Feature

Security Issues

Hurm.com (Hurm Studio, Local Heroes, Nowheresville, etc.) pages have been having some security issues for the past few days. I'm trying to keep up, but in the next few days I'll be moving all of Hurm.com to a new host. There will probably be some amount of downtime, but I'll try to keep it to a minimum.

Share this Page:

Comments:

Categories:

Share

Share this page with family and friends…even complete strangers. It's up to you. Whatever floats your boat.

Click the icon below to select the method of sharing.

Share:

Comments

Read Comments (3)

Jonathan commented at 7:03 PM on March 14, 2006:

What happened? Was this with Surpass?

Nobody commented at 12:45 AM on March 18, 2006:

Yes, it was with Surpass Hosting.

I believe they may now have the extra security on their servers to combat the issues that happened to me/my site, but the last issue was big enough that I decided to move. I now use Dreamhost.

Several security issues happened to my Surpass-hosted site over the pas few months. It happened something like this, although I may have gotten the timeline slightly off.

Twice, my static HTML pages were all hacked to include links to porn and wares sites. I was lucky that I used Movable Type because that allowed to republish all of my content pages fresh from a database. I was worried, however, that Movable Type may somehow have allowed the security issues to occur.

My phpBB installation was hacked, my boards vandalized, and my board-admin account deleted. Surpass helped me upgrade to a newer, more security conscious version of those forums, but the next day I got hacked again in the same way.

My HTML pages were hacked again. (I learned this when one of the hack-links made a porn pop-up appear while I was at work and visiting my own site.) While browsing my hosting control panel, I saw I was approaching excessive bandwidth usage. While browsing the inner workings of my site via FTP, I stumbled on hidden directories files--none of which were mine. Somehow, someone had uploaded full seasons of Lost, Escaflowne, and more. Incredibly, tens of gigs of files were not registering in my control panel. Someone had turned my site into a file-sharing/torrent hub. Also, I apparently did not have the proper permission levels to delete these files. I had to have Surpass delete them, but I was in a panic because I didn't know if they would ban me from their service for having such illegal files on my site. They deleted the files and stated simply, "The files were owned by nobody, which is what php runs as, so it appears as he accessed your site through one of your php scripts. I deleted that folder for you. Let us know what else we can do." I now believe that there was insufficient intra-server protection centered on PHP security flaws that allowed another site on my server (which may or may not have been hacked in some way) to "go up and over" into my site's directory and plan files that nurtured the files and file-sharing system that I found hidden there.

At this point I started researching other hosts.

About two weeks ago I had another "link-hack" happen, except this time, instead of a porn pop-up, a virus was put onto my computer. One of those that opens ports to allow other people access to your computer and remakes itself even after you "clean" it from your computer.

I spent 8 to 10 days remaking my computer on a brand new drive and setting my site up on my new host, Dreamhost.

I got a great deal with Dreamhost--I found a promo code that discounted a year's hosting from about $120.00 to about $10.00! This can happen because everyone using Dreamhost gets a referral fee but you can create your own promo codes that cut into the referral fee for equal mounts. For example, normally the referral fee is (up to) $97.00, but if you use the "NINETYCHEAPER" code I made, then I only get a $7.00 referral fee while you get (up to) $90.00 off your one-year hosting plan.

So, that's the whole story. I like that I can make my own promo code with Dreamhost, and that I can have unlimited domains. However, I can already see that their servers are slower than I would like, and I've had one bout of unexplained downtime, so we'll see how it goes. I'm getting pretty sick of switching hosts and I'd like this one to last me at least five years.

Jonathan commented at 3:08 PM on March 20, 2006:

Wow. I just upgraded to a newer server with Surpass, and I haven't had any of those problems, but someone else I knew on a different server did. I keep a very vigilant eye on my domains and bandwidth, but still... makes me nervous to hear about it my own backyard.

Surpass just had a round of cleaning up the "nobody" ownership problem with PHP. I didn't know why they were doing that, but now I do! Sorry you had such a problem with it.

And I agree about the switching hosts thingy.

Leave a comment





Please enter the letter "v" in the field below:

 

Browse the archives »