arrow_upward

Pages (2):
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
VPS 5 - Change of Sponsor Name - VPS 5 Holders PLEASE READ!
#11
(05-23-2019, 10:32 AM)rudra Wrote: "Our whole node has been shifted too from Hostlease to another network due to multiple times our data was breached."

Thanks for the info and congratulations on the changes. I would like to know more about the data breach part, if possible to disclose. Like what kind of breach, how did you discover and what makes you think it won't happen at the new provider?

I am always very curious about data breach at the physical server location and by the providers.

The data breach happened because of unknown reasons. Phishing pages, all similar(Adobe and MS Office login pages) were uploaded multiple times in all my client's cPanel account and was used. I thought it was because of the client's side weak pass password issue as my client is well-reputed ex-cyber security analyst. And, he was paid one.

A few months later, the same phishing page, was uploaded in my other client's account. Strange? But the same?! This happened multiple times and both paid and free were included in this. I'd say this as "breach" that either happened from Shadow Hosting's end due to some missing extension or something because of Hostlease(we had to do compromises multiple times because of missing PHP extensions, port issues, and etc).

This also one of my website(personal) getting defaced by a Pakistani hacker "Hunter Bajwa" earlier this month. There might be some vulnerability on my website, right? Well, I don't think so. Because all that particular cPanel account had was a WordPress installation, 1 MySQL Database, Jetpack plugin, Akismet Plugin, and few popular plugins... I don't think so that these plugins hold any vulnerability that can cause my website getting hacked. But what shocked me the most is that there was another phishing page uploaded on that website. So I became pretty much confirmed that there is a breach from Hostlease's end because that cPanel account wasn't either linked with WHMCS(mostly my personal websites are linked as a client in whmcs).

So a total of 5-6 unknown phishing pages were uploaded in directories which were never made by me nor my even after taking multiple security measures after first 2 were reported. And one website getting defaced and phishing page uploaded in the directory.

And finally, I lost my months of subscription money(I paid for a whole year but it was suspended before even 6 months was completed) because the refund was not liable if terms of service agreement were breached(I was accused so).

But now as I have moved to a new node, there has been no issue so far. I run a monthly check on accounts to see if there is any suspicious file uploaded which breaches Shadow Hosting's or my upstream provider's hosting terms of service agreement.
Premium Web Hosting | ShadowCrypt | Manal Shaikh Official Website
If you find my post/thread useful, you're supposed to +rep me. 
#12
(05-24-2019, 12:54 PM)Manal Wrote: The data breach happened because of unknown reasons. Phishing pages, all similar(Adobe and MS Office login pages) were uploaded multiple times in all my client's cPanel account and was used. I thought it was because of the client's side weak pass password issue as my client is well-reputed ex-cyber security analyst. And, he was paid one.

A few months later, the same phishing page, was uploaded in my other client's account. Strange? But the same?! This happened multiple times and both paid and free were included in this. I'd say this as "breach" that either happened from Shadow Hosting's end due to some missing extension or something because of Hostlease(we had to do compromises multiple times because of missing PHP extensions, port issues, and etc).

This also one of my website(personal) getting defaced by a Pakistani hacker "Hunter Bajwa" earlier this month. There might be some vulnerability on my website, right? Well, I don't think so. Because all that particular cPanel account had was a WordPress installation, 1 MySQL Database, Jetpack plugin, Akismet Plugin, and few popular plugins... I don't think so that these plugins hold any vulnerability that can cause my website getting hacked. But what shocked me the most is that there was another phishing page uploaded on that website. So I became pretty much confirmed that there is a breach from Hostlease's end because that cPanel account wasn't either linked with WHMCS(mostly my personal websites are linked as a client in whmcs).

So a total of 5-6 unknown phishing pages were uploaded in directories which were never made by me nor my even after taking multiple security measures after first 2 were reported. And one website getting defaced and phishing page uploaded in the directory.

And finally, I lost my months of subscription money(I paid for a whole year but it was suspended before even 6 months was completed) because the refund was not liable if terms of service agreement were breached(I was accused so).

Yes, when abuse is made is a refund not longer in place or after 14 days after purchase a product at us. The Reseller (Main user of that accounts) is the one who take care of their user, not us (me or my staff members, only if I or my staff, nor we are we must suspend the specific websites where suspicious files are being uploaded. We got also a fine from OVH about this, so our suspension was very needed.

But now as I have moved to a new node, there has been no issue so far. I run a monthly check on accounts to see if there is any suspicious file uploaded which breaches Shadow Hosting's or my upstream provider's hosting terms of service agreement.
[/quote]

I also no longer allow the provision of Free Hosting because the abuse is highly sought after by hosting providers, when OVH sent me the notifications I also carried out my security update on our system, but although the hackers failed to security breakthrough, so it certainly can't be my security system. As a provider we are not liable for damage / suspension / personal injury. I hope that @Manal can grow better with its new providers, I think it is a shame that this unfortunately had to happen, yet again, @Manal is a very good guy.
#13
the domain is much easier and familiar to user and it is same as the name of the sponsor so it can make recognizeability better
the change for the holder including me is just the panel website and it is good that they inform about the change
Terminal
humanpuff69@FPAX:~$ Thanks To Shadow Hosting And Post4VPS for VPS 5
#14
thanks @tiwil
I thought Manal was only getting free vps users from around here and I didn't expect any of us old timers here giving him any hard time in that . From that angle, where did the abuse reports come from ? I mean what kind of actions prompted those ? Just wondering.

EDIT. THANKS GUYS. I got my answer from the previous posts.

This is a shame that Manal lost the subscription money. I was of the opinion that his was just a 2-3 months affair that was soon going to fold with him declaring bankruptcy or something and calling quits. But he seems to be growing well. A very capable and good guy indeed. Best wishes @Manal
Sincere Thanks to VirMach for my VPS9. Also many thanks to Shadow Hosting and cubedata for the experiences I had with their VPSs.
#15
Well, there's back and forth going between Manal and F7N, As I see it I don't who's at fault and now since they separated you guys should make up and wish each other best luck on their journey instead of going back forth like that. Professionals keep uptight atitude.
No one knows what the future holds, that's why its potential is infinite
#16
Thank you for every one's comments. I think at this point we should close this thread. We have every confidence in both our sponsors and wish you everything of the best. VPS 5 is one of our top VPSs. Manal is one of our quality sponsors here both in terms of quality of the VPSs but also quality support by Manal and looking after the security of the VPSs with a razor sharp eye. Thanks for letting us know about the changes timeously @Manal.
Terminal
Thank you to Post4VPS and VirMach for my awesome VPS 9!  
Pages (2):
lockThread Closed 



person_pin_circle Users browsing this thread: 2 Guest(s)
Sponsors: VirMach - Host4Fun - CubeData - Evolution-Host - HostDare - Hyper Expert - Shadow Hosting - Bladenode - Hostlease - RackNerd - ReadyDedis - Limitless Hosting