Hosting Suspended, Server Blacklisted

Today I woke up to a rather unpleasant surprise - my hosting account with A Small Orange hosting had been suspended. This means that all of my websites (50+) were all offline - the result of this was a flood of user emails and instant messages, as well as a loss in revenue.

Now, as you can image, I was very surprise. I pay my hosting monthly and the day I receive the invoice, and I don’t host any pornography, warez, or proxies and I’ve broken no copyright laws. Fortunately my host is known for it’s quick support, so I immediately emailed my host to find how what was going on.

Their response:

You are hosting a spam script in your site.com (url removed) addon domain.
/home/username/public_html

/site/vbgsitemap/files/mass.php

This script (uploaded on June 21st) was sending spam and caused this server to be listed in several public blacklists.

 

This came as a surprise to me because I don’t send spam. No really, I don’t. I replied immediately proclaiming my innocence and suggesting it was a vulnerability in the script. Sure enough, I find out that there is an exploit in the vbgsitemap hack for vbulletin. Apparently this has been know (see this thread on vbulletin.org.)

My mistake:

Not staying updated on potential exploits.

My problem with my host:

1) Their assumption that I was a spammer. I mean, all someone had to do was look at virtually any of my sites to see that only a fool would risk the loss of all their sites by sending SPAM. Furthermore, all they had to do was google vbgsitemap exploit or even vbgsitemap to see several results for the exploit. Why wouldn’t they take the time to check? vbgsitemap was the name of the directory the malicious file was located in.

2) They didn’t notify me. This makes me the angriest of all. What kind of host suspends an account of it’s users and doesn’t contact them?

3) They changed the priority of my support ticket from urgent to low almost immediately. If this situation wasn’t an urgent issue regarding hosting, I don’t know what is.

My host, A Small Orange, didn’t give me much information on the server being blacklisted, but I can only hope it isn’t too bad. They did say it was listed on several public blacklists. The spam-sending file was active for about 19 days, so that’s enough time to do a good amount of damage. If this wasn’t my account, I’d think it hilarious. Heh.

I really hope next time something like this happens, if it does, that my host will not automatically assume I’m the cause. Or, at the very least, they’ll notify me.

That hurts guys, that really hurts.

July 9, 2007 | Under Hosting |  

Subscribe to more posts by the Mad Hatter

Comments

Leave A Reply

You must be logged in to post a comment.