Hacking and security

ClaireH-184886

ok thanks. The sites all have their own access but are all on the dedicated server. they can all be gained through a whm where we can change cpanel passwords and usernames but besides that they have no connection.

PaddyDisplays

I'm not an expert (but have some experience) , but if they are truly separated, and the word press sites were up to date but were hacked too, then there is something very wrong.

ClaireH-184886

i am waiting for the hosting company to get back to me, they have been working on this now for over 24 hours, i have sent them some questions but they have said they cannot answer them yet. it seems strange that the wordpress sites were hacked and they were all hacked even though they all had seperate logins

ClaireH-184886

just got this from my hosting company

Hello,

1. The server was not hacked. The application on these account has been compromised. In order to have the exact reason and coding vulnerability which allowed this to happen you may contact certified developer as we do not offer development services at this point.

2. Review the above. What we do is secure the service on the server by applying all the patches available for the same. The coding and the updates on your website functions and coding is your responsibility. The review and patching of any script you use for your website is development related task.

3. Again you will have to request this from expert web developer as s/he may review the coding of your website and provide the reason why and how it has been compromised.

4. Contact certified developer with proven feedback to review and patch your websites coding.

5. The answer to this question you may check here:

http://docs.cloudlinux.com/

Should you have any further questions or comments please do not hesitate to contact us.

Best regards,

PaddyDisplays

Yeah standard, "its not our problem" response.

As I said before, if the joomla site shared something like mysql database access then it was most likely not the hosts fault.

I have seen hosts blame opensource cms when actually they were just trying to hide their issues.  Its going to be impossible to know until someone looks properly into it (which hosts will not do, which is fair enough).

AlanMosley

I don't think its the server, wordpress and other cms are continually hacked. The server can not stop much at all. your code needs stop most hacks, and since wordpress is used by so many, all some one needs to do is hack their own and then they can go out and hack all wordpress sites of the same version.

PaddyDisplays

What your saying is true, but I have never heard of anyone getting hacked (bar brute forcing password or poor passwords), if they keep upto date with the security fixes.

Some hosts eg dreamhost will auto update installs for you , so you don't have to worry about  updating.

ClaireH-184886

will have to look at dreamhost and see how much they charge for dedicated server. do they offer managed dedicated server. also the hosting company is not taking any responsibility.

would you expect the hosting company to let you know that your site has been hacked or is it down to yourself to know

PaddyDisplays

I have only used dreamhosts shared hosting, don't know about dedicated.

"would you expect the hosting company to let you know that your site has been hacked or is it down to yourself to know"

Generally no, that you be your responsibility (or if your have a maintenance contact with the web developer).

Again dreamhost has some cool auto safe guards eg one of my clients had malware/virus on his pc and was sending out spam, they auto reset the password when it was picked up.  I also think they have other auto features to inform you about hacking, but its guaranteed service, its just a bonus they do.

I'm not saying you should go with dreamhost, I'm just telling you what they can/have done, (i have only use a few host companies)  but I'm sure there are alot of hosts that do that too (maybe even more).

altecdesign

The wordpress hacking was almost surely due to having outdated version of WP, or having a vulnerable plugin installed.  There are a few helpful plugins you can use to secure your WP site, plugins like (http://wordpress.org/plugins/better-wp-security/).

also a couple things to note, you should also take basic measures to project the site by changing the default table prefixes of your DB from _wp,  create a new admin user and delete the default "admin" accoun & limit access to your wp-admin section in your .htaccess file.... these security plugins will give you a whole checklist of items to "secure".