carnavalboquense.com.ar Posted December 2, 2012 Share Posted December 2, 2012 User: cbHeliohost Server: StevieDomain: http://www.carnavalboquense.com.ar IN ENGLISH:I recently suspended the account for 3 Malware. Last week I was suspended again by another malware. And now it seems to be the same. I pray that I resume the account to fix the problem. We analyzed the site several times but I can not help you hack me. Can anyone give me a definitive solution?Thank you very much. IN SPANISH:Hace poco me suspendieron la cuenta por 3 Malware. La semana pasada me la suspendieron de nuevo por otro malware. Y ahora parece que es lo mismo. Pido que me reanuden la cuenta para solucionar el problema. Ya analicé el sitio varias veces pero no puedo evitar que me hackeen. ¿Alguien puede darme una solución definitiva?Muchas gracias. HelioHost Account Suspended Ahoy! You're seeing this page because we, HelioHost, have been forced to suspend this site. This may be because:The account was taking up too many system resources.Because HelioHost is a free webhost, we have many accounts on our servers. If one account is using too many resources it slows down the server for everyone. Therefore, we are careful to suspend any account that is using more than its fair share of CPU cycles and memory. Note that more often than not, a HelioHost account's overuse is caused by running cron scripts too often. Other causes include running resource-intensive scripts, such as proxy software.The account has become inactive.If the control panel of a HelioHost-hosted website is not accessed for a period of one month, the account is declared abandoned. If you are the webmaster of the site, you can visit this page to reactivate your site.The webmaster broke the Terms of ServiceThe Terms of Service is a list of rules which the webmaster agrees to follow when signing up for an account. This list disallows, among other things, the use of this account to host pirated material, pornography, or illegal activities of any kind as defined by the State of Washington and the United States of America.If you believe this account has been suspended in error you are welcome to create a thread in the support section of our forums, HelioNet.Sorry for any inconvenience this may have caused you,The HelioHost Staff Link to comment Share on other sites More sharing options...
Ice IT Support Posted December 4, 2012 Share Posted December 4, 2012 Do not unsuspend.I'm sorry, I cannot unsuspend your account. Link to comment Share on other sites More sharing options...
carnavalboquense.com.ar Posted December 4, 2012 Author Share Posted December 4, 2012 I'm afraid I don't understand your reply. I only requested to have my account back so I can recover the contents of my website and clean it of any attacks. This has happened a couple of times in the last months and I was able to fix the problems and have my account active again. Still, I would appreciate your help to determine how my website is being hacked so I can set up a permanent solution. I have tried fixing errors, removing unnecesary contents, upgrading my CMS and its components and scanning the whole website for potential problems, but the problems never seem to stop. If you are unable to give me a hand with my website or host it any longer, please at least give me temporary access so I can backup all the latest content. Thank you very much. Link to comment Share on other sites More sharing options...
Krydos Posted December 4, 2012 Share Posted December 4, 2012 Unfortunately we cannot provide you access to your account, nor will you be able to receive any backups of your old data. I personally believe that it wasn't you that was engaged in this illegal activity, however you, as owner of this account, are responsible for anything that the account does, and in this case there is no second chance. My advice would be to start over from scratch to make sure your site is clean and free from hackers from the beginning, because if you just keep using the same backups with the same vulnerabilities the same thing is just going to keep happening to you. Link to comment Share on other sites More sharing options...
carnavalboquense.com.ar Posted December 5, 2012 Author Share Posted December 5, 2012 I understand your policy but I find it extremely unfair that you refuse to give me back my own data. I can accept that you refuse to reactivate my account but I need to recover my own contents. Unfortunately, my website does not contain only static content (which I could reproduce) but also many user commentaries which will be completely lost, since I don't back up my website everyday. At least, I request a copy of my database in a zip file so I can recover it in a new server. If you truly believe I did not provoke these illegal activities (as you said), then you will understand the reason for my request. Additionally, I would appreciate that you give me some hints as to what is exactly going on with my site since, as I told you before, I tried everything within reach to avoid attacks but it is now clear that it wasn't enough. What kind of activities do you detect? How do you detect them? I would like to be able to recognize these kind of activities myself in the future since my attempts haven't been very effective. Thank you. Link to comment Share on other sites More sharing options...
Shinryuu Posted December 5, 2012 Share Posted December 5, 2012 If you really only have static pages my guess is you're storing them in your db and the db connections you create aren't doing much to hinder SQL Injection. Your guest book, the commenting system you use, may be vulnerable to SQL injection or XSS as well. These are just wild guesses but from the site redirection and index defacement you talked about in an old post they're what i'm betting my money on. Link to comment Share on other sites More sharing options...
Recommended Posts