Another Hosting Company Compromised By Hackers

When the Pharma Hack first came on the scene, certain hosts like Network Solutions and GoDaddy were taking a lot of the heat, as there were some security lapses on their part. To their credit, they came forward, took ownership of the problem, and helped their customer.

As you might remember, I was also affected by this (blogged about here and here), but I wasn’t hosting with either of these companies.

As such, all I could do was clean up the mess, and hope for the best. But since the root cause was never found, this hacker kept coming back and wreaking havoc on our sites. I begged and pleaded with my host to investigate this, as I was 100% sure that I wasn’t doing anything wrong. Yet time and time again, they would just close my ticket and send me the “Dealing with a Site Compromise” link on WordPress.com, a page I’ve already visited dozens of times in the past.

Each time, the hack would get more and more involved.. Stuff that would require the kind of access that *I* didn’t even have! Yet this fell on deaf ears, and I started talking with my partner about the logistics of moving 40+ sites to another server, as I had already invested well over 100 hours dealing with this mess for the past few months, and I couldn’t deal with it anymore!

Then, a few days ago, I notice a post on the host’s support forums. And low and behold, other people hosting here are dealing with the SAME NIGHTMARE! Even better, a blogger spelled out in graphic detail what was going on, which can be seen here. (Later that day, another site makes a post giving even more details!

No longer could my host hide behind the “WordPress is insecure and sucks, it’s your problem not ours” excuse. 😀

You’re probably asking yourself by now, who do we host with? We use The Rackspace Cloud (formerly known as Mosso). Longtime readers might remember my posts from last year when we first moved onto their platform, and until this situation, it’s been a great experience overall.

What’s troubling now is that even with an overwhelming amount of proof, no one there wants to accept responsibility. The latest response from them is as follows:

While we continue to investigate compromise reports from a small number of our hosted WordPress customers over the past few days we have no evidence that phpMyAdmin was involved. We are continuing to investigate the root cause of the issue.

If our investigation shows anything other than application level exploits, outdated and vulnerable WordPress plug-ins, etc, we will make that data available to you.

Otto (those of you in the WordPress forums probably recognize the name) left a comment on Unmaskparasites and gave his two cents, basically calling TRC out on their BS.

And now we’re stuck waiting to see how Rackspace responds. Talk about a nightmare..


Enjoyed this post?
Subscribe to Zander Chance via RSS Feed or E-mail and receive daily news updates!

Submit to Digg  Stumble This Story  Share on Twitter  Post on Facebook  Post on MySpace  Add to del.icio.us  Submit to Reddit  Fave on Technorati

2 Responses to “Another Hosting Company Compromised By Hackers”

  1. Sarah - Web Marketing Company says:

    i am really concerned by the insecurity as we are planning to host some really important data, need to find a secure host, but less expensive.

  2. mikelis says:

    GoDaddy has lots of problems besides hackers.
    It’s cheap but by far one of the worst hosts I’ve tried…

Leave a Reply