re riddled with hacks. Probably due to issue number 1 up there.

Due to issue 3, I’ve moved your ticket to our abuse team so they can do a full scan. Once you get that email back, you’ll need to clean up WP. A good resource for that would be this: http://wiki.dreamhost.com/WordPress_Hacks

Sorry about that. It’s easy to miss if you’re not used to looking to stupid WP hacks.


#4

First, thank you so much, finally I found some one have a good experience to help me.
Second, I checked what you mentioned I found tumblr-importer.php, I did not install this plugin WordPress Importer or tumblr-importer (we did not install any plugin at all).
I can not download the file mod_system.php (550 permission denied)


#5

They started the scan and nothing happens, I have the same problem, they suggest to do upgrade for every thing PHP, wordpress, gallery, and Drupal.
I must see some improvement to believe on what you see, otherwise if I will upgrade everything, my manager request to start everything from scratch with other company to host our domain with good support, I chased you guy everywhere, on this forum, live chat, facebook, open tickets. still have same problem.


#6

Honestly, moving to another host will not solve this issue. You must consider what allowed your site to be hacked and fix those problems:

make sure all of your software is up to date (Drupal, WordPress, etc…)
use stronger passwords
disable FTP if you have not already (only use sftp)
consider using 5G blacklist in your htaccess http://perishablepress.com/5g-blacklist-2013/
investigate other ways to secure Drupal and WordPress (I like to use Login Lockdown plugin for WordPress)
be vigilent and read these discussion forums for new ways to secure your websites!

it is a lot of work, I know, but if you are going to manage websites it is good practice to know ways to secure your sites. If you move to another hosting company you will simply have to start all over again (and perhaps not have a discussion forum to turn to)


#7

Your post here makes very little sense. Of course you have work to do, that you should have already done parts of (keeping on on current versions, most releases plug some kind of hole or vulnerability).

Don’t lay blame on dreamhost support, they’ve done their job. Which is to check for server related issues and scan your account to see if there are any signatures that indicate hacking. They’ve done this, they have told you that YOU have a problem, but your reply indicates either denial or lack of understanding of whose responsibility it is to maintain your site and clean up hacks.

would you like cheese to go with your whine?


#8

Is it ok to delete all files on mystjohn.org/wp-content/plugins/wp_config (mod_system.php, class-wp-importer-cron.php, tumblr-importer.php) since I do not have any plugins on wordpress


#9

I do not think there should be a folder (or file) with any of those names in your plugins folder.

You should probably back up your theme folder, your /wp-config.php file, .htaccess file, and your /wp-content/uploads folder, and then delete your entire WordPress install and start over with a fresh installation of the latest WordPress.

Otherwise you could find yourself back in the same boat.


#10

I wouldn’t reuse those backup files either, unless I had to for some strange reason. Best to use an updated copy of your theme. Not sure where your theme came from but they often need to be updated as well, as you bring your WP install up to date. Proceed with caution. Here is a wiki article that points out some things to think about: http://wiki.dreamhost.com/Harden_WordPress