[ubuntu-uk] Website Hacked.....

Andy Smith andy at strugglers.net
Sun Jun 28 11:03:41 BST 2009 

Hi John,

On Sat, Jun 27, 2009 at 08:51:26PM +0100, John wrote:
> It looks like my site is gone. The host has not backed up as promised, 
> and they are just saying its gone no backup. That's all I'm getting. 
> They wont tell me what happened, they wont tell me how the hacker got 
> in, tjhey wont tell me why there is no backup. Nothing. I am feeling 
> very sick right now.

I agree with others who have said that the web applications you are
running are the most likely attack vector, and that you should make
sure they are kept up to date.

It's important that you understand how this happened, so if I were
you I would insist that the hosting company tell you whether the
damage was restricted to just you or not.  This will give you some
idea as to whether the entry point was software you are running or
via some other customer's account.

As for your backups, if you are paying for the hosting company to do
backups (even if it's included in the price) and they didn't do them
then this is very disappointing and makes the backup feature
worthless.  I see from the later posts in the thread that you seem
to have got the data back so perhaps they found their backups.

In any case, for the future, you aren't likely to get far disputing
backup failures with any hosting company so it is best to assume
responsibility yourself for this.  That may mean just checking
that backups your host does actually exist and are correct, or it
may mean doing them yourself.  2.5GiB is not a large amount of data
so there isn't really any excuse for not keeping a backup yourself.

Cheers,
Andy

-- 
http://bitfolk.com/ -- No-nonsense VPS hosting

"[Open Source is] like trying to sell human rights to China because it might
 lead to more effective business models." -- David Kastrup
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : https://lists.ubuntu.com/archives/ubuntu-uk/attachments/20090628/f0a0425f/attachment.pgp

More information about the ubuntu-uk mailing list