Archive for category General

Engadget: Man erases thousands of websites with a bad command

As one business owner showed, things can go spectacularly wrong when you don’t backup properly. User “bleemboy,” who runs a site-hosting business with 1,535 customers (!), wrote to a server forum saying he was using a bash script command to erase some specific files. The command he used, “rm -rf” is infamous in Linux circles for causing disasters, thanks to the “f” part that forces it to proceed without warnings. Normally, his script only deletes specific files, but something went wrong and “all servers got deleted and the offsite backups too,” since they were mounted to the same machine.

Source Link

Apache Binary Backdoors on Cpanel-based servers

For the last few months we have been tracking server level compromises that have been utilizing malicious Apache modules (Darkleech) to inject malware into websites. Some of our previous coverage is available here and here.

However, during the last few months we started to see a change on how the injections were being done. On cPanel-based servers, instead of adding modules or modifying the Apache configuration, the attackers started to replace the Apache binary (httpd) with a malicious one. This new backdoor is very sophisticated and we worked with our friends from ESET to provide this report on what we are seeing.

 

http://blog.sucuri.net/2013/04/apache-binary-backdoors-on-cpanel-based-servers.html

Google is no longer accepting self-signed SSL certificates

In a move not previously announced, Google is now no longer allowing pop3 connections to servers with self-signed SSL certificates.  This means that anyone using gmail to pull email from hosted email accounts with various providers, if the server has a self-signed SSL certificate, the email pulls will fail.

Read more at:

http://support.google.com/mail/bin/answer.py?hl=en&answer=21291

US Government: You Don’t Own Your Cloud Data So We Can Access It At Any Time

On Tuesday the EFF filed a brief proposing a process for the Court in the Megaupload case to hold the government accountable for the actions it took (and failed to take) when it shut down Megaupload’s service and denied third parties access to their property. Many businesses used Megaupload’s cloud service to store and share files not related to piracy. The government is calling for a long, drawn-out process that would require individuals or small companies to travel to courts far away and engage in multiple hearings just to get their own property back. Additionally, the government’s argument that you lose all your property rights by storing your data on the cloud could apply to Amazon’s S3 or Google Apps or Apple iCloud services as well (see page 4 of their filing).

 

Originally found on Slashdot

Inaugural Post

Welcome to the first post of HelpMeHost.Com.  This blog is dedicated to all things hosting.  For example, we will discuss issues related to running a web hosting business, search engine optimization (SEO), and general web issues.  Each of these issues is very important to me as a web host owner as well as Internet citizen.  Some of the posts here will be general in nature and some of them will highlight products and services offered by AlphaOmegaHosting.Com.

I will do my best to update this blog a couple of times a week as I find issues that are interesting to me.  This blog will also feature some links/summaries of major hosting news stories.