+- MacResource (https://forums.macresource.com)
+-- Forum: My Category (https://forums.macresource.com/forumdisplay.php?fid=1)
+--- Forum: Tips and Deals (https://forums.macresource.com/forumdisplay.php?fid=3)
+--- Thread: Hostgator Blows; or Am I Being Unreasonable? (/showthread.php?tid=180146)
Pages:
1
2
Hostgator Blows; or Am I Being Unreasonable? - steveroberts - 06-15-2015
Friends.
About a week ago, I got notice from a 3rd party that my Hostgator hosted web site had been hacked and there were some .php pages that were redirecting traffic out of my site.
I notified Hostgator immediately, and after three days, when they still had done nothing, I removed the visible infected pages from the Wordpress directory.
A day later, I noticed that my search function was now redirecting all traffic to a men's "sexual enhancement" web site. So, I called Hostgator again. They assured me that the "security scan" had begun and that they were on top of the problem.
The following day, I found that my entire site was hacked and that all traffic there was redirected to the "sex" site. Hostgator was notified and promised to get on it.
After calling nearly every day last week and getting different answers, I was told last night, that there security team is receiving "higher than norman" calls for service, and that my site was in line to be reviewed. In other words, no one there has even looked at the problem.
While I can log in to the back end, the front end of the site is completely useless as it continues to redirect all traffic out.
Not sure what to do now, but any advice would be greatly appreciated.
SR
Re: Hostgator Blows; or Am I Being Unreasonable? - Onamuji - 06-15-2015
Your PHP install is pwned. You're using Wordpress? That's pwned, too.
Back up your site, find another host with the latest PHP, rebuild your site with the latest software and make sure that you enable auto-updates to receive the latest security patches. Also, do some Googling for recommendations on methods to secure your site, for example, via plugins that change the admin login page and disabling comments-fields - both of which are easy points of entry for botnets looking for vulnerable sites.
Re: Hostgator Blows; or Am I Being Unreasonable? - clay - 06-15-2015
What Onamuji said. As a next step, you need to make sure your WP site doesn't have any injected malicious code. A plugin like WordFence is great for this (tons of other configurable options as well).
Re: Hostgator Blows; or Am I Being Unreasonable? - richorlin - 06-15-2015
I agree. I dropped Hostgator earlier this year. They are down on the bottom of the list along with GoDaddy.
Why not try Squarespace. I've been using them for years and they are great. Very secure and reasonable prices. They have a great interface and your site will be very customizable. You can insert your own code and tweak the CSS to your heart's content. The only downside is that support is via email only with no phone support, but they are very responsive and there is a great user community.
Re: Hostgator Blows; or Am I Being Unreasonable? - C(-)ris - 06-15-2015
That really isn't your webhosts problem. You need to fix your own site, unless you paid them to develop, update, and manage the site.
Now, I don't know why they would have ever promised to look at it, I think they set the wrong expectation there. Nothing they can do besides maybe updating PHP and Wordpress...but that might break other parts in your site.
Re: Hostgator Blows; or Am I Being Unreasonable? - M A V I C - 06-15-2015
HostGator is owned by EIG. Same as Bluehost. They're considered bottom barrel. They don't care about customers, just numbers. https://en.wikipedia.org/wiki/Endurance_International_Group
I would say GoDaddy is a step up.
C(-)ris wrote:
That really isn't your webhosts problem. You need to fix your own site, unless you paid them to develop, update, and manage the site.
Unfortunately, this is true. This is why hosts offer managed plans or managed WordPress plans. That said, with Dreamhost at least, I had a site get compromised (old one that I forgot about) and DH had scripts they could run to clean it all up. They have tons of sites get infected all the time, and although it's the responsibility of the users to clean it up, they usually have to do it when the user doesn't.
Onamuji wrote:
Your PHP install is pwned. You're using Wordpress? That's pwned, too.
I'm not sure why you think the PHP install has been compromised. It's probably just scripts that are installed. Most shared hosts don't even give users the ability to mess modules.
clay wrote:
As a next step, you need to make sure your WP site doesn't have any injected malicious code. A plugin like WordFence is great for this (tons of other configurable options as well).
Yep.
Re: Hostgator Blows; or Am I Being Unreasonable? - vision63 - 06-15-2015
pwned, that means it's owned? Or pawned?
Re: Hostgator Blows; or Am I Being Unreasonable? - vision63 - 06-15-2015
Total Choice Hosting has been rock solid for me going on a decade or more.
Re: Hostgator Blows; or Am I Being Unreasonable? - C(-)ris - 06-15-2015
vision63 wrote:
Total Choice Hosting has been rock solid for me going on a decade or more.
Best host in the world isn't going to help you if you run outdated versions of PHP or WordPress... or use poor passwords.
Re: Hostgator Blows; or Am I Being Unreasonable? - vision63 - 06-15-2015
C(-)ris wrote:
[quote=vision63]
Total Choice Hosting has been rock solid for me going on a decade or more.
Best host in the world isn't going to help you if you run outdated versions of PHP or WordPress... or use poor passwords.
That's true, however the best wouldn't offer outdated versions of anything. Passwords are on you.