Web Hosting Talk : Web Hosting Main Forums : Web Hosting : Dot5 deleting my resller account by mistake

[drek111]

Dot5 deleting my resller account all date lost and they send me email to say sorry what you think is it good idea to stay with him

see the email:


Our server, xxxx , was compromised early this morning. We regret to inform you
that all customer data was lost and the operating system
damaged. At this time we have no way of recovering any data. We will be
re-creating all of the sites from this server on a new much more secure
server. Once the site has been re-created on the new server you will need to
re-upload your site, if your domain name was registered with us
we will re-point the DNS, however if you registered your own domain name you ..... etc


when I asked him when you will recreating my account ? they send me this message :

I do not have any more information at this time. We will be re-creating the
sites as quickly as possible. Thank you for your understanding and
patience in this matter .... etc


I spent more than 24 hours and nothing happen

[VapoRub]

drek-11,

i'm sorry to hear that... Do you have a back up of your data? Have you tried calling them?

[Outofmymindy]

Any host that hasn't taken necessary precautions (security, making backups) to protect their customers' data isn't worth paying for, nor worth staying with. I'd suggest you do a host for quality resellers and see what you come up with. Once you've got a list of a few you'd like more information about, I'm sure the members would be glad to help you find a reputable, responsible host.

[EKR]

I wonder if this has anything to do with the incident described on this thread: http://www.webhostingtalk.com/showth...hreadid=214904

[drek111]

Thanks guys for your support

VapoRub

i have some of them you know as a seller i do not backup all data for my customers so many data lost


Outofmymindy

your'r right this is ture ' I will create a list shortly


Eric Radtke
I am not sure but they face alot of problem and maby this one of them.

I want to CRrrrrrrrrrrrrY

[essexguy]

Quote:

Originally posted by drek111


Our server, xxxx , was compromised early this morning. We regret to inform you
that all customer data was lost and the operating system
damaged. At this time we have no way of recovering any data. We will be
re-creating all of the sites from this server on a new much more secure
server.

what guarantees it will be a much more secure server? if they couldn't secure this server in the first place, how are they going to with the new one?

these are questions you need to ask before deciding to stay with them.

[Reseller-Center]

If its taking them more than 24 hours to restore this backup/service, then yes you should move on..

[ozzie123]

The heck?! It's their fault and it is them to take full responsibilities.

[Loon]

Well your title doesn't really suit your description of what happened, it sounded like you were trying to say the just deleted it by accident, but if somebody gained access to the server then it's a different matter.

It's an aquard situation because, even if they create regular backups, which i'm sure they do. If those are to a second drive on the same server they could also be gone. But they told you they are restoring accounts, just that it's taking a long time, have you tried contacting them again?

Good luck anyway, i hope you get the majority restored. You should always keep your own backups of important files & data, but as a reseller obviously it's not really practical to make regular backups of all your customers sites.

[xAngelx]

Essexguy, companies can only go so far to securing servers. If a user uploads a script full of security holes and you don't catch it in time someone could take advantage of it and compromise the server.

I had this happen once, a client uploaded a badly written php script and some joker managed to manipulate it enough to install a BNC. However we didn't have to just wipe out all clients data.

We went over all the sites on the server and the only one compromised was the first original one so we weeded out the coding from the one infected site, backed everything up and then had the main drive restored (as an extra precaution). Then we just restored from the backup. Problem solved and the client now submits all php coding to us for security testing before uploading it.

It doesn't take all that much to fix something like that if the host is willing to make the bit of effort required.

However if a server is so completely compromised that they couldn't save more recent data than 2 weeks then I'd have to say you're probably right, they did a bad job of securing the server in the first place. At the very least they should have backup the server up every week if not daily.

[coight]

I agree with Donna, and also agree that if the host takes steps to securing a box it will make it more difficult to get into a server. Hosts setup a server and think by using cpanel (/scripts/upcp) their server will be secure... far from it .

I guess its the hard way for them to learn. I would rather spend 24 hours securing a box than replacing client data for 3-4 days and ensuring everything is running. It does not seem like dot5 does care, once they lost their System Admin (Tony) things went downhill and its not the first nor the last time they will be hacked (going on previous experience)

[essexguy]

Quote:

Originally posted by xAngelx
Essexguy, companies can only go so far to securing servers. If a user uploads a script full of security holes and you don't catch it in time someone could take advantage of it and compromise the server.

oh i agree with you 100%

I was just stating to the thread starter that he needed to question the statement by dot5 in the email that was sent to him that "At this time we have no way of recovering any data. We will be re-creating all of the sites from this server on a new much more secure server".

why is it a much more secure server? does it specifically have a different setup from the previous server?

just questions that should be asked.

just my 2 cents

[xAngelx]

Only thing that comes to mind is the old server might have been running 7.3 and the new one is running 9. With 9 being more inherently secure it makes me wonder if Dot5 is relying on the OS itself to plug holes.

[thedavid]

??

Explain - 9 isn't more inherintly secure as redhat backports (up to the end of life) security patches through their rpm's.

-David

[xAngelx]

9 is already patched for all the old exploits. Not all ppl patch their 7.3 systems (I know quite a few that turn off updating to get every last bit of performance out of an overloaded server etc.)

I remember earlier this year when Burstnet got nailed heavily with DDoS attacks, primarily because of negligent sysadmins that didn't bother to update their server software.