My site was hacked yesterday. A reasonably fast trouble ticket resoponse (under 2 hours) from hostrocket support confirmed that a number of customers had been attacked and they had shut down the whole shared server while investigating. So...no site access for the whole afternoon - then my site re-appears, still covered in hacker grafitti.

First thing I do of course is to get ftp access to remove the hacked files, but ftp access is down. over 14 hours later and it is still down - so my site still appears to the whole world as hacked and there is NOTHING I can do. I can't even take it offline.

Thanks Hostrocket, I've gotten used to having my Hostrocket hosted sites hacked - despite making them as secure as possible, (this is the 8th time in around 18 months I've been hacked), but this lack of support is just terrible.

Guess hostrocket won't be around much longer - anyone have a reliable / secure shared hosting alternative?

Is this security problem because suEXEC is not installed on the servers and they run with globals on?

I have just signed up and find that these items are not done.

My site was hacked too. Thank heavens for the Google alert!
I'm now searching for another hosting service as well. Please post what you find, and I will do the same.

Jesus i just bought a year hosting plan with hostrocket i wasnt aware of this hacking problem should i try to get my money back???

anybody has good host service, i am thinking to move to the new service.


terrible!

My scripts were / are up to date. I believe the attack was actually due to HR not applying a security update to their server software - remember the whole 'shared hosting' server was knocked out, not just individual users 'virtual server' directories.

These are exploits of your installed packages like wordpress being out of date. One of my client's sites was hit, and it was only 1 build difference (2.3 and 2.3.1 being the latest) so i'm rather irritated as I'll have to work over new year!

As this isn't really HR's fault, don't change host for that reason - it will happen on any big host. However, the way HR dealt with the problem and their downtime should be a good indication of the service you receive. I'll keep an eye on this topic for any suggested hosts ;)

This isn't the complete story. My opening index.html page is being hacked at least once a month with a massive amount of links to viagra sites. It appears to be a controlpanel vulnerability that allows some automated scripts to change any index.*

HR needs to address this situation and come clean on any potential security flaws. My clients' sites are being hacked, and my site was hacked as well -- and I know for a fact that I'm the only living being, aside from the gang at HR, who knows the password to my site.

Well, I signed up for the new 1000gig service for two years and they moved me to a new server. All was well for two weeks and now some of my index files have been hit AGAIN!

This is unreasonable if Hostrocket has not properly secured their servers! I will put in another help desk ticket and see what the reply is.