Checking my dysfunctional server logs this afternoon to see if they had been rotated yet (because they are not rotating again, and no response from support yet), I noticed someone had logged into my /stats/ directory under my username and gained access.
184.108.40.206 - - [01/Dec/2006:11:28:47 -0800] “GET /stats/ HTTP/1.1” 401 (got login screen)
220.127.116.11 - (my username) [01/Dec/2006:11:29:13 -0800] “GET /stats/ HTTP/1.1” 200 (access granted, page ok)…etc.
Um NOT cool! If this is DH checking to see if my stats updated, I haven’t heard anything. In the meanwhile, afraid that someone had just compromised my password, I went and changed them for both the panel and FTP.
Generally, when I see someone at DH hitting my sites for a support request, it’s obvious. So far as I could tell though, those hits came from the east coast.
I’m not happy about that to say the least. Not. Happy.