About Recent Website Hackings
Hosting Companies Under Attack
We Do Malware removal and Website Security
It appears, but not publicly confirmed, that EIG Subsidiaries servers have been attacked and seriously compromised.
These include the major hosting companies, unfortunately even the ones that we have personally recommended in the past.
We have the information confirmed by our contacts at the various companies. When their server gets hacked, be assured your website will be hacked.
This did not happen due to negligence. Lets just say it is a global effort to take down websites that affect people in certain parts of the world.
Although this is a 6 month old article, you can get the idea.
5 Biggest Hosting Companies hacked by Syrian Electronic Army http://thehackernews.com/2015/03/website-hosting-services.html
We have recommended our Sitesassure Firewall to all our clients. While the clients that made the purchase have not been hacked, those of you who rolled the dice are suffering with self replicating Malware that is near impossible to detect and remove.
In many cases the websites needed to be rebuilt from scratch and the website moved to a new hosting account.
I IMPLORE YOU ALL TO MAKE REGULAR AND FREQUENT BACKUPS. Akeeba now works for both wordpress and joomla. Don't rely on the server backups.
Sitesassure.com and 911websiterepair.com has now installed more robust server scanning software to detect the malware infections.
The software scans much deaper than a web based scanner and only works on our servers.
Remote web based scanners such as Sucuri and Quterra are not detecting the infections and report the site is clean when it is not.
This is because the malware scripts appear in core files as legitimate code, complete with documentation as if these are normal functions.
Because of the overwhelming number of sites being hacked, the free scanners are often not available for scanning.
Our new process is to move a hacked website to our server for our deep server scanner. Clean and scan, Clean and Scan.
Then we will move and replace the infected website on your server. But before that, you need to purchase the firewall. If we replace the site on your server with no protection, it will just be hacked again.
If the site becomes hacked again then we know the server that hosts the site is infected. At this point we recommend a non-EIG hosting company that is not affected by the hackers. We will assist in that move. If you move to a new hosting company, it is most important that they do not move your cpanel to the new server. If you do so, you will still have the same issue. You dont want to move an infected cpanel to a new server.
You need a clean install of cpanel and a manual move of the website.
We will install the firewall on the new server if you have a subscription before the site is moved.
Again, do not move the cpanel. Move the website only. We know how to verify that it is moved correctly.
FOR ALL CURRENT SITESASSURE CUSTOMERS
The firewall is activated by codes hidden in several core files. If you upgrade or rebuild your website, the core files may be over written.
Please open a ticket on the sitesassure website to have us replace the codes. To access our ticket system, log into your sitesassure account
and submit a support ticket.
Also, if you move your website to another server or hosting company, please let us know so we can move the fireware for you. We want to make sure your protected.