Comments on: Bluehost website got hacked?

By: Age

Age — Thu, 06 Oct 2011 13:10:41 +0000

Client site hacked today. Must admit for the first time. But a SCARY SCARY experience. Will definitely move this site. I’ll have to fork out the new hosting fee i guess too…

Bluehost = Jokey joke town.

By: John W

John W — Sun, 11 Sep 2011 04:12:40 +0000

I watched my BlueHost account get hacked over the past 2 days. I reported unknown CPU activity, so much that BH was throttling the CPU constantly with nothing running on my site.

I finally caught a bunch of shell access attempts and reported them. Same worthless responses from a ‘Computers for Dummies’ dropout. So I captured the logs and did my duty- reported it via Live Support, via many help tickets, etc.

End result? After 2 days, the hacker brute forced through BH’s shell access and replaced the homepage with a different index.html and index.html.1 files.

I was pleading for access to server logs that show more than just generic stuff. I am a CISSP and could easily track the items and fix the problem- if I had access to the info (logs).

So remember me. It’s the 10 yr anniversary of 9/11 and everyone is on alert for cyber attacks- except BlueHost it seems. And when the compromise hits the press, I’ll step forward with the logs and tickets and chat transcripts showing I warned them and tried to get them to take prudent action.

And that, my friends, is how a company is held accountable for neglect. Prudent Man Rule. They were informed by a trained security professional and offered all the backup data, but the refused to take any steps to halt or prevent the compromise.

It gives juries free reign to assign massive punitive damages and paves the way for potential criminal charges and personal liability for those involved when crimes (such as id theft, credit card and password compromise, and of course various computer crimes)

“Yes Sir, I did notify BlueHost in writing and identified myself in my professional capacity. I also made it quite clear the liability they could be risking by ignoring this incident…..”

By: Kevin M.

Kevin M. — Sat, 13 Aug 2011 15:01:33 +0000

I lost count of how many clients I have got from Blue Host (Thank you Blue Host!) but I can contribute to this post to say that if Blue Host has a server that is secure, I have not found it yet!

The biggest issue with Blue Host servers is they are either lazy or totally uneducated in server management and they install the operating system and run it as a default system. This means that if you do not know how to setup your own server and work with a php.ini file to secure your website. Then you are open to attack.

For the price of hosting there are a number of top quality hosts that actually have an educated tech team that understands a default OS install is a fools game. The price to have someone like me come in and move your site, clean out the infection and set it up on a secure platform is never in the budget!!

So ALERT everyone, DO NOT host with these MORONS and if you have to pay a few extra bucks to get an actual support team that will support, backup and take the blame when something is their fault. Go with them and save your sanity and pocketbook!

By: youshrin

youshrin — Wed, 29 Jun 2011 17:52:57 +0000

me 2 i do not agree with blue host
i got attacked with adam love virus
it has wrote in my htacess and a file of an english name is saved containing smthg…
a .logs is created with thousands of html pages

Very poor security

By: Sofismart

Sofismart — Thu, 09 Jun 2011 01:56:10 +0000

I’m told that is the host responsibility to avoid this hacking. Why is this happening here? Any advise? I do not know how to clean up files!
Thanks

By: Sofismart

Sofismart — Thu, 09 Jun 2011 01:53:17 +0000

Hi, My site has been hacked twice today! I do not understand what else I can do.
My cpanel was secure numbers, characters, capital letters, etc.
Now what? I though the site was secure..Thanks.

By: Oliver

Oliver — Wed, 08 Jun 2011 05:27:33 +0000

Yesterday my website was gone, simply gone. I called their support people demanding an explanation. The answer I got from them is they don’t know what happened. And they are simply not responsible!
What a frustration! My website is a small business. Now everything is gone, and all business has to be shutting down!
It is really a crap experience with bluehost. I feel I am totally robbed by them.

By: Dmbldr

Dmbldr — Sun, 13 Mar 2011 07:02:52 +0000

I had it now with Bluehost. This is the 4th time my clients site got hacked this year. That site was never taken down by Bluehost and labeled compromised, but files were uploaded, index files overwritten, and content added. Similar to Rob’s story above: fake British bank files. I am very disappointed and am switching providers asap.

By: Bob Roberts

Bob Roberts — Thu, 10 Mar 2011 07:22:56 +0000

I too have several websites hosted with Bluehost and yesterday they were all closed down and I was sent an email asking me to clean up a number of files. All of them were index.htm* files and had been manipulated to redirected to dodgy sites.
I cleaned them up and bluehost promptly reopened them.
However, and this is what annoyed me, they said, “If this continues you could risk your account status with us.” !!!
A brief internet search brought me here, and to other forums, where it is obvious this kind of thing is endemic at Bluehost. So today I will be looking for an alternate host for my websites.

By: Rob

Rob — Mon, 07 Mar 2011 19:09:49 +0000

My company used Bluehost after we relaunched our site back in September. I’ve used them before for a couple of personal sites and had excellent experience, which is why I highly recommended using them for my company’s site.

However, about a week after launch we experienced exactly the same issues that a lot of people are posting about here – malicious files suddently appearing on our server, most of them obviously used for phishing attacks (fake bank of america pages, that kind of thing). This was also after Bluehost introduced the new password requirements. The account was suspended, so working with Bluehost I was able to locate and remove the malicious files. The person I dealt with was excellent and extremely helpful, and was actually able to tell me what directories the files were in.

Then the exact same thing happened again about a week later. So I located the malicious files and deleted them again. But when I called Bluehost the person I talked to said the site was still compromised and it was up to me to find and delete them all before they would reactivate the site. Our site uses a CMS was a large number of files and directories. It took me several hours to troll through each directory and check whether or not the files I was looking at were malicious or not. Finally I fixed it and the site was reinstated. I was annoyed, but the problem appeared to be solved, so I got past it.

Then, less than a week after that it happened a THIRD time. Same deal, Bluehost rep said it was up to me to find and delete the malicious files, so I spent another few hours repeating the exercise. When I called back he told me the site was clear, but since the site had been hacked three times in less than a month I had violated the terms of service and the account was terminated. I could access my files for 30 days, but the site was no longer hosted.

With the help of a consultant we switched hosting providers and fortunately had the site back up and running in less than 24 hours. We haven’t had a single problem since switching hosts. We also had a security consultant audit the site just to make sure, and they were appalled that Bluehost was so quick to blame us and terminate the account.

Now, I still use Bluehost for my personal sites. I like their features, the price is right, all that good stuff. But after my experience dealing with them for my company I’m probably going to switch to another host when my contract is up next year. I accept that site owners should do everything they can to keep their website secure, but it really bothered me how inflexible they were about this.