[olug] *nix website hosting / security question

Sam Tetherow tetherow at shwisp.net
Thu Mar 8 03:00:45 UTC 2012


There was a Plesk whole released earlier in the week as well, although 
one would think dreamhost would be on top of something like that.  Best 
bet is figure out what they are using for a website as mentioned below 
and check known vulnerabilities.  Both Drupal and Wordpress have pretty 
easy upgrade paths as long as there is not custom modules (and even then 
it probably won't be difficult unless moving major versions).

On 03/07/2012 07:38 PM, T. J. Brumfield wrote:
> Where they using a common CMS package like Wordpress, Joomla or Drupal?
>
> They're both blessings and curses. They have tons of extensions and are
> easy to get something going, but they have known security vulnerabilities
> for old versions and are frequently targeted. Just yesterday I was reading
> another story that people were compromising old Wordpress sites again to
> spread malware.
>
> http://www.networkworld.com/news/2012/030712-fake-av-attack-targets-wordpress-257030.html?hpg1=bn
>
> The lesson is to keep your install up to date.
>
> On Wed, Mar 7, 2012 at 7:35 PM, Jordan Fox<vmifox at gmail.com>  wrote:
>
>> I have a co-worker who's husband's company website (it's his company)
>> was hacked.  The hacker is continuously loading malware onto the
>> website.  She's a solaris admin, so she knows a lot about computers.
>> She's not sure if it was the website that was hacked or the provider.
>> The provider is Dreamhost.  Her husband has a contract with a company
>> called Securi (she thinks that's what it's called) to monitor and
>> remove malware from the website, but they can't keep up with the
>> hacker.
>>
>> I'm sending the email to ask if 1) anyone can provide some insight
>> into the two companies mentioned  - i.e how likely is it that it was
>> Dreamhost that was hacked and not their website (who's problem is it
>> and, therefore, who is responsible to fix it)- and 2) her and her
>> husband are looking to contract with someone to analyse their current
>> situation to provide, and possibly implement, a solution.
>>
>> These are all the details that I have.  I know there are some really
>> knowledgeable people on this list and told her I'd pass along the
>> above information / requests.  If anyone is interested in helping, let
>> me know and I'll get you in contact with them.
>>
>> Thanks,
>> Jordan
>>
>>
>> ---------------------------------------------------------------------------------
>> "Do not be anxious about anything, but in everything, by prayer and
>> petition, with thanksgiving, present your requests to God.  And the
>> peace of God, which transcends all understanding, will guard your
>> hearts and minds in Christ Jesus."  Phil 4:6-7
>>
>> "The shortest distance between a problem and a solution is the
>> distance between your knees and the floor."  Anonymous
>> _______________________________________________
>> OLUG mailing list
>> OLUG at olug.org
>> https://lists.olug.org/mailman/listinfo/olug
>>
>
>




More information about the OLUG mailing list