Webhosting Companies And Security Related Attacks

[Jeffro]

Maybe this forum thread should be renamed 'Another Webhost Bites The Dust' lol. I didn't know Dremeda was associated with the Securi site. Nice work over there so far.

[dremeda]

dremeda, I know it's not a WordPress issue, and theoretically so does BlueHost, but the latest run of these things have always ended with 'And upgrade WordPress!' which is a 'Dude. Lay off the crack pipe!' moment.

I hear you, but it's a good point, you should always keep your software up to date, whether WP, Joomla, etc.

Andrea_r: Thank you, we hope we helped people get their sites cleaned up as quickly as possible.

From a Sucuri perspective, we will continue to research and try to find issues, irrelevant of the hosting provider. We will attempt to contact the appropriate people when we discover a flaw or an ongoing exploit. That will not however stop us from disclosing and creating viable solutions for those affected.

Jeff, definitely change the post name boss :) Nice talking with you all last Saturday, awesome show!

[Ipstenu]

I hear you, but it's a good point, you should always keep your software up to date, whether WP, Joomla, etc.

Yeah, but saying you should lock the door when the windows are wide open is always a bit stupid, in my mind ;)

[dremeda]

I agree with that too.

Servers should be properly secured, networks should be properly locked down, and so on. Best practice is defense in depth at every layer.

If a shared hosting provider is not applying proper security controls, and/or is exploited and they're not providing adequate solutions, you may want to rethink hosting with them.

It' like building a house on a foundation of slinky's. It may look strong on the outside, but all sorts of problems are bound to spring up :)

Not the best way to build a long term home.

[Jeffro]

Looks like DIGWP got hit again with malicious software.

http://twitter.com/chriscoyier/statuses/18694753714

Back to MediaTemple grid servers being hit.