Shared AliBabaHost.com (Use promo OFF20 to get 20% off)

[Sandino]

Well changing everyones themes would not be a problem would it.
IF whm is screwed they going to have some problems, then its all via ssh and rebuilding it :/

Can anyone get ftp files? if you know the db info, you could use a mysql dumper..

i doubt anything is screwed, they probably just don't know how to fix it.
if the hackers were smart (which i doubt) they would have deleted all the themes including cpanel + change ssh port,and completely lock them out of the server, or delete everything!
But they weren't , i bet you they just deleted the main site, put up little hack indexes, and changed the index to cpanel (easy).

can someone check my theory about just going to phpmyadmin directly ?

thanks =)

(also even if whm is screwed, a good fixscripts, or even cpanel update (say from release to current) would fix it all, reinstalls everything

 

[BounceR]

Alibaba is Good but they don't have much Security.
speed-9
security-0

what to do with speed if they don't have security.

 

[zenmaster]

tried it sandino, same shit

 

[Sandino]

tried it sandino, same shit

Ah then it was the theme they just changed =P

thanks for trying.

 

[vin]

Fisrt of all, sorry to hear AliBabaHost.com got hacked, i hosted my site with them.

I'm sure they are working hard to fix the problem.

I'm using wordpress and my site is up and running.

What i did is, i log to my Ftp and i edit index.php

Before:

<html><head>
<title>Hacked By Required</title>
<meta http-equiv="content-type" content="text/html; charset=windows-1254">
<meta http-equiv="content-type" content="text/html; charset=windows-1254">
<meta http-equiv="content-language" content="TR">
</head><body bgcolor="#000000">


<p align="center">
<img src="http://img10.imageshack.us/img10/9959/hackedreq.png"></p>
<p align="center"><font face="Verdana"><font color="#dcdcdc">hacked by</font></font>
</p><p align="center"><img src="http://img193.imageshack.us/img193/5562/pentoolz.png"></p>
<div align="center">
  <pre><p align="center"><font size="6" color="#ff0000" face="Verdana">Required & Heart_Hunter</font>

<font color="#dcdcdc" face="Verdana"></font>

<font color="#dcdcdc" face="Verdana">Linux tigger.alibabahost.com 2.6.18-164.6.1.el5PAE #1 SMP Tue Nov 3 16:55:59 EST 2009 i686 i686 i386 GNU/Linux</font>

<font color="#dcdcdc" face="Verdana"></font>
</p></pre>
  <div align="center">
<p align="center"><font color="#dcdcdc" face="Verdana">2010 @ Linux King. (H)</font></p></div>
</div>
</body></html>

After:

<?php
/**
 * Front to the WordPress application. This file doesn't do anything, but loads
 * wp-blog-header.php which does and tells WordPress to load the theme.
 *
 * @package WordPress
 */

/**
 * Tells WordPress to load the WordPress theme and output it.
 *
 * @var bool
 */
define('WP_USE_THEMES', true);

/** Loads the WordPress Environment and Template */
require('./wp-blog-header.php');
?>

and i also Change wp admin index.

Hope this info will help to other webmaster.

I'm happy with this company is great and no downtime uptime is 100%, cpannel is fast and site loads fast

Kind regards
vin

 

[Grinder]

But they weren't , i bet you they just deleted the main site, put up little hack indexes, and changed the index to cpanel (easy).

can someone check my theory about just going to phpmyadmin directly ?

thanks =)

You are correct, they only changed all the indexes.
First thing I did when I saw they where hacked was login via ftp client and see if there where some file edits.
Just restored all the indexes and everything worked fine again.

 

[zenmaster]

we got locked out of ftp now before we could fix everything..can anyone else get in ftp?

 

[Sandino]

That really sucks.
I applaud some of you that are staying with them, i would have just left their hosting and kept emailing them until they responded. And tried to get some sort of refund =/
Have you guys even heard from them? Emails, tickets, anything?
Anyways, Good luck to all of you!

 

[Sandino]

ahaha. i just found out they use
wysiwygwebbuilder.com

i bet you they had a nulled one and got hacked that way.

=/ or just were totally unsecure. who knows. noone from their site has even shown up here on WJ to say anything lately!

 

[zenmaster]

ya we finally got a mail reply..sayin they were busy and they may get to us later..lol

 

[Sandino]

Wow that sucks =/
so much for their "backup" server they supposedly had.

 

[xxenragedxx]

we got locked out of ftp now before we could fix everything..can anyone else get in ftp?

i am ftp-ing successfully

Edit:
i am looking for a alternative webhosting company asap.
so should all the current alibabahost customers.

 

[Kruno]

Yet another kiddie host rm'd. It was only a matter of time.

 

[zenmaster]

thanks for the info man..

 

[Raven Faust]

they are fixing the issues as we speak, they have alot of clients so it wil take some time. As for your sites index.php/html you have to fix those yourself.. Sorry guys :\ its not that hard tho, the only thing they are going to fix is the Cpannel/Ftp issues.

Enjoy!

 

[Sandino]

As i said, so much for their "backup" service they had.
If it's not that "hard" they should do it themselves (the host) =/

 

[Mac]

How can they fix it when they don't have the files? -.-

Just upload vB's/IPB's/WP's etc index again and everything's "ok"

PS. switch hosts.

 

[Sandino]

How can they fix it when they don't have the files? -.-

Just upload vB's/IPB's/WP's etc index again and everything's "ok"

PS. switch hosts.

Well they said they supposedly had backups.
So how hard is it to just upload those files lol.

And no its not "okay" b/c how do you know these supposed "hackers" didn't edit other things or leave a backdoor?
if i were these people i would reupload all my files.

 

[kamrul]

now how can i take backup from ftp access.?

 

[Sandino]

connect to FTP and just download all the files.

but you will be missing MySQL files.