SharkSpace_Scott
08-26-2008, 09:52 AM
Exploited Account Policy
If an account on our network is exploited and distributing viruses, spam emails, etc as soon as we are aware of the situation we will immediately suspend the account without advance notice. This measure is to ensure we are operating in compliance with the law and to protect other client accounts from experiencing service interruptions and to prevent your visitors from downloading harmful things to their computers including viruses. Once an account has been suspended there are three options:
Account Reset- The account is deleted and re-created. You then can install the latest versions of your scripts from the script developer. There is no fee involved for the first offense. Any future offenses would incur a $20 fine.
Account Restore - Restore your account from any of the seven restore points SharkSpace keeps of your account. (Guide (http://www.forums.sharkspace.com/showthread.php?t=7626)) Restore from backup and if the files are not exploited password protect the public_html directory (Cpanel --> Password Protect a Directory). It is then your responsibility to update all scripts to the latest versions (overwriting all old files), change all account passwords (including cpanel, email, ftp, mysql, etc.), and check your personal computer for viruses and key loggers. After completing all the above steps you can remove the password protection from within your Cpanel account via --> Password Protect a Directory --> Click Public_html and uncheck the box and click save. If the backups of your site are exploited versions you then must choose option #1 or #3.
Note: If you need a database restored. There will be a $15 security breach recovery fee. This will cover the cost of an administrator to retrieve your mysql database backup(s) from the backup server and to restore it under your account.
Account Repair- You will repair and update all scripts to the latest versions (overwriting all old files), change all account passwords (including cpanel, email, ftp, mysql, etc.), check your personal computer for viruses and key loggers and remove any hacking code from files. SharkSpace technicians will then review your account in detail to determine if it is no longer compromised and that all scripts are up to date. This type of work is classified as security breach recovery and carries a charge of $10 for the first offense and $20 for future offenses.
Ways to protect your account and ways SharkSpace helps:Delete unused files and scripts- A very common source for account exploits is abandoned scripts which are not updated. Clients often install scripts for testing and forget about them, which are subsequently exploited and used to hijack the entire hosting account. Remove stuff you are not using.
Never store backups under your account - When you generate a backup download it to your computer or to your storage system then remove it. Never have any backups in public viewable folders (ex. inside the public_html) not even for a short period of time.
Keep scripts up to date- You should always keep your scripts updated to the latest stable version. Many new script releases contain security patches so it is very important to always upgrade.
Use trusted scripts- Use scripts from trusted developers that have a good track record of maintaining and updating their scripts.
Use secure permissions- Never use permissions 777 on folders or 666 on files unless vital to your script operation. The majority of SharkSpace servers use suPHP which allows the permissions 755 and 644 to be writable which allows your scripts to write to them but no one else.
How SharkSpace helps- SharkSpace protects your account with firewalls, brute force protection and blocks hundreds of common account exploiting techniques and common hacking code.
If an account on our network is exploited and distributing viruses, spam emails, etc as soon as we are aware of the situation we will immediately suspend the account without advance notice. This measure is to ensure we are operating in compliance with the law and to protect other client accounts from experiencing service interruptions and to prevent your visitors from downloading harmful things to their computers including viruses. Once an account has been suspended there are three options:
Account Reset- The account is deleted and re-created. You then can install the latest versions of your scripts from the script developer. There is no fee involved for the first offense. Any future offenses would incur a $20 fine.
Account Restore - Restore your account from any of the seven restore points SharkSpace keeps of your account. (Guide (http://www.forums.sharkspace.com/showthread.php?t=7626)) Restore from backup and if the files are not exploited password protect the public_html directory (Cpanel --> Password Protect a Directory). It is then your responsibility to update all scripts to the latest versions (overwriting all old files), change all account passwords (including cpanel, email, ftp, mysql, etc.), and check your personal computer for viruses and key loggers. After completing all the above steps you can remove the password protection from within your Cpanel account via --> Password Protect a Directory --> Click Public_html and uncheck the box and click save. If the backups of your site are exploited versions you then must choose option #1 or #3.
Note: If you need a database restored. There will be a $15 security breach recovery fee. This will cover the cost of an administrator to retrieve your mysql database backup(s) from the backup server and to restore it under your account.
Account Repair- You will repair and update all scripts to the latest versions (overwriting all old files), change all account passwords (including cpanel, email, ftp, mysql, etc.), check your personal computer for viruses and key loggers and remove any hacking code from files. SharkSpace technicians will then review your account in detail to determine if it is no longer compromised and that all scripts are up to date. This type of work is classified as security breach recovery and carries a charge of $10 for the first offense and $20 for future offenses.
Ways to protect your account and ways SharkSpace helps:Delete unused files and scripts- A very common source for account exploits is abandoned scripts which are not updated. Clients often install scripts for testing and forget about them, which are subsequently exploited and used to hijack the entire hosting account. Remove stuff you are not using.
Never store backups under your account - When you generate a backup download it to your computer or to your storage system then remove it. Never have any backups in public viewable folders (ex. inside the public_html) not even for a short period of time.
Keep scripts up to date- You should always keep your scripts updated to the latest stable version. Many new script releases contain security patches so it is very important to always upgrade.
Use trusted scripts- Use scripts from trusted developers that have a good track record of maintaining and updating their scripts.
Use secure permissions- Never use permissions 777 on folders or 666 on files unless vital to your script operation. The majority of SharkSpace servers use suPHP which allows the permissions 755 and 644 to be writable which allows your scripts to write to them but no one else.
How SharkSpace helps- SharkSpace protects your account with firewalls, brute force protection and blocks hundreds of common account exploiting techniques and common hacking code.