Brand New Fully Managed Server Hacked

[Molly]

Its not even a month we have purchased a Fully managed server and is hacked. Ticket: #13469117.

[gohighvoltage]

Hi Molly, There are many factors that can cause a server to be hacked. What software/scripts are you running on the server?

You must use very hard and difficult passwords for root and cpanels, as well as your scripts.


99% of the time, server hacks are due to scripts having security vulnerabilities. IE: Joomla, etc

[the_ancient]

Fully Managed does not mean "Hack Proof" no server is Hack proof in the first place...

Personally I have been Debating if I want to keep my VPS or just go with a Reseller account because I am tired of all the crap that goes with a VPS.

If JPC offered Reseller Servers with Interworx on them it would be a no brainier, only my despise of cPanel keeps me in a VPS, but my lazyness is starting to win....

[gohighvoltage]

Fully Managed does not mean "Hack Proof" no server is Hack proof in the first place...

Personally I have been Debating if I want to keep my VPS or just go with a Reseller account because I am tired of all the crap that goes with a VPS.

If JPC offered Reseller Servers with Interworx on them it would be a no brainier, only my despise of cPanel keeps me in a VPS, but my lazyness is starting to win....

Aghh, Very good points Ancient. I have a VPS, and have things pretty secure, but nothing is 100% as you point out. Most times it is user passwords too easy, or scripts that cause hacking.

I am actually looking forward to going with a Hybrid. (for performance)

[Molly]

Nothing much has changed since I transferred my account and my password is also strong. My sites are resolving fine only the webmail has been hacked. Could you advise me how do I get this fixed or just wait for the JPC staff members to fix this. I'll get to learn if I do it my self.

[Ron]

Molly,

I'm very sorry you are having to deal with this issue. Good luck getting it sorted out.

[Molly]

Thanks to Anoop, he was prompt in getting it sorted for me.

[gohighvoltage]

What ended up being the problem?

[Molly]

Hi

@JPC can I have someone work on my ticket #13469117

@gohighvoltage my contact form was exploited to run commands on server.

Thanks.

[JPC-Sabrina]

Hi Molly,
Your ticket is in the queue and will be handled as soon as possible. Thank you for you patience.

[the_ancient]

Hi

@JPC can I have someone work on my ticket #13469117

@gohighvoltage my contact form was exploited to run commands on server.

Thanks.

Custom Form, or a Formmail Clone?

[Bell thorpe]

Hi

my contact form was exploited to run commands on server.

So you're running bad code? That's not JPC's fault, and I can't see why you're asking them to fix it.

[JPC-JamesG]

Hi Molly,
I see your ticket is being worked on and a member of our team will get back to you. I am sorry that it is taking a while.

Bell, I would ask you politley to show a little respect and think before posting. You do not know the full nature of a client's ticket and any underlying issues that may have occured. While I know you mean well, please let JaguarPC decide if a ticket is something we are going to assist with. We want everyone to come to our very experienced team for whatever reason they see fit and it is just this kind of response that would make me think twice about submitting a ticket for an issue.

Please show a little restraint in the future and consideration to our other clients and orum members. Thank you.

[JPC-Sabrina]

Does anyone have any suggestions about how to avoid exploitation on contact forms?

[the_ancient]

Does anyone have any suggestions about how to avoid exploitation on contact forms?

That is a little too generic for a good response.

What Programming Lang? What underlying Base?

Contact forms are no more or less secure than any other Web Form, There are just ALOT of TERRIBLE plugin, apps and other "contact form" widget out there that do not practice any form of good security standards.

Simple things like Input Validation, are often ignored