fsps Posted July 23, 2013 Share Posted July 23, 2013 Heliohost username: fldstnServer: stevieMain domain: fsdemo.heliohost.org Suspended for inactivity, surely. The service works so wonderfully, I don't have to log in to change much! Sorry, and thanks for your help. Link to comment Share on other sites More sharing options...
Byron Posted July 23, 2013 Share Posted July 23, 2013 It says suspended for: Malware. 1 file(s). HTML.Exploit.CVE_2013_0026 What can you tell me about this file? Link to comment Share on other sites More sharing options...
fsps Posted July 23, 2013 Author Share Posted July 23, 2013 Holy cow, I've never seen that file. What does that file do? How could it have gotten in my account?? Are there some security holes I need to fix? Link to comment Share on other sites More sharing options...
Byron Posted July 23, 2013 Share Posted July 23, 2013 Well if you didn't put it there than you might want to change your password. I've unsuspended your account. Please delete that file. Link to comment Share on other sites More sharing options...
Byron Posted July 23, 2013 Share Posted July 23, 2013 Your account has been manually unsuspended. If you still see the suspended page then you should try clearing your browsers cache. -- Please spare a few minutes to take our brief survey: http://feedback.heliohost.org/ Your participation in this survey is greatly appreciated. Link to comment Share on other sites More sharing options...
fsps Posted July 23, 2013 Author Share Posted July 23, 2013 Thank you for unsuspending my account. I ran a search in the File Manager to find and delete that file, but it came back with "No records found". I started at the home directory (/home/fldstn) and selected the search for "All Your Files". Where is this thing? Link to comment Share on other sites More sharing options...
Byron Posted July 23, 2013 Share Posted July 23, 2013 I'm not the admin. who suspended the account so I don't know. I'll escalate this so Krydos can respond. Link to comment Share on other sites More sharing options...
Byron Posted July 23, 2013 Share Posted July 23, 2013 This support request is being escalated to our root admin. Link to comment Share on other sites More sharing options...
Krydos Posted July 23, 2013 Share Posted July 23, 2013 @byron, to save time you can just use the multimod labeled "Malware Found", and copy paste the "Malware. 1 file(s). HTML.Exploit.CVE_2013_0026" part into the blank provided. @fsps, your account is showing up as clean now. Thank you for taking care of this. Link to comment Share on other sites More sharing options...
Byron Posted July 23, 2013 Share Posted July 23, 2013 Okay thanks Krydos. It's been awhile since I've posted regular and I didn't realize that had been added to the multimod. Link to comment Share on other sites More sharing options...
fsps Posted July 23, 2013 Author Share Posted July 23, 2013 Okay, thanks guys. Is there anything I can do to prevent something like this getting on my account again?? Link to comment Share on other sites More sharing options...
Ice IT Support Posted July 23, 2013 Share Posted July 23, 2013 As Byron suggested earlier, you should probably change your password. Make sure any Wordpress installations are up-to-date and any plugins come from legitimate sources and are also up-to-date. This applies to any web software. These two issues are the biggest cause of unauthorized account access on HelioHost. Link to comment Share on other sites More sharing options...
Recommended Posts