This account is currently disabled!


#1

Here’s my story…I run a website called “mykeyloggeronline.com” which had been hosted on GoDaddy for over 4 years. I decided to switch to DreamHost as I heard they were attentive and overall good guys to work with.

However my “Happy Dream Hosting” turned into a nightmare when DH suddenly without ANY warning totally disabled my website. No reasons given or no time to resolve the issue. I would gladly take corrective action to remove my site and switch back to GoDaddy.

The site was running for a few weeks on DH so I started to update all my code and update google maps from v2 to v3. Now DH has blocked access via FTP so I cannot get back my code. I didn’t do a local backup as I assumed DH does that.

I don’t understand how I can be treated so badly for a legitimate website. I’ve had 1000’s of users say it’s great to monitor their kids, employees etc.,…

Also, how can DH ignore my tech support requests? I’ll gladly switch back to GoDaddy if I have offended DH hosting TOS.

Can anyone from DH help?

Stifling creativity and innovation isn’t what I signed up for DH!

Wow - at least I’ve learned alot in the nightmare process, that my website dreams can be demolished by an uniformed DH admin with just the click of a mouse.

Not Happy DH! :frowning:


#2

Someone is looking at your ticket this very moment.


#3

Thanks … I have 3 outstanding tickets…looking at the DH “General Acceptable Use Policy”

Hacking
"Websites dedicated to the discussion of hacking activities or the distribution of hacking tools are prohibited. Also, the usage of DreamHost’s computer systems or network to access any system, service, or network without the owner’s consent is expressly forbidden."

That’s the only thing I can guess why my site was taken down.
There are literally 100’s of websites that promote monitoring software
and cost users alot of $$$, I decided to create an “open” website so users weren’t ripped off…I took security very serious and encrypted all data on the server.

If DH says that my site is “Hacking”, I disagree…GoDaddy gave me a chance to promote an open source, free monitoring tools, why can’t DH?

Confused users are starting to reply:

“Hello I have been using the monitoring program for a while and all of a sudden it seems that I don’t have it and can’t seem to log on to download it again. What could be wrong and thanks for any advice.”

#5366224 Site Down 5 hours 36 mins
Withdraw Message
#5365522 FTP is down? 19 hours 33 mins
Withdraw Message
#5365488 This account is currently disabled! 19 hours 56 mins
Withdraw Message

Thanks again for looking into this issue…

P.S The main reason I switched from GoDaddy to DH was that GoDaddy supported SOPA whereas DH stated this:

"DreamHost Denounces SOPA and Sticks to It
Web Host DreamHost Declares SOPA Bad for the Internet and Doesn’t Change Mind — Not Even Once

DreamHost came to this conclusion after first hearing of the bill in late 2011 and has never wavered in its opposition. SOPA was, and is, a raw deal for free speech on the Internet."


#4

I talked to the tech handling the case and you should have an update by now. This was unrelated to the content of your site, and appears to be a hack. The abuse/security team will be helping you out with this one.


#5

Our abuse team recently replied to your tickets by email … you can also click here http://bit.ly/PfyUyK to view all your support history.

Thanks,
Matt C


#6

Hi, just to update this thread.

DH has found the real issue:

Your account was found running hacked UDP flood processes that were not
only attacking an external system but also spiking load on the shared
server and bringing down sites of all other customers on it. The
account had to be terminated pending review to prevent it from impacting
other customers. Typically when a brand new account is causing issues
like this it was signed up with a stolen credit card, so your payment was
refunded as well.

The problematic logins that indicate your password was hacked:

/var/log/auth.log:Oct 4 10:52:42 aspen sshd[1136]: Accepted password for
vengy from 18.187.1.68 port 42849 ssh2
/var/log/auth.log:Oct 4 11:12:26 aspen sshd[3995]: Accepted password for
vengy from 204.124.83.131 port 16385 ssh2
/var/log/auth.log:Oct 4 11:36:48 aspen sshd[28959]: Accepted password
for vengy from 31.172.30.3 port 35553 ssh2
/var/log/auth.log:Oct 4 11:59:18 aspen sshd[26922]: Accepted password
for vengy from 80.237.226.76 port 37834 ssh2

Sorry for jumping badly on DH. It was MY fault…I disabled an antivirus scanner for several weeks
and trojan W32/Tacur infected my machines.

“If you lie down with dogs, you get up with fleas.”

Thanks.