@#!!

I’ve barely slept in the past 48+ hours because one of our servers was hacked.  The server was probably hacked back in late September, and I thought all that had happened was that one of our photo gallery installations was messed up.  It turns out that someone hacked the photo gallery to gain access to other parts of the server, and set up a “phishing” scheme on one of our domains.  I found out this when I was awakened by a phone call from our hosting company early Wednesday, threatening to pull the plug on our server within one hour if the phishing files weren’t removed.  They’d also notified the FBI.  The only problem with this scenario is that I don’t know all that much about server management.  I can do basic things like add accounts and check stats and update software, and I know how to reboot the server and how to add features to it, but I really don’t know how to check for things like “rootkits” and other security breaches.  I have “a guy” for this purpose (you know, like when you when you need some electrical work done someone will say to you, “I know a guy”), but “my guy” is on a cruise in Mexico.  I asked for help from the company we rent the server from, and was reminded that they only provide unmanaged service.  I asked for help on their message boards and only got one response, from someone who said he was having the same problem.  I was really frustrated and alarmed and feeling pretty helpless.

To add a few more details to the scenario, our problems had really started around Monday when I received an email from the server host saying we were nearing our bandwidth limit for the month, which is 1000 gb.  To come anywhere close to our bandwidth limit is really impossible—we tend to use about 100 gb per month on a busy month, and sometimes only about 60 gb.  So, I argued this fact with the server host and they insisted their stats were correct.  The assumption was that someone had hacked the server and had put some sort of file on it that lots of people were downloading everyday (for example, an illegal program file or a bunch of mp3 files), but I couldn’t find the source of the problem for that, either.  For some unexplicable reason the insane bandwidth usage stopped instantly on Tuesday, but then the phishing incident cropped up.  I haven’t been able to sleep much since, and went to bed at 5:30 am on Tuesday night/Wednesday morning, and 6:30 am Wednesday night/Thursday morning.  The hacker(s) kept re-adding files as fast as I could delete them, and I was afraid to leave the server unattended.  I’m a basketcase.

I won’t bore you with more details, but suffice to say I’ve spent hours and hours poring over information online, learning to run security scans, and hiring other people to help me.  For $75 I’ve finally found someone to give the server a security tune-up, and for $50 I’ve got someone else upgrading the problematic photo gallery installation which started this entire mess.  I normally do all upgrades and database work myself, but I’m exhausted and making mistakes, and this needs to be done properly.

I’m really starting to consider giving up having our own servers and returning to just using conventional hosting accounts every month.  We stopped that a few years ago because our bandwidth usage was so excessive, but now the price of bandwidth is a lot cheaper, and I don’t think I need these sorts of headaches.  Our server bills each year run about $6000… it would be nice to pocket that six grand instead.

Posted by Leigh-Ann on 10/26 at 10:44 PM

AddThis Social Bookmark Button

  1. Oh my gosh, how awful. I hope things get better soon, and that you’re able to get some sleep.

    Posted by Helena  on  10/27  at  07:07 AM

  2. I second what Helena said! Sounds awful. If the conventional hosting accounts would save money and hassle, go for it. Keep the fun jobs for yourself and outsource the rest.

    Take two kitties and blog us in the morning :-)

    Posted by Victor Tabbycat's Mom  on  10/27  at  09:34 AM

  3. Sounds like real nightmare…  although I am not computer savy enough to know what you are talking about….  I hope this situation and the stress of it dissipates quickly…

    Posted by Kristine  on  10/27  at  06:07 PM

  4. OMG.. I can imagine the headaches and stress this has caused you.  I hope everything is on its way to being straightened out.

    Posted by Coll  on  10/27  at  09:22 PM

  5. I’m so sorry you’re having to deal with this. I’d offer to help but I don’t even know how to change the masthead on my blog, so you’re better off if I stay out of it.  I hope it’s resolved soon.

    Posted by Helly  on  10/28  at  06:51 AM

  6. Oy, what a pain in the arse! Six grand a year, really?? I’m not that computer savvy…my book website costs me…I think a little over $100 per year. Yikes. Of course I realise it takes up much less space (bandwidth?) than yours.
    It was hacked once, though. When clicked on, the screen came up black with “YOU’VE BEEN HACKED!” and then a whole bunch of links and stuff to various German websites. Luckily my web goddess friend fixed it right away.
    I say, spay and neuter hackers.

    Posted by Carina  on  10/29  at  04:29 PM

  7. good grief, what a lot of stress. *hugs* and lots of sympathy.

    I’m not computer savvy to say the least and I just don’t know what I would have done in that situation besides panic.

    I’m hoping for a speedy resolution for you…

    Posted by prajantr  on  10/29  at  04:43 PM
    8. Page 1 of 1 pages

Name:

Email (required, but will not be made public):

Location:

URL:

Smileys

Remember my details for future comments?

Let me know about new replies to this topic?

Next entry: The server so nice, they hacked it twice

Previous entry: Zoltar!

<< Back to main