看吧，老外官网抱怨GD主机被攻击，要换主机了

lxy1979

看吧，老外在官网抱怨GD主机老出问题，说要换空间商了.
This has been quite a few days giving me grey hair.
After 3 days with hosting problems on Godaddy, two of my sites (one Wordpress and one Drupal) were hacked just an hour ago.

It is the same type of attack as those back in May, injecting malware into the .php files.

While I cured the hack in minutes with a script I described here:
http://www.blogtips.org/godaddy-hacked-again-another-way-to-cure/
this has been the final desillusion.

I am a one man show with a dozen sites hosted on Godaddy. Back in May, I was hacked a dozen times. In July, I had 2 weeks of downtime (on and off) on several of my sites due to hosting performance issues and server issues.

And now this week's downtime and tonight's hacks...

Next weekend, I am starting to move my sites to another hosting service. I just can not allocate the time to monitor and cure my sites and spend hours on the phone with support. I'd rather pay a bit more, but sleep well at night.

After two years of running sites on Godaddy, I don't have good words of how your hosting services are run. Simple as that. Your telephone support does its best, but it is the way you configure and monitor your shared hosts that is not up to par.

Peter

[ 本帖最后由 lxy1979 于 2010-9-18 12:32 PM 编辑 ]

lxy1979

这是客服的回答:
Dear petercasier,

I am sincerely sorry to hear about your experience and the issues that have been encountered today. I can completely understand the frustration and the desire to move your hosting.

However, I must ask due to the complicated nature of our earlier downtime that you please contact our Live Support so we can thoroughly investigate the attack of your sites. We do take hacking attempts seriously and attempt to make every effort possible to secure our sites from such activity. If this hack had occurred during our downtime today, we would like confirm if the issues may have been related to the same cause so that appropriate measures can be taken.

Our Live Support Department is available 24/7 for you to provide all of the information we need to properly investigate this matter and can be reached at:
http://community.godaddy.com/support

Christopher G.

lxy1979

老外又说:
The hack happened just after the downtime, but one of the sites that was hacked, was not on the affected servers that suffered from the downtime (actually it was the only site which did not go down during the downtime).

I cured it with the script in the post with link above.

Peter

lxy1979

客服又回答:
Dear petercasier,

I appreciate the information. However, we would still like to investigate this matter further so that appropriate measures can be taken; even if the issue has already been addressed through your referenced script. I would strongly urge contacting our Live support if you have not already done so.

Unfortunately, I cannot submit ticket to investigate this matter through the Community Forums as I do not have direct access to your account. We also need validation and permission to access your accounts for this investigation which can only be provided through our Live support department.

Christopher G.

lxy1979

Same just happened to me. Same Base64 code. All PHP files infected. It's an easy fix, but it's annoying because I thought this security hold got fixed back earlier this year

add.c

WordPress漏洞吧 之前有曝光一次