Website hacked? "Reported Attack Page!"


#1

One of my websites is completely down whilst others when i go on the page are immediatley blocked by google as a “reported Attack PAge!”

"Malicious software is hosted on 2 domain(s), including svyaz121.1dumb.com/, svyaz122.1dumb.com/."

Whilst admin panel for my phpbb3 forum is not working.

I have submitted a help ticket, but to no avail. Some great (sarcasm) automated responses.

I was wondering if anyone here would be able to help me! Thanks.


#2

I’ve got that same problem. I’m seriously getting tired of having to delete weird .htaccess files over and over again. Every week it’s the same. It wasn’t like this before and I seriously think that it must not keep like this, why is it like this, Dreamhost?

Coming back to the problem itself, I went checking the code in the files of the site that was with this problem and there’re some PHP code that shouldn’t be there. After removing them all, you should contact Google (through Webmasters Central) to tell them to index again your site. I did it, but I don’t know how long it’ll take :frowning:


#3

this page should help you: http://wiki.dreamhost.com/Troubleshooting_Hacked_Site

It’s important to keep software up to date, also to verify that any plugin’s or 3rd party theme’s are secure. Non-uptodate install’s, and 3rd party theme’s and plug-in’s are the first place to look for where the hackers got in.


#4

There is no text on that wiki link. How do i get help from a real life person? Not just someone cut n pasting instructions i don’t understand.

This is honestly the most painful customer service i have ever had from a host. [hr]
I cant even login to half my sites to upgrade them!? Real life person response would be great!


#5

You could try a little bit to look around. It was clearly just a small typo. The correct address is: http://wiki.dreamhost.com/Troubleshooting_Hacked_Sites

You can pay for a higher level of support (live chat or a phone call from DH) if you don’t want to wait for an email response. Live chat is occasionally available for free from the panel if their work load allows for it.


#6

OOPS my fault, the correct link is http://wiki.dreamhost.com/Troubleshooting_Hacked_Sites

You need to understand that a real life person isn’t part of what you are paying for, unless you have opted in for the support callback feature which I think is 9.95/month for 3 callbacks. With shared hosting, that’s pretty much what you are buying…hosting. Now that said support does go out of there way to help with hacked sites, I’m not sure why they haven’t gotten to your ticket yet, but I’m sure you will here from them if you have an open ticket.


#7

I wonder why this kind of problems were less common before. I’ve been a DH customer over a year now and just on the recent months it started happening in some of the sites I have hosted here. It’s sad how I lost all trust I had gathered on the hosting throught these past months.
And, yes, I’ve got my things updated.


#8

Unfortunately, I’m 99% sure that the security vulnerability used to gain access to your account is not due to something DH has done. It’s almost always due to the applications you install. Even the latest version of WP or whatever has vulnerabilities. When you add plugins and themes, especially those from unknown or untrusted sources, then you are basically opening a bunch of doors into your account.


#9

Fair enough. Prior hosts when i have had a problem, have atleast looked at my account and pointed out the problem. Concidering this spreads throughout all my domains, it is of significant concern.

I even done the back up and got an email saying there wasnt one. I mean having an account for over a year, i thought their might have been… ya know… one. Also nice of the grammar used to say “Howwwwwwwwwevverrrr, we dont gaurantee back ups…” Im already in the process of loosing my websites, i dont need cheeky slants like that.

Honestly, can say i will not be renewing my time here. Premium price compared to prior hosts, and support for me is more than just linking to wiki pages. But hey oh, that seems to be not part of the package.

There was me thinking the dreamhost reputation was all hearsay, it certainly is not.


#10

Dreamhost isn’t obligated to help you troubleshoot your website or handle your security for it. They offer you hosting and that’s it. If you want faster support or to speak to a live person then pay the 9.95 for that additional service. Also, I find it mind-boggling that people do not have their own site backups. If you develop on a local copy and then upload it you would always have the most up-to-date backup. It will save you loads of time and frustration in the long run. Since this is impacting multiple sites, you might want to have each domain run under a different user and have different and stronger passwords. This way if one of the websites is compromised you will know that there might be some sort of exploit being used for whatever software you are using to run it. Please don’t blame DH for not being prompt with helping you with something they do not support to begin with. You are not having a service issue. You are having a problem with whatever software you are using being compromised. Your website’s security is entirely your responsibility.


#11

In my limited experience with other hosts (i.e. I’ve only looked into what they offer, not actually paid for their services), the hosts that offer the (expensive to the company) live person support will generally have much more restrictive resource limits and stiffer penalties for violating those limits. So, you get what you pay for. The main reason why I stick with DH is that it seems they are focused on being as generous as possible with their resources. That’s great for someone who knows, or is willing to learn, how to do what they want to do, but the flip side is that clients who need more hand holding will feel ignored.

I agree, that is pretty lousy. And while I do agree with Ryo-ohki that you should have your own backups (even in your backups user account), DH should do a better job of either making sure their services actually work as advertised or stop advertising them. The backups service isn’t the only one which DH knows doesn’t work as advertised, yet they continue to promote it. It’s a very poor way to present yourself and just creating dissatisfaction for clients.

I wouldn’t mind looking at the wiki more often if DH actually made an attempt to improve it! A lot of it is customer generated. Compared with other hosts, with the note above that they probably have stricter resource limits, the knowledge base at DH is a bit mediocre for a company that expects its clients to help themselves.

When you find a better host, come back and let me know what it is so that I can add it to my comparison database. I’ll be interested to know what their resource limits are.