More than 70,000 websites were compromised in a recent breach of InMotion. Thousands of websites were defaced and others had alterations made to give users a hard time accessing their accounts and fixing the damage. A similar attack hit JustHost back in June, and in a breach of Australian Web host DistributeIT just prior to that, hackers completely deleted more than 4,800 websites that the company was unable to recover. The incidents raise concern that hacker groups are bypassing single targets and hitting Web hosts directly, giving them access to tens of thousands of websites, rather than single targets. While the attacks have caused damage, they weren’t as malicious as they could have been. Rather than defacing and deleting, hackers could have quietly planted malware in the sites or stolen customer data. Web hosting companies could be one of the largest holes in non-government cybersecurity, since malicious hackers can gain access through openings left by the Web host, regardless of the security of a given site.
We’ve already closed these holes. Are you really still hosting your sites with the volume-based hosters!
There is nothing more tricky and fraught with potential problems than DNS upgrades.
This week we migrated from BIND to PowerDNS. Prior to the migration we dutifully tested PowerDNS on different servers, in different configurations, consulted other sysadmins who were running PowerDNS, and found all tests to be working flawlessly.
So we went ahead and upgraded all three of our DNS servers from BIND to PowerDNS, and watched…
Until recently our shared hosting servers suffered from some of the same vulnerabilities that many of the volume-based hosting providers do. Namely, if one site on a shared server was hacked it was possible for the hacker to deface other sites on the same server that had files or directories with loose permissions. I.e. 777 permissions.
Why is our up-time so good? Because our network is quadruple-redundant, impervious to fiber cuts, and because we are small.
Why is being a small provider good? Because we run less than 100 servers – instead of hundres of thousands – most of which are in our own, on-site mini data center, where the size of our operation allows us isolate and fix problems extremely quickly.
I’ve always known that our staff is smarter, more experienced, and provide better – and friendlier – support than the volume-based hosting companies. Now the raw data is proving that we are more reliable as well.