Results 1 to 13 of 13
  1. #1
    Join Date
    Oct 2004
    Location
    Lithuania
    Posts
    1,180

    * TCH:not too good

    Yesterday my website (www.talonai.com) was hacked by some Oriental hackers. I am unfamiliar-maybe they were Japan, Chinese or so on. The hack was noticed by some 00:00 (Lithuanian time) by my friend.
    I contacted Totalchoicehosting support immediately telling my site was hacked and I want them to some action immediately. Untill they responded, I managed to access my Cpanel and change hacked files with normal ones. The support told me to explain in details. I did so and received an answer:
    Hi,

    We have the backup of your account taken on last week. If you need to restore the account from the backup, please let us know.

    Also, please make complex password for cPanel and regularly change it.

    Thank you for choosing TotalChoiceHosting.
    With all due respect to TCH (as for me, it still is the name of quality hosting!) - it is not a kind of response I expected. Passwords can be of any complexity, but they are still hackable. I thought, my host would take some responsibility.
    They didn't. I am a bit dissapointed - I found no one at their Live chat and the response wasn't what I had expected.
    I would stay with TCH at the next year,but my opinionon their support has a bit changed. Unfortunately, to the negative side

  2. #2
    I am not sure why you think that we should be responsible for a site level hack.

    It is our job to secure the server your site is on, we can not monitor every script, file and folder you place on your site. I respect your view's although I do think they are a bit off.

    We provide 24/7 support via our help desk. Live chat is not the main method to contact our support team. I can see that your help desk ticket was answered within minutes of your submission and we offered to re-provision your site with our backups. Even my forum signature has my direct office number and cell phone number for 24/7 contact. I am surprised I did not hear from you as you are a regular forum member.

    May I ask what else you would like us to do for you? Just tell me what your looking for, and of course I will do my best to make that happen.

    Every help desk ticket has a link at the bottom of the ticket "Not happy with the level of support you are receiving, click here". You really just needed to escalate that ticket to a manager for review, which you did not. We would have been more than happy to work thru the issues for you, but you choose to bring the item to this open forum instead. :confused

    Looking forward to helping you further any way possible.
    Bill Kish
    TotalChoice Hosting
    Hosting over 50,000 clients since 2000
    http://www.totalchoicehosting.com

  3. #3
    Join Date
    May 2006
    Posts
    275
    Quote Originally Posted by maniakaz

    With all due respect to TCH (as for me, it still is the name of quality hosting!) - it is not a kind of response I expected. Passwords can be of any complexity, but they are still hackable. I thought, my host would take some responsibility.
    They didn't. I am a bit dissapointed -
    It really stincks when your site gets hacked, but I have to come to the defense of your host here. The host is responsibel for securing the server, you are responsible for securing your account. If you have a script that can be exploited, a common password, or even someone keylogs your computer, how can the host be responsible for that? From what I can tell your host handled the situation very professinally.
    Patrick Kautz - Galaxy-Solutions, LLC
    Quality dedicated servers at an affordable price (http://galaxy-solutions.net)
    Out of this world hosting at down to earth prices (http://galaxy-hosts.com)

  4. #4
    Join Date
    Aug 2006
    Location
    Annapolis, Maryland
    Posts
    353
    I also have to agree with Total Choice here. Had personal information such as CC #'s, paypal info, and other things been taken, thats when the host should get begin to get involved, but even then, theres not much they can do.
    \\\\ High Performance Business Grade LiteSpeed Hosting
    //// Shared \|/ Reseller \|/ Dedicated \|/ Custom Tailored Solutions \|/ Domains \|/ SSL Certs
    \\\\ get WIRED \|/ general(AT)wiredwebwork.com \|/ 240-670-HOST
    //// True Quality 24/7 support(Chat, Email, Ticket) 9-5 est. phone support

  5. #5
    Join Date
    Dec 2006
    Location
    East Coast, USA
    Posts
    458
    Quote Originally Posted by Galaxy-Hosts
    It really stincks when your site gets hacked, but I have to come to the defense of your host here. The host is responsibel for securing the server, you are responsible for securing your account. If you have a script that can be exploited, a common password, or even someone keylogs your computer, how can the host be responsible for that? From what I can tell your host handled the situation very professinally.
    I also have to agree with the host on this one. If you upload a script and not secure it then a hacker could hack the site easy.. I think the host did as they should. but a week old backup? ouch..

  6. #6
    Join Date
    Oct 2003
    Location
    UK
    Posts
    3,590
    Do the host advertise that they do weekly or daily backups? as they maybe in their rights to do weekly backups if thats whats in the T&C.
    The Hosting Heroes Ltd - over 20 years in the UK hosting industry.
    Website Hosting | Reseller Hosting | Cloud VPS Servers | Dedicated Servers | VPS Reseller for WHMCS
    www.thehostingheroes.com

  7. #7
    We actually do the following backups.

    Incrementals every 12 hours
    Archiving 28 sets of incrementals
    Weekly runs
    Monthly Runs

    Backups are currrent as they should be.

    server382.tchmachines.com backup_server_2_volume Linux Sun Apr 8 2007 12:59:20 EDT

    Tech should have said Last nights backups not last weeks.

    Bill Kish
    TotalChoice Hosting
    Hosting over 50,000 clients since 2000
    http://www.totalchoicehosting.com

  8. #8
    Join Date
    Aug 2003
    Posts
    2,733
    If it was one of your scripts or your password that was hacked, then it really is not the fault of your hosting company. If the attack was because of a weakness in their server, then yes, they should have done more.

  9. #9
    Join Date
    May 2006
    Location
    San Francisco
    Posts
    7,325
    If the hacking was done through a script that you were running, then that's your responsibility, not your host's.

  10. #10
    Join Date
    Oct 2004
    Location
    Lithuania
    Posts
    1,180
    Well, my site is HTML only and it does not use script. The only script is for DHTML navigation menu. All other files are HTML, JPG, GIF, 2 archives (absolutelty clear) and 1 *.mpg movie. I did not share my account with anyone (it's not reseller).
    My password was not very weak (although did not qualify to the strong, consisting of 9 symbols and more).
    I wonder about users of other hosts: if they were hacked not due to the scripts fault - did they receive the same answer - "plz change your password often"??

  11. #11
    Quote Originally Posted by maniakaz
    Well, my site is HTML only and it does not use script. The only script is for DHTML navigation menu. All other files are HTML, JPG, GIF, 2 archives (absolutelty clear) and 1 *.mpg movie. I did not share my account with anyone (it's not reseller).
    My password was not very weak (although did not qualify to the strong, consisting of 9 symbols and more).
    I wonder about users of other hosts: if they were hacked not due to the scripts fault - did they receive the same answer - "plz change your password often"??

    How did you come up with the fact that your account contains no scripts? I wanted to correct you on this, as your account if full of scripts.

    I have removed your user name for privacy.

    [root@server382 root]# find /home/******/public_html/ -name *.php | grep -c ""
    195

    So you in fact have 195 scripts on your account. Please lets tell the facts correctly when accusing another of something.
    Bill Kish
    TotalChoice Hosting
    Hosting over 50,000 clients since 2000
    http://www.totalchoicehosting.com

  12. #12
    Join Date
    Mar 2003
    Location
    eastern USA
    Posts
    541
    LOL. Maybe he had no clue exactly what a "script" was.

  13. #13
    Join Date
    Feb 2004
    Location
    Your Screen
    Posts
    3,999
    Quote Originally Posted by TotalChoice
    [root@server382 root]# find /home/******/public_html/ -name *.php | grep -c ""
    195

    So you in fact have 195 scripts on your account.
    LOL.....now that's just funny.

    Bailey
    Let's Connect on Twitter! @thatsmsgeek2u || Fighting mediocrity one thread at a time.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •