[/tab]This is to inform all our members that recently we've been facing a lot of hacking attempts from various upcoming groups - whose sole purpose seems to be defacing our members' sites. In most cases it's just a minor botheration though I've no clue what they're gaining out of it.

[tab]Pertaining to this I'd like to mention that we don't employ a server-side backup mechanism anymore. Long time back we used to perform weekly backup of all our members' sites - but this service has been discontinued for a while now owing to some conflict with the quota system.

    [/tab]Recently one of our members lost his site to a defacing attack. The hackers got in and completely trashed his site including his MySQL DBs. Unfortunately he didn't have any backups on his own part and neither did we.. hence the whole site was lost and he'd probably have to start from scratch again. Re-desgning pages are still ok - but what hurts most is all the lost posts/content in case you're running a Forum and/or CMS.

[tab]Thus I'd like to stress on the necessity of maintaining regular backups of your site on your own - in case you come under such an attack. To facilitate your backing up job, the cPanel Site Backup option has been enabled to allow you to perform a single-click backup of your whole site. You should do this as often as possible - and at least once every week. Make this into a habit since it's a job that'll take up just a few minutes of your time once a week - but might save you a lot of tears in the long run.

    Moreover, most such hacking attempts are usually successful if you're using a weak dictionary based cPanel password - which can be easily cracked using some brute-force password generator/cracker. Thus I'd highly recommend you to keep changing your cPanel passwords from time to time apart from making them as cryptic as possible using combinations of both numerals and upper-case, lower-case letters and if possible punctuation marks. If you find it difficult to remember such passwords, there are plenty of Free and Good Password Managers available for download - where you can store such passwords sitewise for future reference.

Best Regards,
miCRoSCoPiC^eaRthLinG

If I may add, if you run a forum, CMS, or any other kind of software that uses databases on your web site, try to find a plug-in that sends a database backup to your e-mail every day. It can be very useful in case you lose all your data.

True - that'd help a lot too. In any case it shouldn't be all that difficult. I think if you search around the Database forum I'd posted a script long time back - called autobackupsql or something on those lines.. that generates automated full-backups of your specified MySQL DBs at specified intervals. You can just add in another small script in your crontab to mail gzip this file and mail it out to you at regular (weekly) intervals.

I found the script I'd posted earlier. It's called automysqlbackup and can be found at this thread:
Auto-backup Your MySQL DBs Daily/weekly/monthly

Hmm... Is this defacing thing common? Or is it just a handful of individuals that have their websites defaced?


I have a suggestion. I don't think we can change our username. I'm new here so I could be wrong. When we submit our application, we were ask about our username. I think when we actually sign up using the process form, we need to specify our username. There might be a chance that both of the usernames matches. In fact, there is a high chance if users reply to the application form truthfully.

As such, I suggest that approved applications be totally removed from view after maybe, let's say, 2 weeks? Then whoever that tries to use a password generator would have a tough time becoz he/she needs to guess the username as well.

All web hosts usually have this problem. Sometimes it is more than defacing but a hacker gets into the server and just creates or deletes some accounts.

Yep, you can't change your server username. The only way to change it is to delete your account and create it again.

Usernames need to be 6 characters. So you can still use a brute force tool to associate a username with a password.

There really isn't anything that can be done to prevent a hacking attempt. Just save your data.

btw, I'm probably going after a degree in network security. I've read the books.

[N]F

Thanks for the heads-up, m^e. I keep copies of my files both on my hard drive and on a USB flash drive already. But man I would hate to have to re-create all my junk just because some punks thought that trashing Web sites was fun.

I'd like to add one more piece of advice on passwords: don't use the same password for all of your sites. Even just using a variation from one site to the next is better than having the exact same thing everywhere you go on the Internet.

I just started changing up passwords for things on the internet and on my website stuff. Not that I've been hacked (yet), but, more and more by reading this forum and the like I've come to the conclusion that people as a whole cannot be trusted on the net. And when my site is more developed, I'm definitly gonna need to make sure I know how to back it up. Especially that database thing. And I'll also have to look up that cron job thing about the site back-up too. Thanks for the heads up M^E. I mean, I always knew it was a possibility, but now I know some ways to protect myself.

I posted the link to that MySQL Automated Backup Script - check it out guys.. it surely is helpful. I'll see if I can come up with some small shellscripts that'll mail out the backed-up data to you at pre-specified intervals..

Any other bright suggestions about protecting your data, most welcome

Regards,
m^e

Alright, Joe! Thanks for the warning. Man, I feel so bad for that guy who lost his site! I think some government officials should do something about this... or you guys should report this at least. Do you guys have logs and stuff? There should be like a way to track where the attacks came from... it's so not fair for us - just random attacks. I mean, this is just like property assault/damage!!

Hey, I've got a problem! My campus server doesn't allow me to connect to port 2083 anymore. Does anyone know of a method to bypass this thing or any other way to backup data? I've tried tunneling using your-freedom but it isn't working.