[Verdebinario] Forum Utopie Spammatissimo (G.d.A. Hosting)

Emiliano Russo emiliano a verdebinario.org
Mar 15 Ott 2013 07:23:10 UTC

Messaggio precedente: [Verdebinario] Forum Utopie Spammatissimo (G.d.A. Hosting)
Prossimo messaggio: [Verdebinario] Forum Utopie Spammatissimo (G.d.A. Hosting)
Messaggi ordinati per: [ Data ] [ Thread ] [ Oggetto ] [ Autore ]

On 12/10/2013 15:36, Giuseppe De Marco wrote:

> Emì l'ho telefonato,

per chi vede/sente stefano.

il sito di utopie sorridenti e' stato bucato da ignoti e disattivato 
dallo staff di webfaction.

potra' essere riattivato dopo che le pagine compromesse saranno state 
ripulite dal codice malevolo e l'applicativo web sara' stato messo in 
sicurezza (es. aggiornandolo). ma non prima, pena la sospensione di 
tutto l'account di verdebinario (e di conseguenza di tutti i siti del 
gruppo d'acquisto)

di seguito il messaggio che ho ricevuto.



-------- Original Message --------
Subject: [#WVZ-913716]: WebFaction: your account has been compromised
Date: Mon, 14 Oct 2013 19:01:28 +0000
From: Sean F <support at webfaction>


Dear customer,

I'm sorry to inform you that your WebFaction account has been 
compromised and that we have disabled the affected site.

Account: verdebinario
Server: web218
Applications:
Affected sites: www_utopiesorridenti_com

http://www.utopiesorridenti.com/vecchio_sito/foto/24apr2010/album/index.html

We discovered this while investigating a complaint of malware at the 
above URL.

We found multiple suspicious iframe redirects in
/home/verdebinario/webapps/www_utopiesorridenti_com/vecchio_sito/foto/24apr2010/album/index.html

At that point, we disabled access to that file by setting its 
permissions to 000.

As a WebFaction customer it is your responsibility to keep your 
applications secure to prevent hackers from compromising your account.

This includes making sure that the version of the tools you are using 
don't have any known vulnerabilities (otherwise you have to upgrade or 
patch them) and making sure that your applications don't allow anybody 
to upload files to your account and then execute them.

For popular tools such as WordPress we have documentation on how to 
upgrade your application to keep it secure (see 
http://docs.webfaction.com/software/wordpress.html#upgrading-wordpress) 
but for other tools you will have to check the documentation on the 
tool's website.

Please let us know what you plan on doing to secure your applications 
within 48 hours.

Also, please note that compromised sites can affect the stability of 
your  shared server, which can disrupt service for the other customers 
on the server. For this reason, if you re-enable your site and take no 
action to  correct this issue, we may be forced to disable your hosting 
account.

Please let us know if you have any questions.

Regards,

Sean F.
Support Manager
--
WebFaction - Smarter web hosting
http://webfaction.com
http://twitter.com/webfaction - http://facebook.com/webfaction

Messaggio precedente: [Verdebinario] Forum Utopie Spammatissimo (G.d.A. Hosting)
Prossimo messaggio: [Verdebinario] Forum Utopie Spammatissimo (G.d.A. Hosting)
Messaggi ordinati per: [ Data ] [ Thread ] [ Oggetto ] [ Autore ]

Maggiori informazioni sulla lista Verdebinario