My site was suspended by my hosting server (bluehost) that is was sending phishing emails. I have installed Boonex over 5-months ago. I am 100% all the file permissions were correct and all the site was working.
I AM SO UPSET. that I have spent so much $$$$ on buying scripts for Dolphin and at the end Dolphins says, that its not designed for "Shared Hosting". I think wasn't it better to post this on the DOWNLOAD PAGE. So, I should not NEVER spent $$$$ and my TIME
"Technical Requirements
Explore [http://www.boonex.com/trac/dolphin/wiki/DolTech] Dolphin Technical requirements."
All of which are discussed openly in the forums.
register_globals On and allow_url_include On
from the php.ini files i have seen people use to over ride the local register_globals On setting, most then go on to put allow_url_fopen On and then not knowing what allow_url_include is, they think its the same as allow_url_fopen and turn it on.
allow_url_include On is as dangerous as register_globals On
If the server is running SuPHP you have to make a copy of the php.ini file and edit it see more
I wonder if it is because some Unity members list there site url in there posts and/or in there membership info.
Hackers who are familiar with Dolphin and looking for sites to hack, are going to come to Unity and Expertzzz for a list of sites to try and hack. You do not have to even join these sites to get this information.
I am not saying that that you should not protect your site see more
I AGREE. What happen was I contacted Boonex admins, to get some help on installations. They ask for my FTP access, so I gave it to them, hoping that they would help. Instead this shit happen. so I think its inside job. But when I changed all passwords. Still my server was sending phishing emails.
After my site got hacked (including all the database, and my index file was changed ) I never got any email back from that adminator. I asked who did they forwarded my personal info, but NO RESPONSE. AT LEAST, they could have sent me letter, say SOMEthing.
Sammie is right, I do not think that anyone from Boonex would do this.
I think you might have misunderstood me. What I mean is by either mention your site in a post and/or listing your sites URL as part of your Unity profile, is in my opinion a bad idea. Just giving a hacker a map to your site and telling them that the key is under the mat. (LOL). I hope I have explained myself better
I think you guys have misunderstood my comments tooo. I NEVER said Boonex team member hacked my site. Its just the timing of what happened makes it look like I am trying to say, its Boonex team member. BUT ITS NOT...rather its the host itself
You need to find out exactly how your server was compromised. Do you have access to your server log files. If so you need to take a look at the log files around the day you were hacked. Once you know who and how you were hacked, I can suggest was to prevent further hacks of this type. As you are on a shared hosting service, and not a VPS see more
I AGREE. What happen was I contacted Boonex admins, to get some help on installations. They ask for my FTP access, so I gave it to them, hoping that they would help.
*****Instead this shit happen. so I think its inside job.*****
But when I changed all passwords. Still my server was sending phishing emails.
===============
no mistake in what you said.
Please clarify you post.
Do you meant that you agree my post (Do you know how your site was hacked. .....)
"Its just the timing of what happened makes it look like I am trying to say, its Boonex team member. BUT ITS NOT...rather its the host itself"
as best that that could mean to you given the circumstances. i just read your post where you stated you were hacked. that is truly unfortunate. i have posted this many times and will just try to summarize it for you, and explain how and why sites get hacked.
shared environments where hosting is $1.99 (as an example) is the most prone to end up having sites hacked. why you might ask, well there are no script kiddies that are goin to pay for a dedicated server or vps server, for see more
"UK, Russia, and India, where cyber laws are non-conforming to the rest of the world, and they can get away with this type of behavior."
UK? WTF? i think you mean the Ukrain Kr
i can assure you the UK has some of the stronest cyber laws on the planet
Right setting, stable of your script & keep tunning.. i think is a good answer.
I don't blame to anyone..
Hopefully this is a knowledge for us.
:D
ooops
DosDawg
Terabyte Hosting Solutions
I am also using a shared host to build the site, and will migrate when I feel the build is up to snuff. So what can I be doing to keep the site secure in the mean time?