digitalmars.D.announce - dblog.aldacron.net is Clean Again
- Mike Parker (15/15) Apr 11 2014 Google has cleared the dblog.aldacron.net domain from the blacklist, so
- Nick Sabalausky (10/25) Apr 11 2014 Yea, shared hosting can be a pain. TBH, all my biggest web server
- simendsjo (5/10) Apr 11 2014 Been using Linode for ~3 years, but a couple of months ago my node had a...
- Nick Sabalausky (2/12) Apr 11 2014 Yea. *I've* caused far more downtime to my linode server than linode has...
- Mike Parker (11/11) Apr 11 2014 Seems I spoke too soon. Tech support has yet to remove the file,
- Andrej Mitrovic (2/6) Apr 11 2014 Unbelievable. 40$ to delete a file.
- Nick Sabalausky (3/9) Apr 12 2014 Sounds about on par with some of the the crazy shit I've seen shared
- Kagamin (6/7) Apr 12 2014 Sounds like the virus opposes naive deletion. One should first
- Vladimir Panteleev (12/20) Apr 13 2014 I think the question should be asked, "How did that file got
- Mike Parker (19/30) Apr 13 2014 On shared hosting, situations like this (in my experience) follow
- Nick Sabalausky (6/9) Apr 12 2014 If you do go with Digital Ocean, I'd be interested in hearing how it
- Mike Parker (3/13) Apr 13 2014 I wound up going with Linode. I had used them before when I needed a
- Vladimir Panteleev (5/26) Apr 13 2014 Sorry for arriving late in this thread, but if you need hosting
- Mike Parker (3/9) Apr 13 2014 Thanks for the offer. I'd take you up on it, but now that I've
- Rory McGuire (6/23) Apr 14 2014 short-term VPS and already had an account.
Google has cleared the dblog.aldacron.net domain from the blacklist, so it's safe to visit The One With D and the Derelict forums again. Ultimately, I had to root everything out myself. Tech support was friendly enough, but very little help (they advised me that I needed to find the problem, which is what I asked for help with in the first place). It turns out there was a hidden executable which was completely invisible to my ftp client. I was able to see it only through the CPanel File Manager, but I was unable to delete it. Every attempt succeeded, only for the file to come back again. But once I eliminated all sorts of php files and fixed a number of static html files that had been modified, the problem went away even if the executable did not. Tech support did, finally, tell me they would remove the offending file. Because of this experience, I've decided it's time to move away from shared hosting. I'm going to transfer everything over to a VPS (either with Digital Ocean or Linode) so that I can always have shell access.
Apr 11 2014
On 4/11/2014 9:10 AM, Mike Parker wrote:Google has cleared the dblog.aldacron.net domain from the blacklist, so it's safe to visit The One With D and the Derelict forums again. Ultimately, I had to root everything out myself. Tech support was friendly enough, but very little help (they advised me that I needed to find the problem, which is what I asked for help with in the first place). It turns out there was a hidden executable which was completely invisible to my ftp client. I was able to see it only through the CPanel File Manager, but I was unable to delete it. Every attempt succeeded, only for the file to come back again. But once I eliminated all sorts of php files and fixed a number of static html files that had been modified, the problem went away even if the executable did not. Tech support did, finally, tell me they would remove the offending file.Ouch! At least it's all sorted out.Because of this experience, I've decided it's time to move away from shared hosting. I'm going to transfer everything over to a VPS (either with Digital Ocean or Linode) so that I can always have shell access.Yea, shared hosting can be a pain. TBH, all my biggest web server problems have always been directly related to one shared host or another. I got fed up and switched to VPS a few years and haven't looked back. I haven't looked closely at the other VPS companies, but in my experience you can't go wrong with Linode. They're amazing. I'm ultra-critical of freaking everything, and yet I don't have a single, even minor, complaint about Linode. (But then I'm a control freak, so VPS is a natural fit for me anyway, so "FWIW".)
Apr 11 2014
On 04/11/2014 03:41 PM, Nick Sabalausky wrote: (...)I haven't looked closely at the other VPS companies, but in my experience you can't go wrong with Linode. They're amazing. I'm ultra-critical of freaking everything, and yet I don't have a single, even minor, complaint about Linode. (But then I'm a control freak, so VPS is a natural fit for me anyway, so "FWIW".)Been using Linode for ~3 years, but a couple of months ago my node had a HW problem and was down for a couple of minutes. In other words - Linode is pretty good.
Apr 11 2014
On 4/11/2014 10:01 AM, simendsjo wrote:On 04/11/2014 03:41 PM, Nick Sabalausky wrote: (...)Yea. *I've* caused far more downtime to my linode server than linode has :)I haven't looked closely at the other VPS companies, but in my experience you can't go wrong with Linode. They're amazing. I'm ultra-critical of freaking everything, and yet I don't have a single, even minor, complaint about Linode. (But then I'm a control freak, so VPS is a natural fit for me anyway, so "FWIW".)Been using Linode for ~3 years, but a couple of months ago my node had a HW problem and was down for a couple of minutes. In other words - Linode is pretty good.
Apr 11 2014
Seems I spoke too soon. Tech support has yet to remove the file, the problem is back, and the site has been blacklisted again. What's more, it seems that the support guy who offered to delete the file overstepped his authority. Because now I get this from them: "If you need assistance cleaning your account and fixing the security holes for you site, we offer a low cost service option called Managed Shared Hosting. For the service fee of $39.95, we can create a work order to investigate and fix your issue." Screw these guys. Looks like I'll have to get the VPS set up and transfer the domain before I can get off the blacklist for good.
Apr 11 2014
On 4/12/14, Mike Parker <aldacron gmail.com> wrote:"If you need assistance cleaning your account and fixing the security holes for you site, we offer a low cost service option called Managed Shared Hosting. For the service fee of $39.95, we can create a work order to investigate and fix your issue."Unbelievable. 40$ to delete a file.
Apr 11 2014
On 4/12/2014 2:38 AM, Andrej Mitrovic wrote:On 4/12/14, Mike Parker <aldacron gmail.com> wrote:Sounds about on par with some of the the crazy shit I've seen shared hosts do."If you need assistance cleaning your account and fixing the security holes for you site, we offer a low cost service option called Managed Shared Hosting. For the service fee of $39.95, we can create a work order to investigate and fix your issue."Unbelievable. 40$ to delete a file.
Apr 12 2014
On Saturday, 12 April 2014 at 06:38:16 UTC, Andrej Mitrovic wrote:Unbelievable. 40$ to delete a file.Sounds like the virus opposes naive deletion. One should first need to find its guard. Well, anyway, such things require security specialist, so they cost money. Mike should delete everything from the current site. Hope that will stop further distribution of the virus.
Apr 12 2014
On Saturday, 12 April 2014 at 09:36:42 UTC, Kagamin wrote:On Saturday, 12 April 2014 at 06:38:16 UTC, Andrej Mitrovic wrote:I think the question should be asked, "How did that file got there?" Was there a security hole in the blog software? Was the password guessed, sniffed or stolen? (There exists Windows malware that steals saved FTP/SCP passwords...) Until the security hole is closed for good, the file may reappear again. I would suggest looking at the file's modification time, and checking the HTTP / FTP access logs for suspicious activity around that time.Unbelievable. 40$ to delete a file.Sounds like the virus opposes naive deletion. One should first need to find its guard. Well, anyway, such things require security specialist, so they cost money. Mike should delete everything from the current site. Hope that will stop further distribution of the virus.
Apr 13 2014
On Monday, 14 April 2014 at 03:13:31 UTC, Vladimir Panteleev wrote:I think the question should be asked, "How did that file got there?" Was there a security hole in the blog software? Was the password guessed, sniffed or stolen? (There exists Windows malware that steals saved FTP/SCP passwords...) Until the security hole is closed for good, the file may reappear again.On shared hosting, situations like this (in my experience) follow a check list. You remove any infected files and malware from your directories, update the passwords, reinstall or update the software and, if the problem persists, tech support will dig into it to find the holes. In seven years of running the site, I had previously only had one script injection problem which came down to a bug in Wordpress and was fixed in the next update. Never had a malware problem before, but given that these guys instructed me to delete it ( a no-brainer) or risk suspension of my account, I would not expect them to charge me $40 when it proves impossible for me to remove.I would suggest looking at the file's modification time, and checking the HTTP / FTP access logs for suspicious activity around that time.One can wish. The file time is Jan 1, 1970 8:59. It's zero bytes and has full permissions. Its name is a jumbled mess (blocks and symbols). The only clue I had was the modification times of the mysterious php files (all of which also showed up as 0 bytes) and the infected html files, but I don't know if they're related to the malware or something completely different.
Apr 13 2014
On 4/11/2014 9:10 AM, Mike Parker wrote:Because of this experience, I've decided it's time to move away from shared hosting. I'm going to transfer everything over to a VPS (either with Digital Ocean or Linode) so that I can always have shell access.If you do go with Digital Ocean, I'd be interested in hearing how it works out. Their $5/mo option might be a good way out next time I have a client who's trying to use a shared PHP-oriented host. If you don't want to post here my email is nick1 (and the email's domain name is semitwist.com).
Apr 12 2014
On 4/13/2014 6:39 AM, Nick Sabalausky wrote:On 4/11/2014 9:10 AM, Mike Parker wrote:I wound up going with Linode. I had used them before when I needed a short-term VPS and already had an account.Because of this experience, I've decided it's time to move away from shared hosting. I'm going to transfer everything over to a VPS (either with Digital Ocean or Linode) so that I can always have shell access.If you do go with Digital Ocean, I'd be interested in hearing how it works out. Their $5/mo option might be a good way out next time I have a client who's trying to use a shared PHP-oriented host. If you don't want to post here my email is nick1 (and the email's domain name is semitwist.com).
Apr 13 2014
On Sunday, 13 April 2014 at 11:44:50 UTC, Mike Parker wrote:On 4/13/2014 6:39 AM, Nick Sabalausky wrote:Sorry for arriving late in this thread, but if you need hosting for D-related projects, I'd be glad to offer some on my server. You get a limited Linux user with full shell access, and your choice of httpd.On 4/11/2014 9:10 AM, Mike Parker wrote:I wound up going with Linode. I had used them before when I needed a short-term VPS and already had an account.Because of this experience, I've decided it's time to move away from shared hosting. I'm going to transfer everything over to a VPS (either with Digital Ocean or Linode) so that I can always have shell access.If you do go with Digital Ocean, I'd be interested in hearing how it works out. Their $5/mo option might be a good way out next time I have a client who's trying to use a shared PHP-oriented host. If you don't want to post here my email is nick1 (and the email's domain name is semitwist.com).
Apr 13 2014
Thanks for the offer. I'd take you up on it, but now that I've broken away from shared hosting I plan to make use of the resources on this VPS for more than just D stuff.I wound up going with Linode. I had used them before when I needed a short-term VPS and already had an account.Sorry for arriving late in this thread, but if you need hosting for D-related projects, I'd be glad to offer some on my server. You get a limited Linux user with full shell access, and your choice of httpd.
Apr 13 2014
On 13 Apr 2014 1:45 PM, "Mike Parker" <aldacron gmail.com> wrote:On 4/13/2014 6:39 AM, Nick Sabalausky wrote:short-term VPS and already had an account. I've been using digitalocean and I quite like them. Unfortunately I haven't had any problems so I could say how they handle that. I use them for work and for quick trials.On 4/11/2014 9:10 AM, Mike Parker wrote:I wound up going with Linode. I had used them before when I needed aBecause of this experience, I've decided it's time to move away from shared hosting. I'm going to transfer everything over to a VPS (either with Digital Ocean or Linode) so that I can always have shell access.If you do go with Digital Ocean, I'd be interested in hearing how it works out. Their $5/mo option might be a good way out next time I have a client who's trying to use a shared PHP-oriented host. If you don't want to post here my email is nick1 (and the email's domain name is semitwist.com).
Apr 14 2014