Results 1 to 14 of 14
  1. #1

    Problems with website, alternative webhost?

    Hello, its been awhile since I have posted here, but I remembered well the great advice given in this forum.

    The problem: I have had a site on Lunarpages for about the past 8 months, but the past 2 weeks with frequent problems. The site is encountering mysterious attacks from someone or something. After a thorough security check, I have determined that its not a virus on my end, nor due to a faulty extension or install in my Joomla administrator. I know this as well because Lunarpages, which charges an exorbitant $75 to do a restore, also restored my account to a date previous to when my problems began, but the same problems returned within hours and have gotten progressively worse.

    What is happening? First, someone or something is eliminating my administrator usernames/passwords by what appears to be (according to a JTS scan) the elimination of the.htaccess file in my Joomla Administrator; taking my site offline at times (not sure how it has done this, other than entering my Joomla Admin itself); and the articles on my website connect now only to a blank, white page. The first time this occurred, I complained in a Lunarpages forum and shortly thereafter to my pleasant suprise the site and my Admin access somehow suddenly returned to good health. Now, however, its happening again. Lunarpages responds that it is impossible that it is due to someone or something associated with them, because their servers are the most secure possible and their employees are top notch. One Lunarpages guy has unbelievably told me in their forum I should "stop trying to figure who is out to get me" and "work on my problem myself."

    Anyhow, would for sure be interested in any theories/help/advice on my current problems. But as well, given my suspicion that something associated with Lunarpages could also actually be the cause, and given that this problem has gone on for 2 weeks with no solution in sight from them or anywhere else, I'd also be interested in advice on other webhosts that might be suitable for my needs. My site is a bi-lingual online magazine built with Joomla. Its based in Chile, though the magazine will have many readers in the US and Europe. This means that I need a fast server that ideally loads well here and abroad, works good with Joomla, and given the possibility I am the target of a hacker, a site that offers excellent security.

  2. #2
    Join Date
    Jun 2009
    UK: Oxford
    I would advise to check your server/web site Logs. Every host has 1 or should have 1. That may hold your offender. OR scan the Joomlar files a few at a time.


    Quote Originally Posted by jimmy40 View Post
    One Lunarpages guy has unbelievably told me in their forum I should "stop trying to figure who is out to get me" and "work on my problem myself."
    If that is a worker at the host amd If I was spoken to like that, I would leave and find someone else.

    But back to the issue. I would just go over everyone once or twice looking for things out of place. And If it is (which I hope not) a DOS attack. The hosting company should be protected from 1 with their multiple Providers (which I hope they have for your sake).

    I hope this has helped.

    Garbott Ltd - Professional web development & consultancy services
    Oxford.Hosting - Prestigious shared, cloud, dedicated and gaming hosting solutions.

  3. #3
    Join Date
    Dec 2007
    Indiana, USA
    It could be any number of things and without access to their systems it would be difficult to determine the issue. My advice would be to move to a new provider that would be more willing to help you discover/resolve the issue.
    Michael Denney - MDDHosting LLC
    New shared plans for 2016! Check them out!
    Highly Available Shared, Premium, Reseller, and VPS

  4. #4
    Join Date
    Oct 2002
    EU - east side
    After a thorough security check, I have determined that its not a virus on my end
    What you have determined is that there's no virus that the anti-virus recognizes. Ask for a restore, switch to a "virgin" OS (e.g. use a Linux Distro that can be run from a CD), and use that and only that when administrating anything related to your hosting account/software etc., change passwords. See if you're still getting hacked. If you're not, then there's probably something that's running on your old OS without you knowing it.

  5. #5
    Join Date
    Oct 2001
    United States
    Try to resolve the issue with them. If you have not yet, open a support ticket and see if you can escalate the ticket. It will be to your advantage if you and them can resolve the issue.

  6. #6
    From what I can tell from your request is that your Joomla install is getting hacked.

    You probably have an insecure plugin or theme installed that the script kiddie is getting in through. Have you updated your installation yet?

    It doesn't sound like to me that the problem was caused by your host, only the software configuration you are using.
    Download my eBook + Videos: Starting your own successful web hosting company.
    Learn from a web host with 7 years of experience.

  7. #7
    Join Date
    Apr 2009
    New Jersey
    I know a developer that told me that Joomla is not all that secured, and there are security loops and he also told me that plug-ins also could cause these security loop holes.

    If you are looking for a new hosting provider, look for a hosting provider that specializes in Joomla Hosting or 3rd party script hosting. That is the company that can provide additional support for such 3rd party scripts/programs. Your everyday host like Lunarpages may not specialize in Joomla Hosting therefore there support is limited to the documentation that can be found on Joomla's website.

    Also if you have not done so, I heard Joomla has a great community, may want to look for some answers there. Just a suggestion. I wish you the best of luck.

  8. #8
    Join Date
    Feb 2008
    Joomla is just as good or better than any other CMS in regards to security and the developers take an active role in the security of Joomla. The recommended server permission settings are 644 for files and 755 for directories. It is recommended to not only make sure your files and directories permissions are set properly, but to also use the latest version of Joomla (currently 1.5.14). If Lunarpages does not have you on a php 5 server or requires your domain to set permissions other than 644/755 for proper operation of your Joomla site then ask them to move your site to a server that has php 5 installed. Servers using mod_security and suExec or similar are also a good bet for any CMS. If Lunarpages will not move you to a modern server setup then find another hosting service.

    To me it sounds like either you have not cleaned the hack completely from your domain, your running lax permissions on files and directories, or your database has been compromised with one or more added super - administrator accounts from one of the attacks which they are now using against you. Restoring files on the domain, does not restore the database where Joomla keeps your sites information. You should check in the Joomla administration user listing for added administrators. Removal of the .htaccess file is just their way of making it easier to gain access to your site.

    Use of third party extensions for Joomla on your site can open security holes in Joomla and these extensions (including templates) should be kept up to date with their latest versions.

    You can also post a question or search in the Joomla security forum ( ) as there are many people well versed in Joomla who can help sort the issue out and secure your install.

  9. #9
    Thanks for all the replies.

    Have tried to work with Lunar on this, I have a chain of emails on my support ticket about 40-emails long involving about 8 different service reps. I also posted on their forum, only to be insulted by one of their regular pr people there. Today, I had high hopes when a new guy responded, he seemed to be somewhat on the ball, but he has since disappeared and I can see that he has not even logged in to my Admin panel which tells me he has done nothing. Another day lost, how much longer..

    As for the Joomla advice, I have updated to the latest Joomla release, To my surprise someone from Lunar installed PhP5 today, because I didn't. Then, I saw through JTS that in order for this to work properly Lunar needs to make my save_session path writable -- have sent them another email with of course silence and inaction so far. As for viruses, I have Avira, which is updated and scans every day, and have used Malwarebytes, which found nothing. I have gone through all my components, de-installing many that I don't use, updating some, re-installing others. And above all, restored my site to a seemingly healthy time prior to my problems beginning, and the problems came back.

    PhilD, seems to me you may be right, a hacker has entered my domain, but how to find out where and what. As for permissions, in a JTS directory permissions audit, I see that some of my image galleries are critical, and something in my Joomla Administrator called "ixed" is labeled critical, but not sure why this is so or what to do about it. As for added administrators, nothing new there. Have posted a question in Joomla...

    Finally, I know that Rochen is the webhost for the official Joomla website, so they would presumably be a good one to go to if I move on, but what is the advantage of doing something like that, would they have Joomla experts on their technical support team?? Other webhost providers especially good for Joomla besides Rochen?

  10. #10
    Join Date
    Feb 2008
    Critical in the JTS audit may mean that your permissions are to lax.

    It is good that you posted in the Joomla forum. At the top of the security forum there is a Forum Post Assistant that will help diagnose and provide needed information on your Joomla install.

    As far as a good Joomla host goes, Rochen is good and so is MediaLayer.
    I have never had any problems security or otherwise with MediaLayer.

  11. #11
    Join Date
    Oct 2007
    Well if you need a provider who is specialized with Joomla, Rochen should be your best choice.
    If I am not mistaken some of their staffs are even Joomla's staffs and developers, so you should be in good hands.
    Aspiration Hosting [US UK SG AU] - Cloud Web Hosting | Managed Cloud Server
    LiteMage / LiteSpeed Cache for Magento, WordPress, Joomla, Drupal & XenForo

    Web Development Support Unmetered Bandwidth Aspiration CDN

  12. #12
    In any case you can have accounts from the web hosting provider in one hand and doomla developers on another. And both parties will do separated tasks for you and all what you do is merging them into the one

  13. #13
    Quote Originally Posted by SiberForum View Post
    In any case you can have accounts from the web hosting provider in one hand and doomla developers on another. And both parties will do separated tasks for you and all what you do is merging them into the one
    I like the topic a lot but how can you really find a good webhosting service.

  14. #14
    Join Date
    Feb 2008
    If you look for hosts that have up to date server software installs and follow a few common practices then you should be able to fins a reasonably good host for Joomla.

    Joomla and other CMS systems have minimum and recommended requirements. Here are Joomlas requirements

    There are also server recommendations for Joomla here:
    Other CMS systems are very similar.

    At the minimum I would say php 5.2.x , mysql 4.1.x, apache 2.x+, Lightspeed also works fine as do other apache replacements.

    Make sure the service your looking at uses PHPsuExec, php_suexec or suPHP.

    Make sure the prospective host has installed and properly configured mod_security and mod_rewrite filters.

    The open_basedir should be enabled and correctly configured.

    The servers Should NOThave the PHP register_globals set to on. Php 5 defaults to off and should be left that way, and php 6 will not even have the register_globals option. Having register_globals on is a really big security hole now days.

    Stay away from any host that still runs php4 and or requires permissions settings any higher than 644 for files and 755 for directories to make a CMS or other program operate properly. All major CMS and forum software do not require anything higher than 644/755 for proper operation on properly configured servers.

    Also look for a host that tunes their servers for application hosting, as CMS systems, and forums can take a lot of resources and some of the oversellers don't like that where the better hosts that don't oversell don't mind hosting sites based on a CMS system.

    I have also heard on the Joomla forums of people having great problems (of various types) with 1&1 so I would cross that off the list. There are several other "megga" hosts that have TOS agreements or people have reported similar problems that were reported with 1&1

    Two really good hosts have been mentioned. Rochen does indeed host the Joomla sites and some Rochen people are not only active in the Joomla forums, but are also involved with development of Joomla in one way or another.

    MediaLayer is at about the same price point as Rochen, and is a very good host. Neither oversell their servers, and are up to date on the server software, answer support questions quickly, know what they are talking about, and have the servers setup securely.

    These things are all questions you can ask or find out about from the hosts on your prospective host list.

Similar Threads

  1. Webhost: Offer an alternative to Google Page Creator, with Drag Drop Site Builder
    By pfoutran in forum Other Web Hosting Related Offers
    Replies: 4
    Last Post: 02-24-2006, 07:18 PM
  2. Replies: 11
    Last Post: 09-12-2005, 05:34 PM
  3. -- Your alternative Webhost. [Shared and Reseller]
    By bhanson in forum Shared Hosting Offers
    Replies: 0
    Last Post: 08-04-2004, 01:15 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts