My 19 WP websites were hacked at Just Host...

by mmixon
55 replies
Well, I had 19 wp websites at Just Host. They were hacked by some low life from Pakistan. When a website gets hacked, is it my fault or the host? I had a 18 digit password, but they were hacked anyway.

Dealing with Just Host "customer support" (if you could even call it that) was maddening. I finally gave up and just closed the account. I hated to lose the websites, but just couldn't get them cured, and was afraid to transfer them to another host. I didn't know what the hacker may have planted there for later use.

I read all the negative reviews here at the Warrior Forum about Just Host, but only AFTER I had set up the account and had several websites up and going. Wish I had read it before.

I plan on taking advantage of Host gator's Black Friday offer to get back on track.
#hacked #host #websites
  • Profile picture of the author Bill Eliott
    This a treacherous occurrence . What would drive a hacker to take down 19 sites , what is the incentive ?
    I must take a tour of Just Host.
    Thanks for the heads - up .
    {{ DiscussionBoard.errors[2921398].message }}
  • Profile picture of the author enterpryzman
    This has happened to me and the most important site of the group I was able to grab from the internet archives and simply re-build it on another host.

    Good luck,
    Enterpryzman
    {{ DiscussionBoard.errors[2921405].message }}
  • Profile picture of the author Rus Sells
    I had that happen, some hacker injected code into my sites files. You host should have ran a security scan and could have removed the files.

    Your vulnerability was most likely a weak FTP user name and password.
    {{ DiscussionBoard.errors[2921415].message }}
    • Profile picture of the author Defunct
      There are many ways to get hacked.

      You should basically back up, scan the back ups for malicious code.

      Then re-install all the cpanels from scratch.

      Your host should be able to do all this, except can the files.

      Sometimes its Wordpress's fault and sometimes it's yours.
      {{ DiscussionBoard.errors[2921642].message }}
      • Profile picture of the author sportsfan54
        Always good to back up your sites... But seriously, people hacking other peoples websites and for what???

        Hackers need to GET A LIFE!!

        People spend countless hours on making their websites then some loser probably with no life, 30 years old, no gf, no friends, still lives at home in his parents basement hacks the site and ruins everything.

        Is that supposed to make themselves fell good? (Ya look at me!! I can sit in front of my computer all day and hack peoples sites, instead of going out and socializing with human beings.

        This world is filled with idiots who do stupid actions and don't care what the results do to other people.
        {{ DiscussionBoard.errors[2921729].message }}
        • Profile picture of the author chrisscott
          Well I didn't get that why Just Host wasn't able to help you restoring your sites.

          Whether these domains under single account if yes then they can easily track it and restore.

          I've recently came across to know from my friend who got 2 sites under same account at GoDaddy. The account was hacked and with the coordination of GD support team he was restored his account safely, luckily the hacker didn't damage any thing.
          {{ DiscussionBoard.errors[2921779].message }}
        • Profile picture of the author Justin Says
          Originally Posted by sportsfan54 View Post

          Always good to back up your sites... But seriously, people hacking other peoples websites and for what???

          Hackers need to GET A LIFE!!

          People spend countless hours on making their websites then some loser probably with no life, 30 years old, no gf, no friends, still lives at home in his parents basement hacks the site and ruins everything.

          Is that supposed to make themselves fell good? (Ya look at me!! I can sit in front of my computer all day and hack peoples sites, instead of going out and socializing with human beings.

          This world is filled with idiots who do stupid actions and don't care what the results do to other people.
          I agree but I will say that usually a hacker has another motive. It's not always just to screw around.

          Many times a website could be hacked and you'll never know about it.

          Imagine if you had a website that was massive and someone went in and just changed a few affiliate links or payment buttons. In my eyes, that's my biggest fear.
          Signature

          My name is Justin Lewis, with Business Optimizer I've been in business for 6 years online with multiple six figure years, here are the tools that have helped me the most: Increase your reviews with this free Review Handout

          {{ DiscussionBoard.errors[5939896].message }}
  • Profile picture of the author AdiPurush
    I have used Just host once and can't even think of using them again.
    {{ DiscussionBoard.errors[2921844].message }}
    • Profile picture of the author Luis Medilo
      A similar thing happened to me. Six of my websites in one shared hosting account got infected by a virus. I think this happened when my computer got infected by a Trojan and I had to reformat everything after that. Does the virus gain access to my hosting account through my FTP client?
      {{ DiscussionBoard.errors[2922152].message }}
  • Profile picture of the author theentry
    It happened to me also.. if they can hack one Wp on your server then they can hack all of them using the same version/plugins.. Make sure to protect your wp-admin folder via .htaccess password!
    Signature
    Nifty Stats - the best free software to track your progress
    at multiple affiliate programs within one interface. Give it a try!
    {{ DiscussionBoard.errors[2922161].message }}
  • Profile picture of the author xtine
    How did they do that? They must be experts on hacking other systems or maybe might be your ftp. If I were you I'd choose not to register again your account in that same host.
    {{ DiscussionBoard.errors[2922237].message }}
  • Profile picture of the author celente
    let this be a lesson to all newbies, who already have lots of think about ....to think about making you site secure. I have had viruses, and hacked once and it took months to recover and lost about 5k in sales if I remember correctly.

    Good luck in fixing it dude.
    {{ DiscussionBoard.errors[2922267].message }}
  • Profile picture of the author Mar
    Many web hosts have a daily, weekly or monthly backup of your web site; you can run backups from cpanel of all your scripts and files any time you want. Finally there are services which you can buy to have off-server backups of your site(s) done on a daily basis.

    If your server has been hacked more than once over the last few months, be aware that the files may have been corrupted the first time and probably have traces of the hacked files in the database, ready to be accessed.

    Keeping wordpress up to date is one of the first ways to keep the server secure; it should be an easy, one-click upgrade from cpanel.

    When I install wp nowadays using fantastico or scriptaculous or installatron (all come with various versions of cpanel hosting) I make some modifications:

    - there is a default prefix for the database (usually wp) - I now change that to something different.
    - there is a default admin name (usually admin) - I now change that to something a little more obscure (eg FranklyFred)
    - I always try to make the admin password as secure as possible .....
    - there is a default setting for table prefix (usually wp) - I now change that to something different

    Once I have wordpress installed, I now try and obscure as much of the wordpress "footprint" as possible (sorry, wordpress, but it's just too easy to find the "powered by wordpress") .... I remove the default links and the admin login from the sidebar and I also install a theme which doesn't have the "powered by wordpress" link in the footer.

    On shared servers you are relying on everyone upgrading all scripts on their sites - unfortunately, that can be a forlorn hope. How many times have you installed a test installation to see how some plugin or theme looks and then left the installation on the hosting account, mouldering away, with a very old version of wordpress vulnerable to attack?? ... or many other scripts, for that matter.

    It's up to each and every one of us to view web hosting accounts as vulnerable; hackers are all around, just waiting to pounce. Some hackers only want the fun of disrupting a server; others are hacking to use our computer power to send out spam using our bandwidth .... and many other, much worse stuff.

    Changing passwords once a month can help - but it's a total pain in the ...s

    Mar
    {{ DiscussionBoard.errors[2922271].message }}
  • Profile picture of the author sbucciarel
    Banned
    Sorry that happened to you. There might have been a fix, but certainly justhost should have been able to give some advice. They are the worst hosting around. I'm one who gives a very negative review of them. Advice to all. Stay away from JustHost. Hostgator and Hostmonster both have incredible support.
    {{ DiscussionBoard.errors[2922292].message }}
    • Profile picture of the author Emmanuel ED
      Originally Posted by sbucciarel View Post

      Sorry that happened to you. There might have been a fix, but certainly justhost should have been able to give some advice. They are the worst hosting around. I'm one who gives a very negative review of them. Advice to all. Stay away from JustHost. Hostgator and Hostmonster both have incredible support.
      Yeah, Lots of Negative Reviews about Justhost - wouldn't use them even if they offered a 99% Wednesday Sale.

      I've never had a Hacked Site, I guess that's primarily because I've got all my sites with Hostgator.

      Strong Passwords help too but 89% of the time, it's the fault of the Host.

      These hackers amaze me, really.
      {{ DiscussionBoard.errors[2926604].message }}
      • Profile picture of the author DireStraits
        Just to clarify a little something here.

        If hacked servers at Just Host (or any specific host) are really this common an occurence, then it could be due to extreme negligence on their part as far as their security auditing, monitoring and hardening are concerned.

        But it could be that they're doing everything "right" (as well as it's possible to), and yet just have just chosen a pretty crappy architecture (their choice of software, and what not); one which is more prone to being hackable, no matter the lengths one goes to to attempt to avoid such catastrophies. Even so, that's part of their decision, if they decide to stick with it - and therefore still a reflection of their own negligence. Albeit something a little further removed.

        If that is the case, they should be seriously thinking about overhauling their whole setup.

        But, even so, shared hosting is more prone to this type of thing, for obvious reasons.

        When you become a customer of a shared host, and have an account on their servers, it's a bit like giving all bank branch employees a key to the vault. It's unlikely any of the staff themselves are going to pull a fast one, but that isn't to say that those who are particularly gullible, easily manipulated or lackluster in their concern for the bank's security cannot inadvertently act as a medium through which some smart robber could gain entry to the vault.

        And this is the biggest problem for shared web hosts. Customers who run insecure PHP/CGI/Perl/whatever scripts without caution or a care in the world can be increasing the vulnerability of not only their own accounts and data, but that of other customers' too.

        There is very little web hosts can do about this except educate their customers about the importance of keeping things up-to-date, and of being aware. But most web hosts don't like to burden their customers on an ongoing basis with such concerns - instead opting to oversee things as best as they can, and address such blatant issues on a case-by-case basis. And I imagine that most customers prefer the idea of releasing themselves of such obligations - after all, they're paying for a web hosting service, not to do the work of web hosts. (Except that it isn't, or shouldn't just be, the work of web hosts).

        If you buy a car, you're expected to be able to drive it properly and safely, not only for your own safety, but also for that of other road users. And if you crash and potentially hurt or kill someone due to poor driving skills or negligence, you can't just release yourself of any and all responsibility for that. Measures (such as the requirement of a drivers licence, and "highway codes") enforced by authorities can only go so far as to protect people and maintain order, for as long and as effectively as the road user himself abides by them.

        Unfortunately, many of the "ultra-secure" hosting architectures aren't those released and distributed under the GNU licence, or by the open-source community. They're privately and commercially "formulated", and any hosts using them will reflect that in their prices. They will not be anything close to approaching cheap or budget, and they probably won't be making claims of "unlimited / unmetered / unrestricted" anything.

        So if you chose a cheap host, and you're extremely negligent - and are expecting other customers to be so - you're probably going to have to expect or at least accept that hacking occurs from time-to-time.

        And just as it may not be your fault when probems like this occur, and you're not responsible for the shortcomings of that host's other customers, you do have control over the type of hosting you choose, and the amount you're prepared to pay for a service.

        There is some (well - a large) degree of truth in the saying "you get what you pay for".

        You should always keep backups of your data/sites anyway, but it's even more important when you're effectively operating in a shared environment, where shared responsibility and accountability, shared trust and - more importantly - shared consequences are an intrinsic feature or requirement of that platform.
        {{ DiscussionBoard.errors[2926678].message }}
  • Profile picture of the author DireStraits
    Originally Posted by Chris Kent View Post

    Hacking happens to almost everyone from time to time. Could be twice a year, could be once every two years.

    If you run any script (e.g. Wordpress) then you immediately make yourself much more likely to be hacked. Or to put it another way, if you only use static web pages like XSite Pro, you stand WAY less chance of being hacked.

    If you use many plugins with Wordpress like I see often here, you make yourself more likely to be hacked. Guess what - I don't use any! Who needs any? Ask yourself what you "need" as opposed to what you "like".

    Back up regularly.

    Learn basic things about how web hosting works. Don't be ignorant after years of using hosting and not learn a single thing because you simply don't want to.

    I used to work in IT Support and would deal with the same people, again and again, for basic problems. 5 minutes of learning (which I often forced on them) would save them hours and maybe days in their lifetime. Yet they chose to be lazy and wallow in their own ignorance, until I forced it upon them. "IT" or "tech" is often an excuse to be ignorant, don't let it be for any of you guys or you will pay for it.
    ^ Agreed about the customer service thing, LOL.

    I used to be a web-host (and fortunately never had any of my servers seriously compromised in the time I was, I might add ), and I'd have some customers email me routinely, asking me to do everything from uploading their website, to installing/fixing their scripts, to making personal backups for them (:confused, to putting a new innertube in their bicycle tyre (well, almost).

    They seemed to revel in their lack of understanding anything, and their resistance to learning was something really quite frustrating (not to mention puzzling: why do people want to remain clueless, when often in life that often means being at a disadvantage?).

    I had to draw the line somewhere, quite often, or else I'd end up doing work way beyond what would've been regarded as reasonably within the scope of support that even the most helpful of web-hosts would be expected or willing to provide. (And often I ended up doing just that.) :rolleyes:

    That said, when hosting (and particularly "shared hosting") is concerned, you can only take your backups and keep your scripts secured/up-to-date, and hope for the best. Hopefully the host has everything else security-hardened on their side. If you're sharing servers with others' (and depending on a particular host's architecture - but particularly in the case of cheaper hosts), there's always the unfortunate possibility that other customers whose knowledge or concern is lower than yours leads to their website / scripts becoming the entry-point for hackers; one who then goes on to wreak havoc and destruction for everyone else.

    Just one of the drawbacks of shared hosting, coupled with other customers' ingnorance, incompetence or sometimes careless nature.
    {{ DiscussionBoard.errors[2922326].message }}
  • Profile picture of the author Kevin McNally
    Any site can get hacked unfortunately, I have an account with Just Host and have had no problems but the real test comes when you have to use their support system of course.

    I also had accounts hacked with 2 other hosts but fortunately they were back up quickly. If you have wordpress blogs there are a number of ways this can get hacked.

    Best to spread your domains and hosting in case all your money sites go down.
    {{ DiscussionBoard.errors[2922368].message }}
    • Profile picture of the author Mar
      One of my server support guys tells me that php scripts in general seem to have less inbuilt security than cgi-perl scripts ..... because I don't do scripting, I can't comment; just trying to keep everything up to date is the best I can do.

      M
      {{ DiscussionBoard.errors[2922477].message }}
  • Profile picture of the author c4newworld
    Originally Posted by mmixon View Post

    Well, I had 19 wp websites at Just Host. They were hacked by some low life from Pakistan. When a website gets hacked, is it my fault or the host? I had a 18 digit password, but they were hacked anyway.

    Dealing with Just Host "customer support" (if you could even call it that) was maddening. I finally gave up and just closed the account. I hated to lose the websites, but just couldn't get them cured, and was afraid to transfer them to another host. I didn't know what the hacker may have planted there for later use.

    I read all the negative reviews here at the Warrior Forum about Just Host, but only AFTER I had set up the account and had several websites up and going. Wish I had read it before.

    I plan on taking advantage of Host gator's Black Friday offer to get back on track.
    I have a cpanel reseller hosting and yes anybody who is using a cpanel hosting can get hacked by their own host. Like just host, I can give you a reseller hosting account and I will have access to all your files and databases. I can clone your website. So in buying a a hosting account , it should be reputable hosting company. There are some posible reasons why you got hacked.
    1. Somebody knows your log in info did it. ( Did you gave access to someone to use your hosting account e.g. a VA or someone who works for you.
    2. Someone who works on that hosting provider did it.

    Posible reasons for hacking your account

    1. Somebody is angry at you.
    2. You have some valuable files on your account like script license and databases.
    3. Somebody likes doing it.
    3. Somebody simply is interested to hack your account.

    I am interested on this thread because I am trying to find a good host that will never try to still my files. And am thinking that justhost is a reputable one. You should tell justhost that your account has been hacked cause it might be from their own employees and they might find ways to protect their clients. All I know is justhost is a reputable one.
    {{ DiscussionBoard.errors[2922511].message }}
  • Profile picture of the author Crew Chief
    Originally Posted by moshecogan View Post

    Your vulnerability was most likely a weak FTP user name and password.
    [Off Topic, Sort of]

    Moshe, I wonder if Areeb of SEnuke would take kindly to your advertisement about your services?

    Yes, we were the first team who cracked Senuke v4. Since that time we released cracks for all future versions.

    SEnuke 7 Crack (xxxxxx.xxx)

    Now we offering our private crack for SEnuke 7 to limited number of customers.
    The rules are:
    • Crack costs $10 per week. Payments are automated, by paypal
    • All updates are free.
    • You are allowed to use crack on 3 PCs
    • You can cancel your subscription at any week.

    Click here to visit xxxxxx.xxx and download Senuke X Crack

    SEnuke X will be released in November-December 2010 and of course we will provide it to our customers too.
    It will be also a private crack released in our members area for current customers. So, you have a time to signup still :-)

    Click here to visit xxxxxx.xxx and download
    The OP has just shared his exasperations with getting hacked and here you are selling methods on cracking software and additionally, illegally selling access to a very popular IM software.

    Please explain the integrity in your conduct sir?

    Or, is the disconnect so large that you have no compunction about advertising how to steal other people's creations and products?

    Apparently not based on your advertisement soliciting business to crack other people's software...

    New Software Request rules:
    1. Project minimal price: $50
    2. Final price depends on protection (usually is $100-250).
    3. A minimal pre-payment of $50 is required.
    4. We always refund full amount if fail to crack software.
    5. Proceduce takes up to 2 days after your pre-payment was received.
    6. We provide proofs before asking for full payment: screenshots, videos, test cracked versions.

    Send your crack requests or any questions to: xxxxxxxxxxxx@gmail.com.
    Oh, so does that mean if someone paid you to hack into the OPs hosting account that you would do it?

    While you are forming your responses, for those of you who wonder why hackers and crackers do what they do and how they do it, you have one real good illustration right here!

    Giles, the Crew Chief
    Signature
    Tools, Strategies and Tactics Used By Savvy Internet Marketers and SEO Pros:

    SEO G.O.L.D. = Genuine Overall Link Diversity
    {{ DiscussionBoard.errors[2923205].message }}
    • Profile picture of the author Richard Van
      c4newworld;I am interested on this thread because I am trying to find a good host that will never try to still my files. And am thinking that justhost is a reputable one. You should tell justhost that your account has been hacked cause it might be from their own employees and they might find ways to protect their clients. All I know is justhost is a reputable one.
      1. He did try and contact customer support and as the OP said it was so maddenning he gave up.

      2. When SBucciarel says they are her least favourite hosts, I would listen to that. It's experience verses inexperience.

      3.
      QUOTE.You should tell justhost that your account has been hacked cause it might be from their own employees and they might find ways to protect their clients
      ...Well, this doesn't exactly make them reputable then, does it?

      4. The OP never said his account was hacked by Justhost, all he knows is it was someone from Pakistan.
      Signature

      Wibble, bark, my old man's a mushroom etc...

      {{ DiscussionBoard.errors[2923254].message }}
  • Profile picture of the author v7web
    Originally Posted by mmixon View Post

    Well, I had 19 wp websites at Just Host. They were hacked by some low life from Pakistan. When a website gets hacked, is it my fault or the host? I had a 18 digit password, but they were hacked anyway.

    Dealing with Just Host "customer support" (if you could even call it that) was maddening. I finally gave up and just closed the account. I hated to lose the websites, but just couldn't get them cured, and was afraid to transfer them to another host. I didn't know what the hacker may have planted there for later use.

    I read all the negative reviews here at the Warrior Forum about Just Host, but only AFTER I had set up the account and had several websites up and going. Wish I had read it before.

    I plan on taking advantage of Host gator's Black Friday offer to get back on track.
    I also had my sites hacked that were hosted with justhost.
    They tried to imply that it was down to me but I think it is an issue with their servers.
    I changed all cPanel passwords and re installed all php scripts yesterday, removed all signs of hack and yet this morning they were hacked again.
    {{ DiscussionBoard.errors[2926342].message }}
  • Profile picture of the author lefty359
    I have 3 WP Sites at Just Host and haven't had any problems. But you guys got me thinkin'
    {{ DiscussionBoard.errors[3126844].message }}
  • Profile picture of the author luckyshah290
    That Was Really bad ..... Like 19 Wp Site just Got hacked ......

    This hackers Ar Most Likely To do it.

    Just Host is Sort of a good Hosting.

    but i don't know ...... never Tried it Or never Will
    {{ DiscussionBoard.errors[3126877].message }}
    • Profile picture of the author homejobcreator
      Hi, Are you saying that Hostgator shared hosting for Wordpress sites is the safest of the lot?

      thanks
      {{ DiscussionBoard.errors[3352753].message }}
      • Profile picture of the author mattbaehr
        Funny seeing this now. Last month I had one site of mine on my Justhost reseller account get hacked. Then later that week had another.

        It was maddening trying to talk to their support to get it fixed. Their backup was like 3-4 days old.

        Oh well. Looks like time to find something different.
        Signature
        Get Your Own .EDU Pages for Less than $10 a Piece!! - How would you like to have your own content, anchor text and links on a .edu domain? You control it all from the text to the links. Now you can!
        {{ DiscussionBoard.errors[3352911].message }}
        • Profile picture of the author webpromotions
          Originally Posted by mattbaehr View Post

          It was maddening trying to talk to their support to get it fixed. Their backup was like 3-4 days old.
          From that quote, I'm assuming your own backup was older than that?

          Everybody screams when something like this happens, which is understandable, but its also why you do your own backups, then backup again, and then again. Every day. Online and offline. Period.
          {{ DiscussionBoard.errors[3353572].message }}
  • Profile picture of the author craig crawford
    Originally Posted by mmixon View Post

    Well, I had 19 wp websites at Just Host. They were hacked by some low life from Pakistan. When a website gets hacked, is it my fault or the host? I had a 18 digit password, but they were hacked anyway.
    So sorry to read this, Makes my blood boil knowing there are so many idiots out there enjoying ruining other peoples hard work! I could punch them all day long and not get bored!
    {{ DiscussionBoard.errors[3352976].message }}
  • Profile picture of the author hosting
    It also happened to me. My sites had been hacked twice with Jushot even though other sites under VPS or reseller accounts (with different companies) have been ok so far.

    I have posted here => JustHost sucks
    {{ DiscussionBoard.errors[3384096].message }}
  • Profile picture of the author JustinAtlan
    Wow.

    I use Just Host. It's hosting my new product (in signature). Should I switch it for reliability?

    I don't want my affiliates to lose money...

    What do you guys think?
    {{ DiscussionBoard.errors[3384115].message }}
  • Profile picture of the author Headfirst
    It's not the hosts fault. It could have been triggered by malware on your own computer snagging your info. It could have been dozens of different attacks that wordpress could be vulnerable to (depending on your version).
    Plugins that you have installed may have created security holes.
    You could have used that 18 digit password for another site and an attacker could have found out enough about your from your facebook page to answer the password reset questions. You could have accessed the sites through a public wifi somewhere at which a cracker was stealing cookies... I cant even list all of the hundreds of ways it could have happened. Bottom line? It's not the hosts fault.

    I don't believe in blaming the victim, but it is most likely your responsibility.

    Check out a good scanning service like Sucuri.net Most wordpress attacks are to drop malware, Sucuri will scan your sites hourly and email you if anything changes or you have malware. It wont solve everything, but they'll come in and fix your sites do you dont have to delete them if something does happen.
    {{ DiscussionBoard.errors[3384545].message }}
  • Profile picture of the author wadeang
    I haven't had a good experience with justhost. If you value your websites at all, I would back them up and move them somewhere else as soon as possible.
    {{ DiscussionBoard.errors[3384942].message }}
    • Profile picture of the author apmaranca
      Well...

      Anyone with a dozen joomla sites in construcion and some ready may be hacked from time to time. I made few security mistakes and a punk from Turkey injected some bank simulations in my justhost account.

      Justhost found a way to kick me out for that. As I analised, it´s kind of a policy. You keep all the clients with no bandwith consumption, small amount of sql use and when they get big and exposed you just find a way to kick them out. Justhost is for beginners.

      I believe they don´t bother with the hackers, because they make the job of kicking the users out when they begin to grow.

      The bright side is that since it happened, I found this great site with some nice people finding a way to make a life from internet.

      Regards
      Alfredo Portinari Maranca
      {{ DiscussionBoard.errors[3937019].message }}
  • Profile picture of the author simonbuzz
    Banned
    Just Host is a huge scam company they never reply that's why I am using HostGator and its the best...
    {{ DiscussionBoard.errors[3937437].message }}
    • Profile picture of the author Gaz Cooper
      I had 50 of my sites hacked too and it was a nightmare and wrote about i on my blog at the time

      I finally found some great guys who cleaned it and got them all clean in just 4 hours although I did delete a bunch of sites first but they saved 30 of them for me now I have them monitored 24/7 for arounf 25 bucks which to me is a bargain

      Gaz Cooper
      Signature
      Beginners get Started with AMAZON, we will give you a FREE custom made Amazon Site when you purchase hosting through us contact us at http://authorityzonesupport.com/

      {{ DiscussionBoard.errors[3937560].message }}
  • Anyone ever had a website hacked with DreamHost? That is who I use, I like the one click installs, and automatic updates for word press. But I don't want to take any chances.
    {{ DiscussionBoard.errors[3937822].message }}
  • Profile picture of the author Cool Hand Luke
    Here is a great solution:

    WordPress › BulletProof Security « WordPress Plugins

    The Bulletproof security plugin is FREE and secures 99% of the open ends in wordpress that hackers and injectors exploit. It was suggested to me after 3 of my sites got hacked(I was with Hostgator). It doesn't matter who you're with host-wise, once they hack one wordpress site, they have access to the rest.

    Do your part to protect yourself and check the plugin out.
    {{ DiscussionBoard.errors[3937866].message }}
    • Profile picture of the author jubale
      [QUOTE=Cool Hand Luke;3937866]Here is a great solution:


      The Bulletproof security plugin is FREE and secures 99% of the open ends in wordpress that hackers and injectors exploit. It was suggested to me after 3 of my sites got hacked(I was with Hostgator). It doesn't matter who you're with host-wise, once they hack one wordpress site, they have access to the rest.

      _____________________________________

      I have 2 justhost account on 2 seperate c-panels. The one built with Wordpress is getting hacked all the time. The other is not. I'm taking the advice from Cool Hand Luke and adding the Bulletproof plugin. Thanks for that!

      In defense of Justhost, they actually responded to me within an hour of the hackings and fixed it. The backup they returned me to may well have been two or three days old, but in my case that wasn't a problem -- but I do understand that sucks for people whose sites are changing hourly.

      I probably will use a more profession host in the future, but after reading all this I'm seriously considering moving away from wordpress all together.

      GazCooperOnline says he has his protected 24/7 for $25 (is that $25 a day, a week, a month?) Who does this for you?? I want it!
      {{ DiscussionBoard.errors[3974244].message }}
  • Hi Guys,

    I have had the same problem happen to me.

    And 92.7% of the time (obviously a made up number) its
    due to the scripts you have installed on your hosting.

    Any of the popular ones that we all use are ripe
    for the hacking if you dont stay updated and take
    precautions.

    Wordpress, Joomla & oScommerce are 3 of the
    main sites I've had hacked...but you can take
    precautions.

    If you use add-on domains with your host, you
    leave yourself open to be completely hacked. The
    hacker only needs to get into one site and they
    have access to hack all of your sites. (happened to me)

    Its likely this is the OP's situation.

    I'm not a hosting expert, my expertise is in drinking beer.

    Get yourself a reseller account so that all your sites
    have their own logins/cpanels and are isolated from
    eachother.

    Since I have done that...I havent had all my sites
    hacked in one hit. Atleast you lessen the chance
    of losing everything.

    Rule 1: Backup everything
    Rule 2: Keep your scripts up to date (always)
    Rule 3: Learn to take your website security more seriously
    Rule 4: Drink more beer!

    Hope that helps...

    Take Care,

    Michael Silvester
    {{ DiscussionBoard.errors[3937931].message }}
  • Profile picture of the author Duc
    My justhost account got hacked today. This is a pain. I am dealing with support now and hope that everything goes well. Fortunately the account is pretty new and I have my sites backed up. I just imagined having a business running and losing hundreds of dollars just due to down time, compared to a few dollars hosting per month.
    {{ DiscussionBoard.errors[4013663].message }}
  • Profile picture of the author celente
    my justhost were nothing but a pain in the butt. I think there are some mirror sites giving out details. I stumbled on this when someone pointed it out in another forum.

    Just goes to show you must back up your sites constanty. Saftey first.

    I now automatically change all my passwords each month, just for safe measure.
    {{ DiscussionBoard.errors[4014546].message }}
  • Profile picture of the author MelaGal
    Originally Posted by Chris Kent View Post

    Hacking happens to almost everyone from time to time. Could be twice a year, could be once every two years.

    If you run any script (e.g. Wordpress) then you immediately make yourself much more likely to be hacked. Or to put it another way, if you only use static web pages like XSite Pro, you stand WAY less chance of being hacked.

    If you use many plugins with Wordpress like I see often here, you make yourself more likely to be hacked. Guess what - I don't use any! Who needs any? Ask yourself what you "need" as opposed to what you "like".

    Back up regularly.

    Learn basic things about how web hosting works. Don't be ignorant after years of using hosting and not learn a single thing because you simply don't want to.

    I used to work in IT Support and would deal with the same people, again and again, for basic problems. 5 minutes of learning (which I often forced on them) would save them hours and maybe days in their lifetime. Yet they chose to be lazy and wallow in their own ignorance, until I forced it upon them. "IT" or "tech" is often an excuse to be ignorant, don't let it be for any of you guys or you will pay for it.
    Hey Chris,
    I am one of those people ignorant about web hosting. Any suggestions about a good online line course/book/etc? My choices so far haven't helped at all.
    Thanks, Gloria
    {{ DiscussionBoard.errors[5599323].message }}
    • Profile picture of the author Allenerb
      I don't know if a course or a book is necessarily what would answer your questions. MelaGal, what is it you want to know? If you look around, most people tend to lean towards HostGator or Bluehost. So I would start there. Both these companies have great support (I've not used HostGator, but I've read they have a great customer support team). So, that being said, go with what most everyone else is using and recommending.
      {{ DiscussionBoard.errors[5599520].message }}
  • Profile picture of the author MattBrighton
    Just learn from this and make sure you create regular healthy backups of your WP site. So if something like this does happen. You can completely get rid of all the infected files and just reupload the last known healthy backup
    Signature
    #1 BEAUTIFUL *Ultimate WSO Package: Graphic Design* Boost YOUR Sales & Conversions!
    Graphical WSO Sales Pages Convert 10% Higher. Why Haven't You Gone Graphical?

    >> The #1 Trusted Warrior Keyword Research Service - Rank Page 1 Google! <<
    Easy Keywords Means Easy Page 1 Google. Check It Out Today!
    {{ DiscussionBoard.errors[5599533].message }}
  • Profile picture of the author John Romaine
    This thread is like over a year old :rolleyes:
    Signature

    BS free SEO services, training and advice - SEO Point

    {{ DiscussionBoard.errors[5599805].message }}
  • Profile picture of the author Paul Gordelo
    it belongs to your host so you should contact them
    Signature
    {{ DiscussionBoard.errors[5599825].message }}
  • Profile picture of the author dnjoseph1
    Crazy...I have hosting on JustHost, Lunar Pages, and IPage.

    All of my justhost websites were hacked to pieces.
    Lunar Pages websites are fine.
    IPage websites are fine.

    Here's the kicker: The same versions of the same themes were used on all three hosting accounts. Just Host was the only hosting to have this happen. They suck. I'm cancelling my account, getting a refund, and switching over to Lunar Pages.
    {{ DiscussionBoard.errors[5939168].message }}
  • Profile picture of the author stuff2
    Thanks for the head up about Justhost.
    I was hacked years ago from another host com.
    {{ DiscussionBoard.errors[5939947].message }}
  • Profile picture of the author Karen Blundell
    Originally Posted by mmixon View Post

    Well, I had 19 wp websites at Just Host. They were hacked by some low life from Pakistan. When a website gets hacked, is it my fault or the host? I had a 18 digit password, but they were hacked anyway.

    Dealing with Just Host "customer support" (if you could even call it that) was maddening. I finally gave up and just closed the account. I hated to lose the websites, but just couldn't get them cured, and was afraid to transfer them to another host. I didn't know what the hacker may have planted there for later use.

    I read all the negative reviews here at the Warrior Forum about Just Host, but only AFTER I had set up the account and had several websites up and going. Wish I had read it before.

    I plan on taking advantage of Host gator's Black Friday offer to get back on track.
    I'm sorry this happened to you..however...
    when your WordPress sites get hacked, usually it's because you've neglected them. I mean this in the nicest way. WordPress is open source, so that means it is always going to be vulnerable to attacks. One of the number one causes of WordPress attacks is that the core WordPress files were not updated, plugins were not updated, old plugins were unused, and no security plugins were added, and other security measures weren't put in place.

    There are so many threads already on this forum about people's websites being hacked, usually WordPress sites. Do a search and you'll find advice, solutions, etc.

    Your websites were recoverable, but since you already deleted your account, starting over fresh, with the knowledge that you just can't ignore your sites and let them sit there unattended, is your best bet.

    For the record, hacking can happen using any Web host.

    Good luck!
    Signature
    ---------------
    {{ DiscussionBoard.errors[5940128].message }}

Trending Topics