Hacked or Bad Hosting Provider?
Posted: Wed Jun 23, 2010 2:38 am
Background:
I have about 50 - 60 CMS Made Simple sites running on a dedicated managed server that my company rents from a hosting provider (Our Internet). In addition I also have a personal account with the same company. My personal account is a shared hosting account and has about 5 CMS Made Simple sites running on it. Both accounts are independent from each other and are suppose to be on different servers.
On Friday all of the sites were functioning just fine. On Saturday all of the sites went down. The permissions had been changed on all of the "tmp" folders which triggered the following error message:
The following directories must be writable by the web server:
tmp/cache
tmp/templates_c
Please correct by executing:
chmod 777 tmp/cache
chmod 777 tmp/templates_c
or the equivilent for your platform before continuing.
Upon further investigation I discovered that the permission levels had also been changed on the "modules" and "upload" folders as well. Fortunately this was relatively easy to fix and I was able to get all of my sites running again.
However, this raised some serious concerns about my hosting provider and in particular our dedicated server. My hosting provider claims they didn't make any updates or changes to the server and has yet to provide me with an explanation. I find it odd that it affected both accounts and think it's unlikely that a hacker would create a hack that makes your site more secure.
Questions:
I have about 50 - 60 CMS Made Simple sites running on a dedicated managed server that my company rents from a hosting provider (Our Internet). In addition I also have a personal account with the same company. My personal account is a shared hosting account and has about 5 CMS Made Simple sites running on it. Both accounts are independent from each other and are suppose to be on different servers.
On Friday all of the sites were functioning just fine. On Saturday all of the sites went down. The permissions had been changed on all of the "tmp" folders which triggered the following error message:
The following directories must be writable by the web server:
tmp/cache
tmp/templates_c
Please correct by executing:
chmod 777 tmp/cache
chmod 777 tmp/templates_c
or the equivilent for your platform before continuing.
Upon further investigation I discovered that the permission levels had also been changed on the "modules" and "upload" folders as well. Fortunately this was relatively easy to fix and I was able to get all of my sites running again.
However, this raised some serious concerns about my hosting provider and in particular our dedicated server. My hosting provider claims they didn't make any updates or changes to the server and has yet to provide me with an explanation. I find it odd that it affected both accounts and think it's unlikely that a hacker would create a hack that makes your site more secure.
Questions:
- -- Has anybody ever experience this on their CMSMS sites?
- -- Should I be concerned that this affected both accounts? Does this suggest that our dedicated server is not really a dedicated server?
- -- Shouldn't the dedicated server be isolated from the rest of the cluster?