Leaving PowWeb Over Malware Attack

Malware is evilApparently my site, as well as 30,000 other WordPress sites, became a victim of some type or malware or virus. For around 24 hours this site, and every other site I hosted on this PowWeb account, was totally shut down.

How this attack happened, I’m not really sure. My host insists it was an FTP attack which would also mean it wasn’t a WordPress vulnerability, so take me off that list of 30,000 sites.

However, my host refuses to tell me how it happened, when it happened, all files/directories affected and how they plan to prevent this from happening in the future. My username and password for my FTP server are secure, I almost never log into my FTP server and have not used any of the notorious leaky FTP clients.

So it’s after several months of downtime induced by high traffic to my site, and this latest hack, that I have decided to once and for all, leave PowWeb for greener pastures. I am currently looking at Media Temple and LiquidWeb as replacement hosts. They both seem to be far superior, if not at least far more expensive.

I am also planning to write an article on how I secure my WordPress sites. Even though this one was apparently hacked, it wasn’t because of the numerous WordPress security holes, it seems it was the holes in my host’s security. Somehow I managed to not be one of the thousands of WordPress blogs hacked this week! So there is an upside huh?

27 thoughts on “Leaving PowWeb Over Malware Attack

  1. @justex07 Let me know where you land. I need to move my hosting – I think I’ve outgrown “economy” hosts and need something faster/reliable.

  2. @justex07 Let me know where you land. I need to move my hosting – I think I’ve outgrown “economy” hosts and need something faster/reliable.

  3. @justex07 Also, I tried to post a comment on your blog post but it wouldn’t let me sign in… and when I clicked “post as” it just biffed.

  4. @justex07 Also, I tried to post a comment on your blog post but it wouldn’t let me sign in… and when I clicked “post as” it just biffed.

  5. @justex07 I was trying to sign into a Livefyre account that I created the one time I posted a comment. I click “sign in” and nothing happens

  6. @justex07 I was trying to sign into a Livefyre account that I created the one time I posted a comment. I click “sign in” and nothing happens

  7. @richmackey I got your comment through Twitter. I always use Twitter to log into @LiveFyre but I’m sure they’ll be eager to check this out.

  8. @richmackey I got your comment through Twitter. I always use Twitter to log into @LiveFyre but I’m sure they’ll be eager to check this out.

  9. @justex07 Glad the comment went through anyway. After I couldn’t sign in i checked “twitter” and hit “post comment as”

  10. @justex07 Glad the comment went through anyway. After I couldn’t sign in i checked “twitter” and hit “post comment as”

  11. I’ve got about 15 different current clients (and my own sites) on 4 different servers, all of varying degrees of security and WP versions.  ALL of them got smacked up with this latest “redirect code hack” and the only common thing I can find is that they’re all Apache servers.
     
    Until the web hosts come clean with a vulnerability (presuming they find it, of course) we’ll never know what to fix or where to go that has it fixed.  Until then, I’m just changing passwords and running “cleaner scripts” that I wrote.
     
    Good luck to you mate.

  12. I’ve got about 15 different current clients (and my own sites) on 4 different servers, all of varying degrees of security and WP versions.  ALL of them got smacked up with this latest “redirect code hack” and the only common thing I can find is that they’re all Apache servers.
     
    Until the web hosts come clean with a vulnerability (presuming they find it, of course) we’ll never know what to fix or where to go that has it fixed.  Until then, I’m just changing passwords and running “cleaner scripts” that I wrote.
     
    Good luck to you mate.

  13. @justex07 I don’t know your numbers, but a lot of our high-traffic clients are with DreamHost or Rackspace.

  14. @justex07 I don’t know your numbers, but a lot of our high-traffic clients are with DreamHost or Rackspace.

  15. @JessicaThinkies I was on Dreamhost in 2005 but left, wish I could remember why…

  16. @JessicaThinkies I was on Dreamhost in 2005 but left, wish I could remember why…

  17. @justex07 hosting sometimes feels like choosing a cable provider. They all have their “mehs.”

  18. @justex07 hosting sometimes feels like choosing a cable provider. They all have their “mehs.”

  19. @JessicaThinkies totally. I’ve been looking at @liquidweb and @mediatemple for a while now. Gotta bite the bullet soon.

  20. @JessicaThinkies totally. I’ve been looking at @liquidweb and @mediatemple for a while now. Gotta bite the bullet soon.

  21.  @juddexley Thanks. Still having issues with my host, this time not with a hack but with a database being deleted on their end. Ugh.

Leave a Reply

Your email address will not be published. Required fields are marked *