I'm very disappointed in my hosting provider, WebHostingBuzz.com.
I found out that someone had altered the index.html/index.php files for all domains on their server, regardless of owner or password. I knew it could happen, since it is hard to prevent that when you allow Perl and PHP programs on the server.
Even more disappointing was to find out that WebHostingBuzz only keeps backups of the files one day back, and that the backups contained the hacked files. So in effect, WebHostingBuzz does not have ANY useful backups. Their recommendation is to reload all domains from our own backups. :(
Not recommending this host.
Dear Customer,
The site could be hacked due to many reasons. In order to prevent most of them you need to do the following:
1. It is highly important you use long and hard-to-guess passwords that are regularly updated and kept only to yourself.
2. We recommend you check securityfocus.org regularly, to find out about the latest updates for your scripts. It is your responsibility to keep all scripts up-to-date on a regular basis.
3. It is also vital to check your computer on viruses very often so your local PC not to be infected, cause sometimes account info (username/pass) can be stolen with the help of different viruses.
4. In order to be safe please make the backups of your site periodically so in case of any problems with the server you will have the fresh version of your site that can be uploaded to the server again.
The version of the backups we have is dated Oct 28, 10:24 GMT. Unfortunately, these backups already contain modified files, so they cannot be used for restoration. In case you have earlier versions, you can provide us with them.
For any other information, please get back to us
Regards,
Nikita K.
Technical Support Team
WebHostingBuzz.com
1. The passwords were not breached. It happened to all domains on the server, which all had different passwords.
2. I don't believe that flaws were found in scripts on every domain. Someone with an account on the system just decided to write to files outside his area.
3. It wasn't a virus. It affected domains for multiple people.
4. Thanks for avoiding responsibility for doing backups WebHostingBuzz. I do have backups of course, but not on a daily basis. And I resent the time and effort it will take to upload all the content again, knowing WebHostingBuzz.com is not secure.
