On Tuesday morning, I awoke to find that two of my web sites had been hacked. They had some malicious JavaScript embedded into the HTML on several pages. At first I thought it was due to a security hole in WordPress and spent the rest of the day cleaning up the mess and upgrading to WordPress 2.7.
Alas, that wasn’t the problem. Yesterday my hosting company (FatCow) posted a notice that they were reseting all FTP passwords on the main accounts for “security reasons”. That’s not the end of the world, but a hassle to be sure.
But then I found out they also reset all the password on the FTP sub-accounts (which go to individual folders). Unfortunately for me, I have a client application that connects to an FTP sub-account to check for updates and then download the updated version. As you might have guessed, the update check no longer works since the password was reset. But in addition to resetting the password they also added new password rules so I can’t even set it back to the original password!
So I now have no way to automatically push out a new update with a new password. This means the application will have to be updated by hand. If this were only one client that wouldn’t be a problem, but of course the app is used by lots of clients.
I begged and pleaded with FatCow to override this and let me go back to my original password, but they just kept saying it can’t be done.
I’m not too happy with FatCow right now. Hence this blog post.
3 Responses to “When Websites Attack!”
I am really NOT happy with FatCow! I am one of the ones who has customers that need to update!
Good luck Paul. Judy
Fatcow is trying really hard to blame this problem on somebody else. They were hacked. My index.html was changed (lots of hidden links) and a mystery php script dropped in to root (which was polled every day by some Russian IP until I deleted it) and a file called just “m” was also put in root.
AND… some friends of mine who also host with fatcow had *THE EXACT SAME SYMPTOMS*. Same crap pushed in to their index.html, same mystery “m” file.
I have contacted support to get a straight answer – nothing. I will be getting a new host soon.
@Chet: Yes, that sounds like the same stuff that was done to my two sites. FatCow did (in a live chat) admit to me that they were hit by some sort of FTP attack, but I would have appreciated more transparency on the problem.
I’m still sticking with them for now. In the 6 years I’ve been using them, this is the first major problem I’ve had.