1. Contracting
    1. General
      1. Brexit
    2. Business / Contracts
      1. Coronavirus Assistance
    3. Accounting / Legal
      1. Umbrella Companies
      2. HMRC Scheme Enquiries
      3. The Future of Contracting
      4. IR35 Reform
    4. Technical
    5. Welcome / FAQs
  2. Social
    1. Light Relief
    2. Social / Events
  • Visitors can check out the Forum FAQ by clicking this link. You have to register before you can post: click the REGISTER link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. View our Forum Privacy Policy.
  • Want to receive the latest contracting news and advice straight to your inbox? Sign up to the ContractorUK newsletter here. Every sign up will also be entered into a draw to WIN £100 Amazon vouchers!

What a turd

Collapse
X
1 to 6 of 6 Previous template Next
Collapse
Reply to Thread
  •  
  • Filter
  • Time
  • Show
Clear All
new posts
1 to 6 of 6 Previous template Next
    #1

    What a turd

    A website that I run has been hacked. Feck.

    Now not the worlds worst hack as I have decent backups of it + database and its only a site that hots photos and gps logs of me and the motorbike so doesn't really mean that much.

    What does feck me off is the shower of tulips that are uk2 don't seem to care. I'm fairly sure its their end that has been done as checking my account area reveals a second ftp account in the name of "loren". WTF is loren?

    I don't use the username / password for anything else and its fairly impossible to brute force so my best guess is the tulipty cpanel they use has holes in it.

    At least MyCo site/e-mail is with a proper host and protected.
    Tags: None
    #2
    Rats - that's a bummer.

    I'm not sure about my host. It's Webfusion and when I access the CP Firefox tells me that it has an invalid certificate. (It costs me enough mind...)

    I'm not sure what to do with it.
    "I can put any old tat in my sig, put quotes around it and attribute to someone of whom I've heard, to make it sound true."
    - Voltaire/Benjamin Franklin/Anne Frank...

    Comment

      #3
      Originally posted by Sockpuppet View Post
      A website that I run has been hacked. flip.

      Now not the worlds worst hack as I have decent backups of it + database and its only a site that hots photos and gps logs of me and the motorbike so doesn't really mean that much.

      What does flip me off is the shower of tulips that are uk2 don't seem to care. I'm fairly sure its their end that has been done as checking my account area reveals a second ftp account in the name of "loren". WTF is loren?

      I don't use the username / password for anything else and its fairly impossible to brute force so my best guess is the tulipty cpanel they use has holes in it.

      At least MyCo site/e-mail is with a proper host and protected.
      Could well be CPanel hs been hacked. UK2 are pretty poor for support IMO and I do not use them for hosting for this reason. They have always appeared to be a bit of a "budget" host from my POV and with hosting you usually get what you pay for Hope it does not take you long to clean up bit if your FTP service has holes in it then there is a good chance you will be done over again as soon as you think the problem has been sorted.

      Originally posted by cojak View Post
      Rats - that's a bummer.

      I'm not sure about my host. It's Webfusion and when I access the CP Firefox tells me that it has an invalid certificate. (It costs me enough mind...)

      I'm not sure what to do with it.
      You don't need a fully paid up secure connection to control panels like this so they are usually self-generated and therefore FF will complain about their authenticity. Just do the process of "I understand the risks", "Add Exception", etc:
      http://support.mozilla.com/en-US/kb/...n+is+untrusted

      You will never be notified of the certificate being untrusted again then.

      Comment

        #4
        Yeah they are tulipe. Partly the reason that I am with another provider for anything that I consider needed e.g. business stuff.

        The only reason I'm with UK2 is that they provide 2gb of mysql data which the satellite tracker on the bike needs as it produces a heck of a lot of data.

        As its not a complex site all the source code is on this machine where I make the changes and push it upto the site. The logs are also here so I can re upload the tracks - so an easy fix.

        UK2s response is "well you've deleted the files so how can we tell when it happened" when I asked them if Cpanel creates a log when it creates new users they didn't know. In the end I tracked down the ip that the login came from 2 days ago. Suprise suprise its spoofed.

        Ah well time to move provider!

        Comment

          #5
          Originally posted by cojak View Post
          Rats - that's a bummer.

          I'm not sure about my host. It's Webfusion and when I access the CP Firefox tells me that it has an invalid certificate. (It costs me enough mind...)

          I'm not sure what to do with it.
          You shouldn't have a problem with Webfusion. An ex-clent used them and they were fine.
          +50 Xeno Geek Points
          Come back Toolpusher, scotspine, Voodooflux. Pogle
          As for the rest of you - DILLIGAF
          Purveyor of fine quality smut since 2005

          CUK Olympic University Challenge Champions 2010/2012

          Comment

            #6
            Originally posted by administrator View Post
            You don't need a fully paid up secure connection to control panels like this so they are usually self-generated and therefore FF will complain about their authenticity. Just do the process of "I understand the risks", "Add Exception", etc,

            You will never be notified of the certificate being untrusted again then.
            Phew! I had to do this to use it, but I had a horrible suspicion.. Thanks for putting my mind at rest admin.

            Ta Zip - it was only this one thing that was worrying me (apart from their email POP access being rubbish, that is..).
            "I can put any old tat in my sig, put quotes around it and attribute to someone of whom I've heard, to make it sound true."
            - Voltaire/Benjamin Franklin/Anne Frank...

            Comment

            Reply to Thread
            1 to 6 of 6 Previous template Next

            Advertisers

            1. Contracting
              1. General
                1. Brexit
              2. Business / Contracts
                1. Coronavirus Assistance
              3. Accounting / Legal
                1. Umbrella Companies
                2. HMRC Scheme Enquiries
                3. The Future of Contracting
                4. IR35 Reform
              4. Technical
              5. Welcome / FAQs
            2. Social
              1. Light Relief
              2. Social / Events
            Working...
            X