Web Hosting Forum | Lunarpages
News: October 6, 2008 - Submit Your Site for the October 2008 Site of the Month!
 
Home Help Search Calendar Login Register
*
Welcome, Guest. Please login or register.
Did you miss your activation email? 		October 11, 2008, 05:44:20 PM


Login with username, password and session length


Web Hosting Forum | Lunarpages > Lunarpages Web Hosting - Online Help Desk > Lunarpages - Webhosting Help > Security Issue with Multiple Hosting Accounts (8/28/2007 - 9/14/2007)
Pages: 1 ... 5 6 [7]   Go Down
« previous next »
  Print  
Author Topic: Security Issue with Multiple Hosting Accounts (8/28/2007 - 9/14/2007)  (Read 4472 times)
John B
Trekkie
**
Offline Offline

Posts: 15
« Reply #90 on: September 26, 2007, 09:18:45 AM »
Quote from: Mitch on September 26, 2007, 09:14:17 AM
John B - please e-mail support@lunarpages.com if you are still needing official support from Lunarpages on this issue.  Due to security issues this isn't something we'll be able to help you with one on one unless you have a help desk ticket.  Thanks!
I have opened up a support ticket, too.  thanks
Logged
support3.com & itsiest.com!
Stop asking me for my account!
WayneSallee
is here to search for clues, question everyone and investigate the the disappearance of the
Galactic Royalty
*****
Offline Offline

Posts: 450


WWW
« Reply #91 on: September 26, 2007, 09:21:26 AM »
Quote from: John B on September 26, 2007, 09:18:45 AM
Quote from: Mitch on September 26, 2007, 09:14:17 AM
John B - please e-mail support@lunarpages.com if you are still needing official support from Lunarpages on this issue.  Due to security issues this isn't something we'll be able to help you with one on one unless you have a help desk ticket.  Thanks!
I have opened up a support ticket, too.  thanks



Did you download the log file?

Wayne Sallee
Wayne@WayneSallee.com
Logged
WayneSallee
is here to search for clues, question everyone and investigate the the disappearance of the
Galactic Royalty
*****
Offline Offline

Posts: 450


WWW
« Reply #92 on: September 26, 2007, 09:24:36 AM »
You can also log into Cpanel and go to file maneger, and download it from there.

Wayne Sallee
Wayne@WayneSallee.com
Logged
John B
Trekkie
**
Offline Offline

Posts: 15
« Reply #93 on: September 26, 2007, 09:26:06 AM »
Quote from: WayneSallee on September 26, 2007, 09:16:49 AM
Quote from: John B on September 26, 2007, 09:08:31 AM
Quote from: WayneSallee on September 26, 2007, 09:04:05 AM
Quote from: John B on September 26, 2007, 08:58:42 AM
One of my web sites has been continually defaced.  support3.com  The latest defacement effected every single default page in every single subfolder.  Is anyone seeing this issue again?

Please help get this problem rectified!

-JMB

Did you look to see how they got in?

Wayne Sallee
Wayne@WayneSallee.com
I am at work and don;t have a lot of time to research this continuously.  How would I check this?

Use your ftp software that you use to upload your web pages. Look for a directory "logs", and download the log file for this month. It's a compressed file, so you will need to use something like winzip to unzip it. Then look at the logs and see what IP address did what. You can see what they looked at and when, and if they tried to load a page that does not exist, or if they tryed to push code to a php page.

Wayne Sallee
Wayne@WayneSallee.com
Thanks, I do not see a directory called Logs in the root FTP folder.  There is a statistics folder, but I do not see any ZIP files int here.  I am on a windows host (Kraz)
Logged
support3.com & itsiest.com!
Stop asking me for my account!
WayneSallee
is here to search for clues, question everyone and investigate the the disappearance of the
Galactic Royalty
*****
Offline Offline

Posts: 450


WWW
« Reply #94 on: September 26, 2007, 09:55:31 AM »
Quote from: John B on September 26, 2007, 09:26:06 AM
Quote from: WayneSallee on September 26, 2007, 09:16:49 AM
Quote from: John B on September 26, 2007, 09:08:31 AM
Quote from: WayneSallee on September 26, 2007, 09:04:05 AM
Quote from: John B on September 26, 2007, 08:58:42 AM
One of my web sites has been continually defaced.  support3.com  The latest defacement effected every single default page in every single subfolder.  Is anyone seeing this issue again?

Please help get this problem rectified!

-JMB

Did you look to see how they got in?

Wayne Sallee
Wayne@WayneSallee.com
I am at work and don;t have a lot of time to research this continuously.  How would I check this?

Use your ftp software that you use to upload your web pages. Look for a directory "logs", and download the log file for this month. It's a compressed file, so you will need to use something like winzip to unzip it. Then look at the logs and see what IP address did what. You can see what they looked at and when, and if they tried to load a page that does not exist, or if they tryed to push code to a php page.

Wayne Sallee
Wayne@WayneSallee.com
Thanks, I do not see a directory called Logs in the root FTP folder.  There is a statistics folder, but I do not see any ZIP files int here.  I am on a windows host (Kraz)

Windows server might be different. You could go to cpannel, and and see if you can find raw http logs there.

Wayne Sallee
Wayne@WayneSallee.com
Logged
John B
Trekkie
**
Offline Offline

Posts: 15
« Reply #95 on: September 26, 2007, 09:57:53 AM »
unfortunately, all the Cpanel stuff is blocked while I am at work (ugh) because of the ports.

Will ahve to check when I get home.

Thanks for your help.
Logged
support3.com & itsiest.com!
Stop asking me for my account!
Pages: 1 ... 5 6 [7]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.6 | SMF © 2006-2008, Simple Machines LLC

Valid XHTML 1.0! Valid CSS! Dilber MC Theme by HarzeM