Hackers: Bad. Host Gator: Good.

18 replies
I woke up to an inbox full of messages from Host Gator today that someone hacked into and was using three of my accounts to spam. I am grateful that not only did they know it wasn't me, but they changed my passwords, removed the offending scripts, and let me know.

My passwords were already fairly secure ones (at least most of them), but I changed them all anyway. Thought this might serve as a good reminder to others who are either using wimpy passwords or haven't changed them lately.
#bad #gator #good #host #spackers
  • Profile picture of the author bydomino
    I have seen this many times. While is it possible to get your FTP username and password usually this kind of attack come from poorly written code.

    Run a Google search on the apps that you have installed and the work hack or exploit. you will be surprised. Also make sure your web apps are all up to date

    Hacker run searched on know exploitable web apps and when they find them they just run their hacks and whallah they can dump some script on your site. They then run that script and it is like they a re logged in as you but they have never FTP'ed.

    It is great the HG did the work for you but I would think that they will come back if you do not shut the door, SLAM the door.

    FYI here are a few excerpts from one such hacking site:

    ====================
    this is targeted at a Joomla component but you can find them for most anything

    Joomla Component JA Job Board Multiple Local File Inclusion Vulnerability

    Exploit
    http://localhost/[path]/index.php?option=com_jajobboard&view=[LFI]
    http://localhost/[path]/index.php?option=com_jajobboard&controller=[LFI]

    Point in
    http://localhost/[path]/index.php?option=com_jajobboard&view=../../../../../../../../../../etc/passwd
    http://localhost/[path]/index.php?option=com_jajobboard&controller=../../../../../../../../../../etc/passwd

    Once they run this they can launch browser tools input and run their own code.

    ================

    Keep your code updated and search for exploits for what you have and you should be fine!

    I hope this helps
    {{ DiscussionBoard.errors[2123214].message }}
  • Profile picture of the author Laura B
    Thanks, Kevin! I appreciate the tips and I will use them!

    Incidentally, I just came from this thread which shows Host Gator gets a demerit for having Anonymous FTP enabled by default. I just went through and disabled it for every single one of my sites.

    So: Hackers/spammers still bad, Host Gator mostly good.
    Signature
    Free ebook: Affiliate Marketing: Just the FAQs
    Affiliate marketing for brand spankin' newbies
    {{ DiscussionBoard.errors[2123273].message }}
  • Profile picture of the author EndGame
    Edit: Thanks for the word change. Appreciate it.
    Signature
    "Better a student of reality than a master of illusion"
    {{ DiscussionBoard.errors[2124862].message }}
    • Profile picture of the author Laura B
      Originally Posted by EndGame View Post

      I don't want to be "that guy" but I am pretty surprised/appalled at the use of the word "spackers" in this post.

      I am not sure if it has the same meaning in the US as it does the UK, but having a couple of disabled family members, I absolutely hate this kind of terminology.
      I'm really sorry - I had no idea it had a bad connotation. I've only seen it in reference to a combination of spammers and hackers.

      I've changed my post - looks like a mod already changed the title. Again, I apologize for not knowing it was offensive elsewhere.
      Signature
      Free ebook: Affiliate Marketing: Just the FAQs
      Affiliate marketing for brand spankin' newbies
      {{ DiscussionBoard.errors[2125080].message }}
      • Profile picture of the author donhx
        Originally Posted by Laura B View Post

        I'm really sorry - I had no idea it had a bad connotation. I've only seen it in reference to a combination of spammers and hackers.

        I've changed my post - looks like a mod already changed the title. Again, I apologize for not knowing it was offensive elsewhere.

        This is off-topic, but relevant. I have been a professional writer for over 30 years, and I've never run into the word "Spacker" before. I've spent a dozen years in the UK and NZ and I can honestly say I never heard anyone use it. Also, it is not an American word so your usage was understandable.

        I don't think you should feel too bad for unknowingly using it in the context you did, Laura. However, now that we know its meaning to others, it's best no one uses it. We learn new things and useful things every day. Urban Dictionary: spacker
        Signature
        Quality content to beat the competition. Personalized Author Services
        {{ DiscussionBoard.errors[3885153].message }}
        • Profile picture of the author Steve Garratt
          Originally Posted by donhx View Post

          This is off-topic, but relevant. I have been a professional writer for over 30 years, and I've never run into the word "Spacker" before. I've spent a dozen years in the UK and NZ and I can honestly say I never heard anyone use it. Also, it is not an American word so your usage was understandable.

          I don't think you should feel too bad for unknowingly using it in the context you did, Laura. However, now that we know its meaning to others, it's best no one uses it. We learn new things and useful things every day. Urban Dictionary: spacker
          I have lived in the UK for 55 years and never heard the word "Spacker" used in any way. There are similar words that have negative meanings but this is not one of them. Perhaps I have missed it in the PC manual.
          Signature
          Please visit my blog and if you have an interest in electronics then please join me at Home DIY Electronics
          {{ DiscussionBoard.errors[3885509].message }}
        • Profile picture of the author tpw
          Originally Posted by donhx View Post

          This is off-topic, but relevant. I have been a professional writer for over 30 years, and I've never run into the word "Spacker" before. I've spent a dozen years in the UK and NZ and I can honestly say I never heard anyone use it. Also, it is not an American word so your usage was understandable.

          I don't think you should feel too bad for unknowingly using it in the context you did, Laura. However, now that we know its meaning to others, it's best no one uses it. We learn new things and useful things every day. Urban Dictionary: spacker

          I thought this definition page was a bit more detailed and accurate:
          Spastic - Wikipedia, the free encyclopedia
          Signature
          Bill Platt, Oklahoma USA, PlattPublishing.com
          Publish Coloring Books for Profit (WSOTD 7-30-2015)
          {{ DiscussionBoard.errors[3885875].message }}
          • Profile picture of the author donhx
            Originally Posted by tpw View Post

            I thought this definition page was a bit more detailed and accurate:
            Spastic - Wikipedia, the free encyclopedia
            Yes, the article you cite is far more intelligent. The one I quoted was more at street level, and it was interesting to see the variety of ways the term is used (column off to left on that page). Notably, my source said it was one of the worse words a 7 year old English schoolboy could use. That may be why adults don't hear it all that much.

            Words never cease to fascinate.
            Signature
            Quality content to beat the competition. Personalized Author Services
            {{ DiscussionBoard.errors[3885929].message }}
    • Profile picture of the author AllAboutAction
      deleted - no longer relevant
      Signature

      {{ DiscussionBoard.errors[2125093].message }}
  • Profile picture of the author DamianK
    Wow, thanks. I'll keep that in mind. On my hostgator account my password is rated so-so. Guess I'll bump it up a notch.
    {{ DiscussionBoard.errors[2125098].message }}
  • Profile picture of the author RogerAderholdt
    I feel your pain... lucky for you I guess you had Hostgator.

    I had almost 100 websites with 1and1.com

    Got Hacked and all my websites were BLOCKED by google becasue some script had been added to all the Domains.

    Ended up having to change Hosting companies... now HOSTGATOR and reload all the websites.

    Talk about a BAD WEEK, lol.

    This all happened right after I used Wordpress on one of my websites for the 1st time. Not sure that had anything to do with it...

    BUT... it makes me not trust Wordpress or any FREE Add-ons.

    Nothing is for FREE, lol...
    Signature
    Get entire State B2B Leads for only $20.00 or get 1,000 Surveyed MLM Leads for your business for only $20.00. Check it out at: http://www.mlmleadsbusiness.com/
    {{ DiscussionBoard.errors[3884772].message }}
    • Profile picture of the author iAmNameLess
      Originally Posted by RogerAderholdt View Post


      This all happened right after I used Wordpress on one of my websites for the 1st time. Not sure that had anything to do with it...

      BUT... it makes me not trust Wordpress or any FREE Add-ons.

      Nothing is for FREE, lol...
      Whoa... what? FREE addons are as safe as commercial. In fact, nearly every site that is linked up with mysql can easily be hacked... very easily. If a commercial extension makes you feel better, then great, but you're just paying for something that has an equal chance of being exploited.
      {{ DiscussionBoard.errors[3885039].message }}
  • Profile picture of the author seobro
    PoizonBOx hacked my sites ages ago. They would replace my front pages with profanity and porn. Lately, however, there are few attacks on HTML pages. Most are against mysql program. This is using injection methods so I recommend using HTML pages. Please remember to stay on top of all your pages. Hax can crush your pr.
    {{ DiscussionBoard.errors[3885015].message }}
  • Profile picture of the author iAmNameLess
    So... do people roam around this board acting as the politically correct police among people from different countries with different meanings of nearly every word. Come on now... give it a rest, obviously she meant no harm.

    Glad they acted fast enough for you!
    {{ DiscussionBoard.errors[3885034].message }}
  • Profile picture of the author Peter Clark
    This has happened to me before, also with wordpress, also with hostgator. Besides having them delete the malware, changing passwords, installing security, etc is there anything else one can do to protect their wordpress blogs? I've heard you should delte the "readme" file for all of your wordpress sites, how does one do that?
    {{ DiscussionBoard.errors[3885277].message }}
  • Profile picture of the author Vendor-Lock
    I'm always amazed that there are Idiots out there that spend there time and mind power on screwing over other people online, when it's just as easy to run a legit business that makes just as much money all while HELPING people and creating good Karma for yourself.

    Some people's children ! ; \
    Signature

    See why Hundreds of Warrior Forum Members are using this! ==>Get Yours NOW CLICK HERE <==
    Rave Reviews From Warriors Using This Service For Years Now ! Full Autoresponder/Hosting Done For You! Read for Yourself !

    {{ DiscussionBoard.errors[3885421].message }}
  • When isn't Hostgator getting hacked? They must be one of the most-hacked hosting providers on the internet.

    But I'm glad it worked out for you.
    {{ DiscussionBoard.errors[3885437].message }}
  • Profile picture of the author g36
    That sucks. I also once got hacked, but my email address. The hacker changed the password and security questions. I myself have no idea how's that happened. I always use combination of letters+numbers+symbols in my passwords for important accounts and every password is different to another.

    Luckily I was able to recover that email.
    Signature

    :)

    {{ DiscussionBoard.errors[3886053].message }}

Trending Topics