| Posted by MonteVesubio, 05-30-2011, 11:47 PM | | Hello
Ive been searching for a new reseller hosting option for one of my accounts that was hacked but so far no luck so I decided to ask here for advise. First priority needs to be a safe haven from hackers, or if that isnt possible, at least a place as safe as possible. These are my general requirements
1/ safe: as Ive said the website I want to move was hacked continually during a month. Neither the hosting company or myself are actually sure what backdoor the hacker used to get into my site so theres the risk of the hacker trying it again. I need assurance that my new company would know how to stop him/them. I'd bet it was exploiting a faulty DB that its fixed now, but cant be 100% sure.
2/ good uptime, stability, very important.
3/ good and helpful technical support, if possible a place that will go out of their way to help users. Im not a technical person and sometimes providers think they're talking with people almost as technical as they're, they just seem incapable to help or to give simple answers to folks like myself who do this on the side of many other things, basically I dont have the time to learn all the technical aspect of the business, though I probably should and plan to, the moment I get some free time.
4/ end user support if possible. Because of the aforementioned, my lack of time, Id really love the ability to delegate the most technical side of the business to people who actually know what they're doing and will actually help my clients.
5/ periodical DBs backups
6/ cpanel
in technical terms Im not looking for much HD space 1GB tops, bandwidth around 50-100 GB tops, budget around 30 US$
any names?
thanks folks for any help
|
| Posted by Dustin B Cisneros, 05-31-2011, 12:16 AM | | Hello,
What kind of end users are you going to have with 1gb space?
Its just for your self correct? Technically your an end user how ever this term is brought up with resellers who have multiple clients under them and the reseller provider would offer support to them as well.
|
| Posted by Jennifer Robinson, 05-31-2011, 12:19 AM | | Its difficult that any host will give you any guarantee that YOUR scripts are not exploited. Since its you who have used those scripts.. I would suggest is, always keep your scripts up2date with the latest patches and upgrades. Such vulnerability issues are generally found with outdated versions of popular CMS such as joomla, wordpress, phpbb etc.. So keeping them up2date is the first key to protect your websites from exploits..
Further, try to go for a host that has suphp and mod_sec rules enabled. They protect your script to a considerable extent..
|
| Posted by eLief, 05-31-2011, 03:29 AM | | What type of website are you running that it was getting hacked so frequently? Most of the time it's due to an out of date or insecure script, insecure permissions, etc.
|
| Posted by MonteVesubio, 05-31-2011, 04:41 PM | | you're right. Could I use this term if I wanted to have technical support for just one client? if not what should I look for?
thanks jennifer. good piece of data there that I didnt know. Any names in mind?
its a website that offers free ads, so the hacker seems entered a malicious code, used the mail form to tamper with our DBs, we're guessing, because seems almost confirmed he didnt get in from the cpanel or using any kind of Login/PWD. Our DBs are made by another group of programmers, who obviously did a poor job at securing the script, php, etc.
Like I said Id appreciate any suggestions of safe, helpful places for my hosting needs, thanks for any help, Ill keep looking in the offers and this part of the forum to see if I find something that suits me.
cheers
Last edited by MonteVesubio; 05-31-2011 at 04:48 PM.
|
| Posted by Forward Web, 05-31-2011, 05:13 PM | | Although all of your requirements are pretty basic, I do have a few questions so maybe we can pinpoint exactly what the issue is.
1.) Who were you previously hosted with?
2.) Was the entire server of your previous host compromised. Or was it just your Reseller account, or more specifically, one cpanel account within your Reseller account?
3.) What was your previous web hosts response to your account being compromised?
|
| Posted by MonteVesubio, 05-31-2011, 05:36 PM | | Im still hosted with the same guys for everyone of my accounts, bar the one hacked. They've been great, uptime is fantastic, very happy with their services, bar this certain incident. The hacking situation happened to just one of my accounts, it never happened before (hence my lack of experience), was something they and us didnt expect and really something that was the programmers fault, not theirs or ours. I still wished they'd been a little more helpful, but they did try their best and gave us valuable insight. Because of my lack of knowledge in these situations I really dont know exactly what and to which extent the hosting company should've worked with us to try to fix the hacking.
They guessed the problem came from a faulty php/script but they couldnt exactly isolate which one. Theres a distinct chance of the hacker coming back, despite all the DBs and scripts having being deleted and fixed/updated. Since we arent really sure how the hacker got into our web its difficult to fix the problem, so for my next hosting Id like to have the help of a hosting company, that, IF, the hacker attacks again, can really tell us where exactly is the problem and how can we fix it.
just one account, that certain one. Like I said, its the first time in many years we have a problem with hackers.
like I said they did try, but Im not sure they were really experts in the subject, but perhaps its me being clueless again. It took many efforts from my part, and tickets, after having changed every possible logins and passwords in the account, ran many AVs and so forth, to finally for them to tell us the problem could be a faulty script, but they didnt know which exactly. It was a nightmare to be honest
Let me know if I can make my situation even clearer with more data, facts or whatever else you need. I appreciate all your advise and will to help, like I said I've never been hacked before and I dont know where I stand in terms of what services and technical support should I expect from a hosting company.
regards
|
| Posted by Forward Web, 05-31-2011, 06:00 PM | | I see, well to be honest with you it sounds to me like the issue is with your website and not the web host, therefore it really wont matter which web host you switch to, the problem will still exist.
Also, when it comes to poorly written scripts there really is little the web host can do, as they are not the ones who developed your script. Pinpointing security vulnerabilities on a website you did not develop your-self can be very difficult for any web hosting company.
My suggestion would be to maybe contract a professional developer to take a look at your sites functionality to see how it can be redeveloped to be more secure?
|
| Posted by MonteVesubio, 05-31-2011, 08:43 PM | | thats the thing though. we arent really sure who's to blame and where its the vulnerability since the webhost didnt locate it 100% sure. They say it could be a script but the programmers say otherwise and blame the webhost. how am I supposed to proceed if I dont know where lies the problem? I understand the webhost shouldnt have to fix the programmers mistakes themselves, but shouldnt they be able to tell us exactly where is the problem so we can fix it? coz thats all Im asking for
we did ask the programmers to fix this "hypothetic" security hole, and they did, but since we arent really sure to begin with where the hole was, we can only speculate that the problem is solved now. We're trying our best, and spending some extra money because the programmers didnt think it was their fault (we have no proofs to tell them otherwise since the hosting company didnt give us any proofs) and charged us accordingly like a new job.
There must be some hosting company which does a little more for the client than what ours did, in matters of security. Thats the company Im looking for.
So any suggestions?
|
| Posted by Forward Web, 05-31-2011, 10:27 PM | | Well again, that would really be up to the programmer to determine. Unless the hacker got in via a weak password? I know its probably not a web host problem, because if it is, you would have seen more than one account effected by the problem.
Again, its not really "hypothetic", there was a security breach that happened on your end, either via an insecure script or via a weak password. If you are particular that your programmer is not to blame, have you asked him what improvements they have made to particular scripts that might be vulnerable?
I do agree that maybe the host could have been a little more helpful with you, but again, keep in mind that troubleshooting websites on that level is really outside the scope of regular web hosting technical support. Here are some items/steps that might help you determine exactly what the problem is...
- Run a local check of your computer for any viruses/trojans..ect. One way some of these hackers are breaking into accounts is by compromising the customers local computer.
- when logging into your control panel are you logging in via https or http? Hopefully your host requires all customers to login via https, but if they do not, make sure you always use https when logging into your control panel or webmail.
- Always keep a clean back-up of your website, should your site become infected. Download the comprised version of your website onto your local computer (so you can have someone thoroughly inspect the code) and then immediately reload the clean version of your site (this will help determine exactly where the intrusion occurred. as the hacker will probably try to reinfect the clean version via the same security hole).
Obviously the level of technical support you receive is going to vary from company to company. Some go far and beyond what is required to keep your business, while some simply stick to whats generally included in their regular customer support. After thinking about this more thoroughly, I think your web host should have at least agreed to take a deeper look into your site for an administrative fee? Doesn't seem right that they just kind of left you to fend for your-self.
With that being said, here are some web hosts that I have noticed that tend to go far and beyond what technical support usually entails.
MDDHosting, Hawkhost, Downtownhost and Stablehost
I havent used any of the above companies services, but they all have reps here on these boards who are very active and knowledgeable. Very rarely (if at all) do I read any complaints/bad reviews about the services they provide.
So I am sure that if your site were to be comprised (if you asked politely) that would be able and willing to assist you with the matter. Just remember that if they do, just like any other host, they would be going far and beyond of what is usually expected from a companies technical support department.
Hope that helps!
|
| Posted by MonteVesubio, 05-31-2011, 10:53 PM | | good point. Dont think it was a weak password since I always use alphanumerics PWs really long
Im not savvy at all when it comes to security (possibly pointless clarification... ) but is there no way that the hacker could've entered using some vulnerability from my webhost? doesnt look likely, but why are you so sure its on my end? (is it because no other accounts were compromised? if so NM, Ive answered my own question)
Im not particular at all about any possibility. My programmers seem to be but I wouldnt trust them at all. In fact I trust more my hosting company than my programmers, but I cant be sure either way because Im not a programmer myself.
Good advise. I did all the steps above some time ago, well the third point didnt until recently (mea culpa, mea culpa, no excuse, silly, silly me)
actually one of those was and remains my current company, wont say which. They've been top notch when it comes to uptime, stability and general reliability, but their technical support hasnt gone out of their way to help on this certain issue. And at times I feel disconnected with them when it comes to technical help. Nonetheless, I keep my main accounts with them because they're amongst the best Ive had.
I do get what you're saying, and I know Im asking too much of them, and I had considered paying them an extra so they can investigate, perhaps I'll do it.
It actually does, very much.
finally, you or anyone else, please throw some names my way of hosting companies that are famous for their security/never or rarely been hacked/etc... Ive been reading and hearing a lot of big companies being hacked recently (from PS network to lockheed and others) and Id like to know which webhosting companies are the most secure, and perhaps from there choose my next option, at least for this certain account.
thanks again guys and gals
|
| Posted by Forward Web, 05-31-2011, 11:52 PM | | Yes that is correct, what hackers usually do is they will find with an insecure script or weak password and will use that account to see what other security vulnerabilities might exist on the server (usually gaining root access via some security hole, which they then use to compromise every account on the server).
I see, well if that is the case then you should probably look into getting a new programmer? A good programer would have taken the time to thoroughly analyze the website to get to the bottom of the security hole. If they were unwilling to do so, that tells me they probably do not 100% know what they are doing.
I see, well if that is the case do not be afraid to mention your web host name on here. I assure you they all have reps on this board who would be more than happy to look into your issue.
Definitly sounds like it would be worth the investment, otherwise you are just going to find your-self continually in the same situation.
Glad I could be of assistance, best of luck!
|
| Posted by TonyB, 06-01-2011, 12:01 AM | | That is really difficult to give good advice. Does the person giving the advice have a computer science degree, software engineering degree or equivalent experience? If not how good can their advice even be? Even if they do is the advice really that useful? You can say avoid SQL injections, file include injections, verify file types blah blah. That is very generic and probably won't help the poor user anyways.
Unless you have someone code auditing the user then it's probably not going to help. Then the question is well how would a host to have full time qualified software developers on staff to audit user code. The answer is probably they can't as it's not really part of web hosting support. Software developers are way more expensive than support technicians that's for sure.
The big problem here is applications are becoming more complicated. It's not some simple oh it's this single file that is 100 lines of code. Instead you have an application with 10,000 lines of code or more and 100+ files. The web host if it's a standard software package can say please upgrade to latest version. Add the equation of a bunch of plugins and then it's a question of where is the entry point in those 40 plugins. If it's a custom application it's even more unknown. At least with the application you can look at version numbers and maybe peace it together that way. With the custom application who knows what holes exist and which ones were fixed in the past.
All a web host can do is work harder and harder at separating users and making so one user being hacked does not effect the entire user base. Attempting to code audit is just not reasonable for a web host to do. The fact PHP can be done by just about anyone does not mean that anyone can provide good advice or audit user code. It's unfortunate but it's a reality the prices of the audit will run you at a minimum $45/hr and the user is paying $5/month the numbers simply do not add up.
|
| Posted by Forward Web, 06-01-2011, 12:05 AM | | I agree 100%
|
|
 Add to Favourites
 Print this Article
|
