As a large web hosting company, GreggHost occasionally experiences circumstances in which people use its servers to harm the servers of others. Unauthorized access to third-party systems, the hosting of Trojans/viruses, denial of service (DOS) assaults, and so on are all examples of this. GreggHost’s Terms of Service forbid all of these behaviors.
If you suspect a GreggHost client is involved in such actions, proceed to the section below about reporting cracking/intrusion/DOS to GreggHost.
GreggHost forbids a variety of criminal computer intrusion-related acts. The most prevalent ones are described here.
Anyone who uses social engineering or trickery to exploit technological flaws in the security of third-party systems/services or get sensitive information (including passwords) will have their account permanently deleted without reimbursement.
Service interruption (DOS)
Similarly, anyone who purposefully disrupts or overloads third-party systems/services (also known as “denial of service” attacks) would have their account permanently deleted without recompense.
Trojan horses, tools, and so on
Regardless of the foregoing, hosting or storing tools primarily used for cracking/intrusion or denial of service attacks is forbidden, and accounts that do so will be permanently deleted without reimbursement.
GreggHost retains the right, with or without notice, to cancel any account discovered to be engaging in any of the following acts. GreggHost may also contact relevant law enforcement officials, depending on the circumstances, and fully comply with any subsequent investigation.
Occasionally, GreggHost gets a complaint that, upon further examination, reveals that a customer’s account has been misused and is being used to engage in banned activity without their knowledge or consent (typically spamming or phishing). When this happens, GreggHost may take a variety of steps to protect the account and prevent further abuse, including temporarily disabling associated sites or accounts. After that, GreggHost will contact the customer to inform them of the situation and provide them the option to safeguard their account.
While GreggHost recognizes that you did not intend for your account to be misused in this manner, you are still ultimately responsible for the security of any third-party software hosted under your account. You will be alerted if GreggHost sees anything visibly wrong. GreggHost, on the other hand, is unable to do a thorough security audit of the contents of your account(s) or any upgrades on your behalf.
You can protect your account by following the instructions below.
First, change all of your passwords.
Even though it’s rare for client account passwords to be exposed in this way, you should reset all passwords connected with the hacked account right away. Passwords for Shell/FTP and database users are both included.
Step 2: Scrutinize your computer for spyware, keyloggers, and other malware.
Make sure your local computer is free of spyware, keyloggers, and other harmful software by running a scan. Malicious software can be installed without your knowing in a variety of methods, including visiting the wrong website.
You’ll have to look for the most up-to-date and suggested products for your operating system on the internet. A decent summary of similar products may be found at the following link.
If such malware is discovered, uninstall it immediately and change your passwords again (your previously changed/new passwords may have also been captured).
Step 3: Delete any files or directories that seem questionable.
Intruders frequently leave behind tools or programs that can be used later. It’s critical to check for and remove any such items before they can be used again when it comes to safeguarding your account. You should go through every directory in your account and delete any suspicious files that you did not upload or that do not belong there. Also, keep an eye out for hidden files and directories (use the ls -alh command from the shell or turn on hidden file viewing from within your FTP client to view them).
Step 4: Replace or upgrade software
It is not enough to simply remove the intrusion’s product (phishing sites or web-based shell access scripts, for example)—you must also remove the exploit that the intruder used to get access to your account in the first place.
This entails updating all software and scripts hosted under your account to the most recent secure versions, or replacing them with secure alternatives if the software is no longer maintained.
Popular website software like WordPress, Joomla, and Drupal are updated on a regular basis to fix security flaws discovered by developers. If you use software like this, make sure to check for security updates and patches on a regular basis.
In the event of a proven defacement/exploit, GreggHost suggests completely replacing all files if at all possible, as hackers may have inserted their own exploit code to otherwise secure files.
Keep your wits about you and don’t let your guard down! Even after the exploitation of your account has been resolved, it’s critical to maintain vigilance to guarantee that your computing and web hosting experience remains secure. You must always practice “safe computing” to avoid such vulnerabilities.
In practice, this translates to:
Use reliable malware software to check your computer(s) for malware on a regular basis.
If you don’t know who sent you the email, don’t click the link. Never click on links pretending to be from your bank, eBay, PayPal, or other reputable organizations.
Open email attachments only if you are certain they are secure, especially those received in chain letters, “greeting cards,” and other similar emails.
Choose passwords that are at least 8 characters long and contain a mix of letters and digits. They should not be based on words or names.
Check for changes to third-party scripts/software put on your website on a regular basis. When updates become available, install them.
In general, don’t execute third-party software unless you know who made it.
Reporting cracking/intrusion/DOS to GreggHost
If you suspect a customer is engaging in any of the aforementioned behaviors, please contact a GreggHost support representative as soon as possible so that the situation can be investigated further.
What information does GreggHost require in order to track out the perpetrator?
As quickly as possible, ideally while the action is in process, contact GreggHost. The closer GreggHost gets to the moment of the abuse, the more probable it is that the offender will be caught, hopefully while the action is still going on.
Aside from that, GreggHost need as much pertinent information as possible. A sample of any log files you can offer that illustrate what is happening, as well as the IP address connected with the originating server(s) and the destination IP, are helpful.
If the abuse is occurring over a period of time, GreggHost will benefit greatly from knowing the duration and length of the abuse.
Where should I file a complaint about cracking, intrusion, or DOS?
GreggHost can be reached at the following email address: