Hacked Sites


#1

All of my dreamhost’s sites were defaced today. Just wanted to post a conversation that I had with the hacker:

[13:46] Bogo OGaming: is there anything else I can do to prevent getting hacked again?
[13:47] x-MadTurk: i dont understand :S
[13:47] x-MadTurk: my again hacked ?
[13:48] Bogo OGaming: sorry, I’ll say it differently
[13:48] Bogo OGaming: you hacked some of my sites last night
[13:48] Bogo OGaming: mikebogo.com, etc.
[13:48] x-MadTurk: ohh
[13:48] x-MadTurk: hımmm…
[13:48] x-MadTurk: only protest
[13:49] x-MadTurk: your server security = 0
[13:49] Bogo OGaming: my own, or is it the fault of the server company that I use?
[13:50] x-MadTurk: company
[13:51] Bogo OGaming: ok, looks like I’m going to have to start looking for a new host company then
[13:52] x-MadTurk: good for you …


#2

Uhhhh, there’s no real info there (ie. the guy gave you nothing useful for someone to figure out how he got in), so I doubt it’s purely DH’s fault.

What were you running on the sites that were defaced? Joomla?

Unless it’s due to the latest PHP 5.2.1 holes, which should be patched soon with 5.2.2 (which DH is currently working to upgrade, or has already).


Chips N Cheese - Custom PHP installs and the like!


#3

I think you’ll probably find that he got in through a security hole in one of your scripts–not the server itself.

That can happen anywhere if you don’t keep everything secure & up-to-date.


:stuck_out_tongue: Save up to $96 at Dreamhost with ALMOST97 promo code (I get $1).
Or save $97 with THEFULL97.


#4

I have tons of domains and scripts with no problems here. DH is secure and from what I can tell, update their server pretty religiously when patches come out.

If your site got hacked, I can guarantee it was due to your scripts. Otherwise, I have a hard time believing this, how did you know who hacked you and where did you find and converse with him? Why wouldn’t you report his IP?

Save [color=#CC0000]$97[/color] on all plans by using promo code: SRVR97. More Here


#5

I hate hacking. I always suggest people not to learn hacking. Once you know it, you will definately get addicted, especially for programmers.

So I did not learn hacking. And I end up without knowing any security issues and how to protect my site. Poor eh?

Save $97 with promo code: [color=#CC0000]97YES Sign Up NOW[/color]