 Domain Services
|
|
 Exploited Account Policy
|
If an account on our network is exploited and distributing viruses, spam emails, etc as soon as we are aware of the situation we will immediately suspend the account without advance notice. This measure is to ensure we are operating in compliance with the law and to protect other client accounts from experiencing service interruptions and to prevent your visitors from downloading harmful things to their computers including viruses. Once an account has been suspended there are three options:
Account Reset- The account is deleted and re-created. You then can install the latest versions of your scripts from the script developer. There is no fee involved for the first offense. Any future offenses would incur a $20 fine.
Account Restore- DS-HostingSolutions will check the two available backups (one is nightly and the other is weekly made Friday morning) that we have to see if your account was exploited. If the backup is not exploited the account can be restored and the public_html directory will be password protected. It is then your responsibility to update all scripts to the latest versions (overwriting all old files), change all account passwords (including cpanel, email, ftp, mysql, etc.), and check your personal computer for viruses and key loggers. After completing all the above steps you can remove the password protection from within your cPanel account via --> Password Protect a Directory --> Click Public_html and uncheck the box and click save. This type of work is classified as security breach recovery and there is a charge of $20 for the account check and backup restore. If the backups of your site are exploited versions you then must choose option #1 or #3.
Account Repair- You will repair and update all scripts to the latest versions (overwriting all old files), change all account passwords (including cpanel, email, ftp, mysql, etc.), check your personal computer for viruses and key loggers and remove any hacking code from files. Technicians will then review your account in detail to determine if it is no longer compromised and that all scripts are up to date. This type of work is classified as security breach recovery and carries a charge of $10 for the first offense and $20 for future offenses.
Ways to protect your account and ways DS-HostingSolutions helps:
Delete Unused Files and Scripts- A very common source for account exploits is abandoned scripts which are not updated. Clients often install scripts for testing and forget about them, which are subsequently exploited and used to hijack the entire hosting account. Remove stuff you are not using.
Keep scripts up to date- DS-HostingSolutions checks your account weekly for out of date scripts and posts a notice in your cpanel account (x3skin required) and sends you a warning email (requires an email address added to your cpanel account as a contact). Full details..
Use trusted scripts- Use scripts from trusted developers that have a good track record of maintaining and updating their scripts.
Use secure permissions- Never use permissions 777 on folders or 666 on files unless vital to your script operation.
How DS-HostingSolutions helps- DS-HostingSolutions protects your account with firewalls, brute force protection and blocks hundreds of common account exploiting techniques and common hacking code. DS-HostingSolutions also checks your account weekly for out of date scripts and posts a notice in your cpanel account (x3skin required) and sends you a warning email (requires an email address added to your cpanel account as a contact). Full details..
After receiving a notice you should immediately update your script.
|
