Hacked 3 Times In 2 Days
Feb 7, 2008
In both cases a hacker created email accounts (through cpanel?) and then sent out spam through the webmail system. I don't see on the log where they accessed the cpanel, so I'm thinking they may have done it on another day, or they may have done it using some remote script.
Here's what the log looks like.
83.138.172.72 - - [06/Feb/2008:04:52:56 -0600] "GET /webmail HTTP/1.0" 301 0 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; Crazy Browser 3.0.0 Beta2)"
82.128.5.177 - - [06/Feb/2008:05:52:14 -0600] "GET /webmail HTTP/1.1" 301 5 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; Crazy Browser 2.0.1)" ...
View 9 Replies
ADVERTISEMENT
Apr 14, 2008
Our web site has been hacked many time over the last few months. The hacker only puts links to other site in our html code. We changed the FTP password many time but we are still finding malicious code in our main index page and other pages on the site.
We can figure how and from where they are coming in and how prevent further hacks.
View 2 Replies
View Related
Nov 28, 2008
Virpus = Ticket 11 days old, started working on issue 6 days ago, no word for 4 days!
Thats Virpuss customer service and its plain silly.
View 11 Replies
View Related
Apr 5, 2008
I guess you can fugure my account expired with servage.
but to tell you the truth, I am so P OFF at them
I opened a ticket on my last day and asked if I can move it from 14 months (that I started with) to a 6 months renewal because I could'nt afford to pay the £74 they wanted, and apologised for this. They said I'd have to pay the 74 pounds first and then change my billing to 3 or 6 months.....
I replied saying can I then pay a sum now and a some next week. as I don't have that with me at the moment but wednesday 9th April I wil be able to remew it all
They replied with:
"Hello Ahmed
there is 14 days grace period for customers before account gets suspended."
So I thanked them very much, because like that, instead of paying in installments, I can just pay them the whole amount before the grace period was over, otherwise I would've backed up my data and moved it another server, or on my computer till I remew the whole amount....
5 days later (today), I log on to my account, and it has been suspended as I hav'nt paid for 5 days...thats 9 days before the "grace period"
and now all my domains have this dirty suspended page that they have, and I bet I lost half my members and customers like this, as when I see this page on any domain I enter I never go back to it!
I say to my self its my falt, I should've paid when I had to.....but money was tight, and I told them....and they gave me the 14 days, I did'nt ask for anything, but I thought backing up all my sites and my webdriver that I have with them would take me ages, plus the pages have alot of content that would be a hassle, if I have a "14 days grace period".
This is the first time servage have lied to my face, and not by answering a question with yes or no, by saying a feature they have that does'nt exist and but wednesday I bet all my customers and members would've found somewhere else to hang out, as I only contacted them through the mail server on the site and my forum, now I can't even right "we will be back soon....don't go away",
I thought I warn you guys about this grace, if you have an account with them make sure your ready to renew before it expires, and don't believe most of the stuff that they say.
OMG, I used to promote for these people, and tried hard to always say good stuff about them, you see my sig, it was a promotion for them with a coupon code (that I dredfully apologies about to the administration for not reading the rules properly), and I get in return a lie straight in my face with no warning and no way of accessing my database what so ever.
Just be warned Guys, don't believe everything they say to you and backup all the time because you never know why they suspend your account.....even if your on thew right track
View 6 Replies
View Related
May 27, 2009
I have just come here to see if anyone else has experienced long setup times with the NY NOC?
It has been 4.5 days now and still no welcome email.
I emailed sales asking for an ETA and they just said due to the public holiday your server will be setup tomorrow (that was 2 days ago)
I emailed sales again and got no reply. NOCANDY replied on here saying yes things got delayed your server will be up shortly. (that was yesterday)
I have asked for a full refund lets see what happens
I recently took the AMD opteron special they had going for $69/m which i thought was pretty good but i wont even get to try it
View 14 Replies
View Related
Feb 22, 2008
my question. We host around 40 websites that have hundreds of pictures. I have 60gigs dedicated to pictures alone. since we are getting more clients I want to get a bigger hard drive just for the pictures. Since my boss is obssesed with user access times, as in users accessing the pictures on the web on their end, he thinks getting a bigger hard drive will slow down the server and hence slow down access time serving out the pictures to end users. I guess what I'm saying is does a bigger hard drive slow down a website?
Let me know if you need clarification I wasn't sure how to word this.
View 6 Replies
View Related
Nov 4, 2007
[url]
Just enter the IP,etc and it tells you how many hits,etc on said IP.
View 8 Replies
View Related
Mar 8, 2006
I've recently moved server and since then I've had a problem with the main site I administrate. The problem is that when I'm moving around the site I frequently get long lag times between clicking on a link and getting to that next page. This isn't slow transfer speeds - the status bar shows 'waiting for xxxx' for sometimes 15 to 20 seconds. The site makes quite heavy use of a MySQL database and associated forum software.
It was suggested I did some tracerts to see what that showed. The thing is I don't know what the significance of tracert results are! It seems to show lots of timeouts - but then it shows lots of timeouts when I try it on other sites as well, which don't have the same lag problems.
I have no reasons to think it's my host, who are really good and responsive. But my ISP says it's nothing to do with them either. If the routing is a problem, where lies the responsibility for selecting the routes between me and the server to my site?
I'm hoping this is just the link between me and my site, as other site users don't seem to have had a problem yet. I'll post a couple of tracert results in case anyone is able to advise me on what their significance might be.
View 0 Replies
View Related
Nov 9, 2009
For some reasons I cant access any of my accounts on my dedicated server via FTP. It simply times out when it tried to display the directories.
Heres a log from FileZila...
Code:
Status:Resolving address of testdomain.com
Status:Connecting to 64.237.58.43:21...
Status:Connection established, waiting for welcome message...
Response:220---------- Welcome to Pure-FTPd [TLS] ----------
Response:220-You are user number 3 of 50 allowed.
Response:220-Local time is now 19:39. Server port: 21.
Response:220-This is a private system - No anonymous login
Response:220-IPv6 connections are also welcome on this server.
Response:220 You will be disconnected after 15 minutes of inactivity.
Command:USER testaccount
Response:331 User testaccount OK. Password required
Command:PASS ********
Response:230-User testaccount has group access to: testaccount
Response:230 OK. Current restricted directory is /
Command:SYST
Response:215 UNIX Type: L8
Command:FEAT
Response:211-Extensions supported:
Response: EPRT
Response: IDLE
Response: MDTM
Response: SIZE
Response: REST STREAM
Response: MLST type*;size*;sizd*;modify*;UNIX.mode*;UNIX.uid*;UNIX.gid*;unique*;
Response: MLSD
Response: ESTP
Response: PASV
Response: EPSV
Response: SPSV
Response: ESTA
Response: AUTH TLS
Response: PBSZ
Response: PROT
Response:211 End.
Status:Connected
Status:Retrieving directory listing...
Command:PWD
Response:257 "/" is your current location
Command:TYPE I
Response:200 TYPE is now 8-bit binary
Command:PASV
Response:227 Entering Passive Mode (64,237,58,43,145,153)
Command:MLSD
Response:150 Accepted data connection
Response:226-ASCII
Response:226-Options: -a -l
Response:226 18 matches total
Error:Connection timed out
Error:Failed to retrieve directory listing
I have restarted the FTP service serveral times but still It doesnt loads.
View 7 Replies
View Related
Oct 30, 2009
We have a video streaming server, sometimes the server gets really slow and when we digg into it, we see that the same ip is trying to download the same file many many times. for example i either run this command
netstat -n | grep :80 | awk '{ print $5 }' | awk -F: '{ print $1 }' | sort | uniq -c | sort -n | tail
or go to WHM and see the 'apache stats' and i see 100 http connections from the same ip, trying to download the same video 100 times,,,
what is this? is this some sort of attack? could that be 100 different people that use a proxy? or what is going on?
View 7 Replies
View Related
Oct 26, 2009
i have windows 03 server getting ddosed many times. attack was upto 2gbit so any way to stop it?
Would a higher connection speed/bandwidth limit help? And about load balancing, would more servers help prevent the DDoS?
View 13 Replies
View Related
Jan 13, 2009
if any of you could give a quick idea on the set up times for dedicated servers from ECATEL
I paid 515 euros 9 days ago, and the server still hasn't been set up (Hardware delivery problems I have been told) and before I ordered, they stated the setup time would be 48 hours.
Is this normal? The last email i received from them was 3 days ago.
I find this completley unproffesional, It is always another few days.
What are your experiences with them? I am utterly dissapointed so far.
View 8 Replies
View Related
Jun 9, 2009
Anyone else notice random power failures to theirs around 2-6am EST?
View 3 Replies
View Related
Aug 19, 2008
Im very curious. For most of us, we probably wont have to go through it. But how many times does the average customer change their web host in 4 years?
Is it common to change after the first year?
View 14 Replies
View Related
Feb 19, 2008
way to keep server times synchronized? All servers are in the same location.
For example, a website has two web servers and one database server. What's the best way to keep the time syncd on all servers (they should be the exact same time really)?
Operating System: Linux - CentOS
View 5 Replies
View Related
Jan 24, 2009
My site is down for about 4 days now. The hosting company's website support area is not accessible either. I do not have access to phpmyadmin. No one from the company is contacting me to let me know what the problem is. What can I do to bring my site back to life again?
View 14 Replies
View Related
Aug 1, 2008
I want everyone to know that the purpose of this post is to ask for help, and nothing else.
I bought a VPS from VerityNet one night. The next afternoon,I found out that my server was not setup yet and I had to call in for it to be manually setup. Great! Now I can get going, except for some reason I am not able to login to their PPP (Parallels Power Panel) and not able to login via Remote Desktop with the username and password supplied in the e-mail. So, I called in and told them I was not able to login, so he suggested a password reset. He said he would send me the new password via e-mail, but it took almost until next morning (Today). I tried to login using the new password for both Remote Desktop and PPP and it has failed to work, again. Next, I went back on their website to pull up the 1800 number to call them (By the way, this is the SAME number that I used Yesterday.).
When I dialed that number, it saids "This mail box does not exist".
What should I do at this point?
A) Stay with them, and try to work things out.
B) Get a refund
C) Stay with them, and ask for compensation for the 3 days.
View 14 Replies
View Related
Jun 7, 2007
Today I noticed huge bandwidth usage on one of my site. This site is a picture site and average bandwidth usage was about 2 - 3 GB / day. But during last 4-5 days, this site has use more than 200GB of bandwidth.
After going thru the logs, I find that an email (or more than one) is in circulation having hotlinks to almost all the images (over 2000 high quality pictures) in one email.
This email has been send to thousands of ppl by some group / person. Now these emails blowup all my bandwidth without any page view / ads being served. I was really horrified to see this. In panic I renamed the folder holding the pictures and changed all my html files pointing to new folder.
But this does not seem to be the solution. Again someone could do the same thing again and again. Further, if I am changing the folder / location of pictures, I don't know if it will affect indexing of images by goggle images as this is a main source of visitor at my site.
Can I do something to stop this miss-use? I really lost money due to this over usage. How can I make sure that this thing is not repeated with my site?
View 5 Replies
View Related
Jul 26, 2007
It seems there's a shake-up going on in the VPS business, first BuyaVPS has issues with network, X1services with Cpanel problems, PrimaryVPS not responding for 9 hours, myVPShost downtimes, SolarVPS double-billing, the list just goes on and on.
I've only seen 2 good reviews lately: Wiredtree.com and Imountain.com. JaguarPC gets good comments and that Rocksomething company does too.
What's up with the OTHER providers? Please post your postive reviews with any companies you are with right now. Please don't post any more negative ones, there are too many already
View 14 Replies
View Related
Aug 3, 2007
I'm looking into knownhost and they offer twice the bandwidth in their California option for the same money. Jay from known host said I should pick the one with the best ping times. I'd like to put the information here so someone might perhaps tell me what my best choice is.
I'll put the stats here and then if you could tell me which one is better (Texas vs. California) that would be great.
But if you think that the times between the two are only marginal (both real good), then could you help me decide about getting double the bandwidth for the same price.
I know nothing of course, but the two data centers look like their both giving great speeds (Texas being better though). But perhaps both speeds are great. If that's the case, can anyone tell me why someone would not take the higher bandwidth offer?
Thanks, I really appreciate any help with this!
Here is the info...
Texas (ping):
PING 65.99.213.7 (65.99.213.7) 56(84) bytes of data.
64 bytes from 65.99.213.7: icmp_seq=1 ttl=56 time=1.26 ms
64 bytes from 65.99.213.7: icmp_seq=2 ttl=56 time=1.35 ms
64 bytes from 65.99.213.7: icmp_seq=3 ttl=56 time=1.41 ms
64 bytes from 65.99.213.7: icmp_seq=4 ttl=56 time=1.22 ms
64 bytes from 65.99.213.7: icmp_seq=5 ttl=56 time=1.51 ms .............
View 10 Replies
View Related
Jul 1, 2009
Apache keeps stopping. MULTIPLE times per day! There is no logic to when it dies. But about every 2 hours.
Load stays below .30 and there is free memory available.
This is on a VPS machine. None of the other VPS's are having an issue. Just this one.
Centos release 5.3 (Final)
Apache/2.2.3
Here is what is in the httpd.conf file. I realize the numbers are way too high, but just trying to get this issue to go away.
Code:
<IfModule prefork.c>
StartServers 100
MinSpareServers 100
MaxSpareServers 100
ServerLimit 512
MaxClients 512
MaxRequestsPerChild 4000
</IfModule>
<IfModule worker.c>
StartServers 100
MaxClients 500
MinSpareThreads 25
MaxSpareThreads 75
ThreadsPerChild 25
MaxRequestsPerChild 100
</IfModule>
Here is what is in the /var/log/httpd/error_log file before it dies:
Code:
[Wed Jul 01 18:06:32 2009] [info] server seems busy, (you may need to increase StartServers, or Min/MaxSpareServers), spawning 8 children, there are 98 idle, and 108 total children
[Wed Jul 01 18:08:17 2009] [info] server seems busy, (you may need to increase StartServers, or Min/MaxSpareServers), spawning 8 children, there are 74 idle, and 76 total children
[Wed Jul 01 18:08:18 2009] [info] server seems busy, (you may need to increase StartServers, or Min/MaxSpareServers), spawning 16 children, there are 63 idle, and 63 total children
[Wed Jul 01 18:08:19 2009] [info] server seems busy, (you may need to increase StartServers, or Min/MaxSpareServers), spawning 32 children, there are 79 idle, and 79 total children
[Wed Jul 01 18:11:36 2009] [info] server seems busy, (you may need to increase StartServers, or Min/MaxSpareServers), spawning 8 children, there are 93 idle, and 108 total children
View 5 Replies
View Related
Apr 25, 2009
About the middle of the month I started to get SMTP service down messages from a service monitor site I had signed up with. Initially I wasn't concerned but I started to get at least one notice a day. I decided to monitor the server a bit more closely so I setup a virtual appliance on my home server to monitor SMTP response times a bit more frequently -- I let the monitoring application run for a few days to gather data and noticed an unusual trend.
SMTP response times would spike dramatically during business hours -- up to almost 19 seconds at some times. However after business hours and on the weekends response times would return to normal.
My mail volume is really low for my VPS so I don't think it is the problem -- I even ran a mail stress test and pushed close to 500 messages through in 30 minutes (more than I normally get in a day) and I didn't see any SMTP response time spikes. I have also set up monitors to watch some other sites I have running on shared servers with other providers and do not see any unusual SMTP response issues with them at all.
system information is below:
Linux OS: CENTOS
Kernel Version: 2.6.18-028stab053.4
Hardware Information: VPS (1500MB RAM)
Exim Version: Exim version 4.69 #1 built 16-Mar-2009 16:41:00
Spamd Version: SpamAssassin Server version 3.2.4
running on Perl 5.8.8
Control Panel: CPANEL/WHM
TOP:
------------------------------
top - 13:26:06 up 2 days, 19:23, 1 user, load average: 0.00, 0.00, 0.00
Tasks: 54 total, 2 running, 52 sleeping, 0 stopped, 0 zombie
Cpu(s): 0.0%us, 0.0%sy, 0.0%ni,100.0%id, 0.0%wa, 0.0%hi, 0.0%si, 0.0%st
Mem: 1572864k total, 206196k used, 1366668k free, 0k buffers
Swap: 0k total, 0k used, 0k free, 0k cached
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
1 root 15 0 1984 648 560 S 0 0.0 0:02.76 init
1590 nobody 16 0 61400 22m 10m S 0 1.5 0:07.71 httpd
1992 root 18 0 35112 31m 2196 S 0 2.1 0:15.58 spamd
7196 root 34 19 3744 1768 840 S 0 0.1 0:00.15 cpanellogd
7256 root 18 0 8464 5964 1772 S 0 0.4 0:31.80 tailwatchd
7292 root 18 0 5800 3776 936 S 0 0.2 0:00.00 cphulkd.pl
7321 root 23 0 14684 7580 440 S 0 0.5 0:00.00 cpdavd
7427 root 15 0 15152 12m 1492 S 0 0.8 0:15.25 lfd
7491 nobody 15 0 62004 23m 11m S 0 1.5 0:04.87 httpd
7599 root 15 0 27388 24m 2168 S 0 1.6 0:05.53 spamd
7661 nobody 15 0 61776 23m 11m S 0 1.5 0:03.90 httpd
7907 nobody 18 0 61724 22m 10m S 0 1.5 0:04.60 httpd
9710 root 18 0 3212 1116 576 S 0 0.1 0:00.70 crond
12179 root 15 0 18348 8036 988 S 0 0.5 0:00.67 cpsrvd-ssl
13727 root 15 0 9924 2848 2296 R 0 0.2 0:00.03 sshd
16016 nobody 15 0 60652 21m 10m S 0 1.4 0:05.26 httpd
16017 nobody 15 0 61984 22m 10m S 0 1.4 0:07.89 httpd
-----------------------------
vmstat 5 5
-----------------------------
procs -----------memory---------- ---swap-- -----io---- --system-- -----cpu------
r b swpd free buff cache si so bi bo in cs us sy id wa st
0 0 0 1367104 0 0 0 0 29 6 0 21 0 0 100 0 0
0 0 0 1366616 0 0 0 0 0 0 0 19066 0 0 100 0 0
0 0 0 1366284 0 0 0 0 0 0 0 25372 0 0 100 0 0
0 0 0 1366868 0 0 0 0 4 3 0 19395 0 0 100 0 0
0 0 0 1366904 0 0 0 0 0 0 0 19464 0 0 100 0 0
-----------------------------------
View 3 Replies
View Related
Apr 17, 2009
Has anyone else noticed the support responses from knownhost are taking longer and have less detail and not actually solving the problem on the first email? The service has been great so far but I find they are no longer going the extra mile in their responses?
View 14 Replies
View Related
May 10, 2009
To me, this sounds really strange and really unrelated, hopefully it will ring a bell in somebody-who-reads-this' mind...
After enabled suexec in my webserver (litespeed), every day at two regular times, I notice a ton of crond processes on many different users. This slows down my entire server until they go away and it must be resolved.
I have only recently noticed that it is infact crond processes causing this and I hope I have finally found the correct issue. It causes a chain reaction of events and so I have slowly had to crawl up the chain to find the root of the issue... (high iowait, high swapping, high memory, normal processes taking up more cpu%, etc. etc. ........ crond processes)
I have checked every single file in /var/spool/cron and none of the cron jobs run remotely near these times (except some that run every minute/15 minutes for example). Also, I don't understand how so many crond processes could be made at once. I will make a better rough estimate when it next happens.
What could it be causing this to happen?
View 9 Replies
View Related
Dec 17, 2008
I've checked the average page download time that the Googlebot reports in Google Webmaster Tools and, from what I've seen elsewhere, I think the number is good -- less than 200 milliseconds. However, my pages are compressed and small (>1.5K). This gives me a download time of ~7500 bytes/sec for the Googlebot.
what kind of page download speeds do others get with Googlebot? What's typical/good/bad?
View 2 Replies
View Related
Nov 13, 2008
Apache service auto restart many times ( every minute ).
View 10 Replies
View Related
Feb 7, 2008
httpd.config changed since my server was hacked but they can not control it , they just delete db from mysq and they can not bypass direcoty
i upgrade to 2.2.8 apache
i make full security
but still i get strange problem that i found the httpd.config changed to make the .ht work by override option
i make this:
<Directory "/">
Options all
AllowOverride none
</Directory>
but after day i get it changed to be:
<Directory "/">
Options all
AllowOverride all
</Directory>
i installed mod_security and after a day i get the httpd.config was changed to make mod_secrity not work and also to make :allowoverride all!
i think there is way for attacker to alter httpd.config
i made a lot of security :
1.disable aldot of php function including decode_64base
2.insttal apf
3.mod_security with good rules
4.chmod httpd.config with 600 and i get it changed after a day and i made it 700
to prevent any change occured in httpd.config?
View 7 Replies
View Related
Jul 16, 2007
I recently signed up (just yesterday) with this company on the grounds of pricing and reviews. I especially noted the fact that they respond "in minutes" well. I have opened 2 tickets thusfar:
first:
Created On: 15 Jul 2007 04:54 PM Last Update: 15 Jul 2007 06:06 PM
second:
reated On: 16 Jul 2007 02:25 AM
I am new to the VPS hosting game. Are support times generally longer than with shared hosting? Or am I just encountering some bad luck? To me, you should want to be impressing newly registered customers. Especially concerning support and when the client has stated VPS is new to him.
I am currently on this plan:
Managed
cPanel - Platinum
450GB 512MB 1.5GB 30GB 2 IPs cPanel: $44.95
Any others out there with quick support times (livechat?) and a comparable package/price? (price is important)
View 14 Replies
View Related
Apr 8, 2008
I bought a VPS package hosted at Hosting-IE from someone I knew, since they were not going to be able to use it. Its a linux VPS, and it's done me well. Based on that I decided to purchase my own package, a Windows VPS.
After payment, I messaged support about a broken auto response email they sent out, then asked how long server setup time should be. They responded 1-2 working days. Fine.
Well, its been 7 days since then. I'm 1/4 of the way through the month I've paid for, and still no VPS. I messaged them back asking for my server or a refund, no responses since then.
My previous host set up my dedicated box within a working day, and that involved setting up the hardware too. Over a week for a VPS is too long.
Is my experience with Hosting-IE abnormal or should I be demanding my loot back? Is there any other VPS provider out there that can offer me similar stats at the same price as Hosting-IE?
for a simple package setup, this has gone on for far too long.
View 14 Replies
View Related
Jul 5, 2007
Some of the e-mails I send are received several times by my recipients. I use Outlook Express. I send the e-mail only once but some people are complaining that they receive the same message as many as 10 times sometimes. Do you know what can be causing it?
View 1 Replies
View Related