12 {{ upvoteCount | shortNum }}
12 {{ upvoteCount | shortNum }}

The hacked website that never was

by Harvey Segal
10 replies
I received a (genuine) message from my hosting company
that my site had been hacked viz
Action: account password changed, mail queue cleaned.
Reason: spamvertised site
Additional info:
This account password was stolen/leaked. Then hackers tried
to use it to upload bad stuff. We have reset this account
password.
It turns out that I had mass mailed my list and
included a link to a site which was not hosted by them.

Apparently this COULD indicate a hacking attempt.
There actually was no hack.

Is this a common practise with hosting companies ?


Harvey
#hacked #website
  • Profile picture of the author Floyd Fisher
    Originally Posted by Harvey.Segal View Post

    I received a (genuine) message from my hosting company
    that my site had been hacked viz
    Action: account password changed, mail queue cleaned.
    Reason: spamvertised site
    Additional info:
    This account password was stolen/leaked. Then hackers tried
    to use it to upload bad stuff. We have reset this account
    password.
    It turns out that I had mass mailed my list and
    included a link to a site which was not hosted by them.

    Apparently this COULD indicate a hacking attempt.
    There actually was no hack.

    Is this a common practise with hosting companies ?


    Harvey
    Harvey:

    You're lucky. Most hosts would suspend your account for that.

    Unless you're on a dedicated server, you are limited as to how many emails per hour you're allowed to send. My limit is 500 emails per hour.

    More than likely what they saw was an amount of emails going out per hour than allowed as per their TOS.

    Here's what to do about it.

    1. Find out how many emails per hour max is allowed by your hosting company. If they won't tell you, find another hosting company asap.

    2. Switch autoresponders to the latest version of ARP, and set the 'load balancing' to half the max you found out from your hosting company. If you can't switch, get hire an ace programmer, and have him put what is called 'load balancing' in your email client (if they don't know what that is, they are not the programmer for the job), and set that to half of what your hosting company allows.

    If you need help with any of this, PM me, and I'll guide you through it.
    {{ DiscussionBoard.errors[1794601].message }}
    • Profile picture of the author Harvey Segal
      Originally Posted by Floyd Fisher View Post

      You're lucky. Most hosts would suspend your account for that.

      Unless you're on a dedicated server, you are limited as to how many emails per hour you're allowed to send. My limit is 500 emails per hour.

      More than likely what they saw was an amount of emails going out per hour than allowed as per their TOS.
      That wasn't the problem at all.

      I do send out our emails within the accepted limit.

      The problem was a link to a site not hosted by them.


      Harvey
      Signature
      {{ DiscussionBoard.errors[1794674].message }}
      • Profile picture of the author Floyd Fisher
        Originally Posted by Harvey.Segal View Post

        That wasn't the problem at all.

        I do send out our emails within the accepted limit.

        The problem was a link to a site not hosted by them.


        Harvey
        Really?

        If that is in the TOS, get out of there now! Heck, you could get in deep trouble linking to a cool youtube video, not smart on their part.
        {{ DiscussionBoard.errors[1794727].message }}
  • Profile picture of the author Dennis Gaskill
    I've had a host shut down my autoresponder software for sending too many emails too fast, but never had them change my password.
    Signature

    Just when you think you've got it all figured out, someone changes the rules.

    {{ DiscussionBoard.errors[1794617].message }}
  • Profile picture of the author Dennis Gaskill
    You can easily work around that by sending cloaked links. Never heard of a host being that cautious though.
    Signature

    Just when you think you've got it all figured out, someone changes the rules.

    {{ DiscussionBoard.errors[1794692].message }}
    • Profile picture of the author Harvey Segal
      Originally Posted by Dennis Gaskill View Post

      You can easily work around that by sending cloaked links. Never heard of a host being that cautious though.
      Yes - my links in the past have always been to my own site
      or redirections from my own site.

      In this case I referred to my forum which is hosted
      with another host.

      I've agreed with them that it's OK to do this with
      a redirected URL.

      But doesn't this practise have serious implications ?

      Suppose you want to provide a naked link to say the Warrior forum

      Harvey
      Signature
      {{ DiscussionBoard.errors[1794704].message }}
      • Profile picture of the author Dennis Gaskill
        Originally Posted by Harvey.Segal View Post

        Yes - my links in the past have always been to my own site
        or redirections from my own site.

        In this case I referred to my forum which is hosted
        with another host.

        I've agreed with them that it's OK to do this with
        a redirected URL.

        But doesn't this practise have serious implications ?

        Suppose you want to provide a naked link to say the Warrior forum

        Harvey
        Serious implications...hmm, I haven't thought it through, but my first thought is that it could actually be a good thing. I don't know what mailing list software you use, but I actually moved my list to Aweber when I first started out because mine was hacked.

        I lost about 1,000 subscribers from the pornospam that was sent to my list, and I only had about 1,500 at the time (like I said, I was new). If my host would have shut down that pornospam email because it contained off-site links, it probably wouldn't have cost me 66% of my mailing list.
        Signature

        Just when you think you've got it all figured out, someone changes the rules.

        {{ DiscussionBoard.errors[1794736].message }}
  • Profile picture of the author Marhelper
    I am confused by this. If I use Aweber and my list is on their site and they send the email blast out for me what does that have to do with my hosting acct (forgive the ignorance)?
    Signature
    {{ DiscussionBoard.errors[1794735].message }}
    • Profile picture of the author Harvey Segal
      Originally Posted by Marhelper View Post

      I am confused by this. If I use Aweber and my list is on their site and they send the email blast out for me what does that have to do with my hosting acct (forgive the ignorance)?
      I use ARP on my own host

      Harvey
      Signature
      {{ DiscussionBoard.errors[1794769].message }}
  • Profile picture of the author amandafrei
    I've got banned one time. But it was a long time ago. And I was sending SPAM around.

    It was in the earlier years. And I was pretty stupid to try that with a normal hosting account.
    {{ DiscussionBoard.errors[1794826].message }}

Trending Topics