Certified Hosting/Naked Hosting Malware on Blogs: FUCK - GoFuckYourself.com

pamon · 04-12-2011, 05:37 PM

2nd time around getting malware placed on my sites with certified/naked hosting. Unreal. Why offer hosting if your servers don't support a secure environment. Same .cc malware on Wordpress Blogs. Have to go through another battle w/ support on this. FUCK

Barefootsies · 04-12-2011, 05:38 PM

Damn. That sucks foo.

Good luck getting it resolved.

pamon · 04-12-2011, 05:40 PM

yeah. was with hostgator for years w/ no problems and now 2nd time in 3 months w/ certified hosting. thinking about switching. shared hosting with a bunch of blogs but still having doubts on certified's security.

critical · 04-12-2011, 05:52 PM

Let us know if you need help moving. :-)

cooldude7 · 04-12-2011, 05:53 PM

mine looks good,
btw how to check if mine are infected ?

i m also on certified.

pamon · 04-12-2011, 06:07 PM

i logged into one of my sites and tried to log into the WP admin page. got prompted with a WP update page. Don't know if by clicking the update page if it triggered it or not. The links on the page were all to the domain and didn't appear questionable albeit the updates are always usually witihin the dashboard.

My main issue is that my sites are down until the base 64 encoding gets cleaned. Shouldn't the host have security stuff to stop that from in the first place? Twice in the past few months on my end. Like certified but the latest problems are troubling to me.

Might've been my bad, but overall the problem is insecurity IMHO.

3xmedia · 04-12-2011, 06:17 PM

that sucks man, happened to me with some host as well

V_RocKs · 04-12-2011, 06:19 PM

Cyberwurx is doing great for me.

Agent 488 · 04-12-2011, 06:20 PM

been keeping your wp updated?

wordpress.org can help too. always good to report the hack there as well, but sometimes not very helpful.

RaiderCash_Dominik · 04-12-2011, 06:23 PM

How do you know its their fault?

Jakez · 04-12-2011, 06:32 PM

First negative post I've seen about them. Hope it works out for ya.

Quote:

Originally Posted by RaiderCash_Dominik

How do you know its their fault?

HomerSimpson · 04-12-2011, 07:00 PM

it's not their fault...

your computer is infected...
I know since I've been there already..

you need to install Nod32 + Malwarebytes Anti-Malware and scan it. I guess you're still on XP so moving to Windows 7 would also help.

After that
if you use Filezilla - move to Filezilla portable
if you use Total Commander - download latest version and use master pasword for FTP
also use something for storing passwords in browser like RoboFrom, Keepass or similar...

pamon · 04-12-2011, 10:32 PM

my main issue was that w/ my prior host(s) never had WP problems with malware injections.

use a mac homer, sorry.... a ittle more techie that to still be using win xp. thanks though....

they are scanning and will let me know. props to their support since they are on the ball... my main concerns were with the ability for these sites to inject malware and all.

maybe overly concerned, maybe not.

alsdesign · 04-13-2011, 03:42 PM

Have you tightened up the default wordpress settings?

This is a MINIMAL security set :

good and secure passwords
rename the admin user
change the table prefix from wp_ to something like wp2632361_
check security permissions on main directories, check user groups
update the WP as often as possible
tighten upload security, if people can upload anything other than JPG, GIF
add .htaccess to wp-content , wp-admin/uploads , possibly to specific plugins
add .htaccess to wp-admin, double password check is pain in the ass, but if you are unsure about security it helps

Default WP installs are NOT secure, and running such blog is always a risk. There are tons of scripts out there that search for blog vulnerabilities and you don't have to be a genius to run one.

I doubt ANY hosting company will be checking default install of WP in shared environment for security holes. I'm not a Naked hosting customer, but my guess this is happening to you because of non-secure Wordpress setup, so it's not necessarily fault of the hosting.

LeRoy · 04-13-2011, 03:45 PM

Shared or dedicated?

SpotOnTechSupport · 04-13-2011, 03:47 PM

Quote:

Originally Posted by LeRoy

Shared or dedicated?

I was going to ask the same thing. If it's shared it could be from another site infecting the server. Could also be a hijacker on your computer.

pamon · 04-14-2011, 12:12 AM

thanks all for the input. upon getting to the wp-admin page was getting a page with:

Database Update Required

WordPress has been updated! Before we send you on your way, we have to update your database to the newest version.

The update process may take a little while, so please be patient.

This is what started it i think. will see. they cleaned it up again. will see

u-Bob · 04-14-2011, 02:57 AM

Quote:

Originally Posted by BrownLeopard

If it's shared it could be from another site infecting the server. Could also be a hijacker on your computer.

shouldn't be possible on a properly set up server.

04-12-2011, 05:37 PM	#1
pamon Confirmed User Industry Role: Join Date: Dec 2007 Posts: 3,103	Certified Hosting/Naked Hosting Malware on Blogs: FUCK 2nd time around getting malware placed on my sites with certified/naked hosting. Unreal. Why offer hosting if your servers don't support a secure environment. Same .cc malware on Wordpress Blogs. Have to go through another battle w/ support on this. FUCK __________________ Email: [email protected] Skype: davidamodt. / TG: Davidamodt US Adult Content & Porn Writer Project/Sites/Tubes/Reviews & More

04-12-2011, 05:38 PM	#2
Barefootsies Choice is an Illusion Industry Role: Join Date: Feb 2005 Location: Land of Obama Posts: 42,635	Damn. That sucks foo. Good luck getting it resolved. __________________ Should You Email Your Members? Link1 \| Link2 \| Link3 Enough Said. "Would you rather live like a king for a year or like a prince forever?"

04-12-2011, 05:40 PM	#3
pamon Confirmed User Industry Role: Join Date: Dec 2007 Posts: 3,103	yeah. was with hostgator for years w/ no problems and now 2nd time in 3 months w/ certified hosting. thinking about switching. shared hosting with a bunch of blogs but still having doubts on certified's security. __________________ Email: [email protected] Skype: davidamodt. / TG: Davidamodt US Adult Content & Porn Writer Project/Sites/Tubes/Reviews & More

04-12-2011, 06:07 PM	#6
pamon Confirmed User Industry Role: Join Date: Dec 2007 Posts: 3,103	i logged into one of my sites and tried to log into the WP admin page. got prompted with a WP update page. Don't know if by clicking the update page if it triggered it or not. The links on the page were all to the domain and didn't appear questionable albeit the updates are always usually witihin the dashboard. My main issue is that my sites are down until the base 64 encoding gets cleaned. Shouldn't the host have security stuff to stop that from in the first place? Twice in the past few months on my end. Like certified but the latest problems are troubling to me. Might've been my bad, but overall the problem is insecurity IMHO. __________________ Email: [email protected] Skype: davidamodt. / TG: Davidamodt US Adult Content & Porn Writer Project/Sites/Tubes/Reviews & More

04-12-2011, 07:00 PM	#12
HomerSimpson Too lazy to set a custom title Industry Role: Join Date: Sep 2005 Location: Springfield Posts: 13,826	it's not their fault... your computer is infected... I know since I've been there already.. you need to install Nod32 + Malwarebytes Anti-Malware and scan it. I guess you're still on XP so moving to Windows 7 would also help. After that if you use Filezilla - move to Filezilla portable if you use Total Commander - download latest version and use master pasword for FTP also use something for storing passwords in browser like RoboFrom, Keepass or similar... __________________ Make a bank with Chaturbate - the best selling webcam program Ads that can't be block with AdBlockers !!! /// Best paying popup program (Bitcoin payouts) !!! PHP, MySql, Smarty, CodeIgniter, Laravel, WordPress, NATS... fixing stuff, server migrations & optimizations... My ICQ: 27429884 \| Email:

04-12-2011, 05:52 PM	#4
critical Confirmed User Join Date: Aug 2009 Posts: 478	Let us know if you need help moving. :-)

04-12-2011, 05:53 PM	#5
cooldude7 Confirmed User Industry Role: Join Date: Nov 2009 Location: Heaven Posts: 4,306	mine looks good, btw how to check if mine are infected ? i m also on certified.

04-12-2011, 06:17 PM	#7
3xmedia Confirmed User Industry Role: Join Date: Apr 2004 Posts: 5,718	that sucks man, happened to me with some host as well

04-12-2011, 06:19 PM	#8
V_RocKs Damn Right I Kiss Ass! Industry Role: Join Date: Dec 2003 Location: Cowtown, USA Posts: 32,391	Cyberwurx is doing great for me.

04-12-2011, 06:20 PM	#9
Agent 488 Registered User Industry Role: Join Date: Feb 2006 Posts: 22,511	been keeping your wp updated? wordpress.org can help too. always good to report the hack there as well, but sometimes not very helpful.

04-12-2011, 06:23 PM	#10
RaiderCash_Dominik Confirmed User Industry Role: Join Date: Jan 2010 Posts: 1,145	How do you know its their fault?

04-12-2011, 10:32 PM	#13
pamon Confirmed User Industry Role: Join Date: Dec 2007 Posts: 3,103	my main issue was that w/ my prior host(s) never had WP problems with malware injections. use a mac homer, sorry.... a ittle more techie that to still be using win xp. thanks though.... they are scanning and will let me know. props to their support since they are on the ball... my main concerns were with the ability for these sites to inject malware and all. maybe overly concerned, maybe not. __________________ Email: [email protected] Skype: davidamodt. / TG: Davidamodt US Adult Content & Porn Writer Project/Sites/Tubes/Reviews & More

04-13-2011, 03:42 PM	#14
alsdesign Confirmed User Industry Role: Join Date: Jun 2004 Posts: 199	Have you tightened up the default wordpress settings? This is a MINIMAL security set : good and secure passwords rename the admin user change the table prefix from wp_ to something like wp2632361_ check security permissions on main directories, check user groups update the WP as often as possible tighten upload security, if people can upload anything other than JPG, GIF add .htaccess to wp-content , wp-admin/uploads , possibly to specific plugins add .htaccess to wp-admin, double password check is pain in the ass, but if you are unsure about security it helps Default WP installs are NOT secure, and running such blog is always a risk. There are tons of scripts out there that search for blog vulnerabilities and you don't have to be a genius to run one. I doubt ANY hosting company will be checking default install of WP in shared environment for security holes. I'm not a Naked hosting customer, but my guess this is happening to you because of non-secure Wordpress setup, so it's not necessarily fault of the hosting. __________________ Al's design - adult and mainstream design, programming & development Amerinoc hosting - hosting that I trust

04-13-2011, 03:45 PM	#15
LeRoy Porn Pusher Industry Role: Join Date: Jul 2007 Location: It's a dry heat Posts: 13,334	Shared or dedicated? __________________ JAPANESE CAMS AND CONTENT SITES Skype - leroy.rowland2

04-14-2011, 12:12 AM	#17
pamon Confirmed User Industry Role: Join Date: Dec 2007 Posts: 3,103	thanks all for the input. upon getting to the wp-admin page was getting a page with: Database Update Required WordPress has been updated! Before we send you on your way, we have to update your database to the newest version. The update process may take a little while, so please be patient. This is what started it i think. will see. they cleaned it up again. will see __________________ Email: [email protected] Skype: davidamodt. / TG: Davidamodt US Adult Content & Porn Writer Project/Sites/Tubes/Reviews & More