The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Cpanel hacked last week, want some credit

Discussion in 'General Discussion' started by emeric21, Mar 20, 2004.

  1. emeric21

    emeric21 Well-Known Member

    Joined:
    Aug 5, 2002
    Messages:
    49
    Likes Received:
    0
    Trophy Points:
    6
    Last week end my server was hacked 2 times because of cpanel hole or bug after upgreade from stable version.

    I want some credit from cpanel because we work hard to re-install os and cpanel 2 times.

    I think that all host's that have this problem last week have right to some compensation because we pay rather expensive annually for their license.

    Thanks

    Emeric
    NationalHost
     
  2. rpmws

    rpmws Well-Known Member

    Joined:
    Aug 14, 2001
    Messages:
    1,824
    Likes Received:
    5
    Trophy Points:
    38
    Location:
    back woods of NC, USA
    I agree. You deserve credit for a good job!!
     
  3. zappz

    zappz Well-Known Member

    Joined:
    Dec 8, 2003
    Messages:
    48
    Likes Received:
    0
    Trophy Points:
    6
    Unfortunately there is little hope of you getting any compensation. This forum is not the best place to request it either, as you can see by the replies so far.

    I am pretty sure cPanel will have their terms and conditions sewn up to prevent the need to compensate everytime a bug appears. They'd be bankrupt by now if they didn't! :eek:

    Try a support ticket instead. I already know the answer though.
     
  4. dgbaker

    dgbaker Well-Known Member
    PartnerNOC

    Joined:
    Sep 20, 2002
    Messages:
    2,578
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Toronto, Ontario Canada
    cPanel Access Level:
    DataCenter Provider
    You think cPanel is expensive??? That's too funny. I deal with software that costs $75K a year for some things and more. cPanel pricing in my opinion is a steal.
     
  5. zappz

    zappz Well-Known Member

    Joined:
    Dec 8, 2003
    Messages:
    48
    Likes Received:
    0
    Trophy Points:
    6
    This has gone off topic now, but....

    cPanel may be a steal to someone dealing with software costing $75K/yr. But to someone on a shoestring budget that will not be the case. It's not nice being elitist.
     
  6. dgbaker

    dgbaker Well-Known Member
    PartnerNOC

    Joined:
    Sep 20, 2002
    Messages:
    2,578
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Toronto, Ontario Canada
    cPanel Access Level:
    DataCenter Provider
    Your right and I appologize for it coming off as such.
     
  7. akashik

    akashik Active Member

    Joined:
    Oct 9, 2001
    Messages:
    34
    Likes Received:
    0
    Trophy Points:
    6
    What are you running a business on a 'shoe-string budget' for?

    What hole?
     
  8. ToddW

    ToddW Well-Known Member

    Joined:
    Jan 3, 2004
    Messages:
    108
    Likes Received:
    0
    Trophy Points:
    16
    Not all software is ever 100% secure. It's your responsibility as a server admin to keep up to date with the security focus on your server. If you in fact check these forums you would have seen the bug posted, and how to fix it pretty close to when it came out, and you wouldn't have been infected.

    I even posted the report/fix on many other forums to help people out, and saved tons of people from getting infected, but since you probably don't read those either you still got infected.

    Unless you have a 100% managed server you still have to read security related topics almost daily or you WILL sometime sooner or later (sooner apparently for you) get bit by a 'hacker'.

    That's my take on it atleast.
     
  9. easyhoster1

    easyhoster1 Well-Known Member

    Joined:
    Sep 25, 2003
    Messages:
    659
    Likes Received:
    0
    Trophy Points:
    16
    Ya...Look at Windows. I agree with Todd here. There is alot less security *NIX updates compared with Bill Gates software.

    Will Bill Gates credit you if your software is corrupted....I don`t think so.
     
  10. jeffbkane

    jeffbkane Member

    Joined:
    Sep 9, 2003
    Messages:
    11
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Reseller Owner
    Y'know... I don't want this to get into an OS debate, but I couldn't let that last comment pass...

    Since the beginning of the year, I've had to install TEN (yes, 10) security/bug updates from Redhat. And from Microsoft? Only 3!!!

    (don't even try to compare FreeBSD which has had over 600 "serious" bug reports since the beginning of the year, most of which are still unpatched).

    Since CPanel is somewhat of an Operating System on top of an Operating System, I think its important to note that the sheer amount of continual improvements, released as they're finished rather than bundled for less regular updates, is a remarkable accomplishment.

    While I think we would all like to see a bit broader beta testing prior to CPanel declaring a version as "stable", my suggestion to Emeric and those of you who feel the same, wait to install each "stable" version until a few days after its released. (On this thought, it would be nice if CPanel made kept the last couple of stable builds available to be installed via WHM, for those who aren't moving along quite as quickly as the rest).
     
  11. easyhoster1

    easyhoster1 Well-Known Member

    Joined:
    Sep 25, 2003
    Messages:
    659
    Likes Received:
    0
    Trophy Points:
    16
    My point being is not about a OS or current security upgrades, but if a OS either *NIX, or Windows was out of date, do you think you would be credited for a hack?

    Show me someone that has received credit from $MS for being hacked?
     
  12. jeffbkane

    jeffbkane Member

    Joined:
    Sep 9, 2003
    Messages:
    11
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Reseller Owner
    I agree with you on that point, which is why I didn't include your last line in my quote.

    I was just commenting on what I took to be your implied superiority of *NIX. If I was wrong, then no worries.

    (But, just for the record, Microsoft recently released Small Business Server 2003 with a bug that caused problems with SharePoint. They made amends to everyone who had purchased the product by doubling the included client access licenses from 5 to 10.)
     
  13. strongbow

    strongbow Member

    Joined:
    Dec 2, 2003
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Nottingham UK
    Are updates not a good thing then...

    Just because you have only had 3 updates from MS does not make this a superior product either.

    Each one has it advantages and disadvantages.

    I personally have had more updates on my home windows system this year than on my RH systems so I think it comes down to what setup you have and what product you are using.

    The other thing to consider is that RH release alot of fixes for all the software on a RH system, where MS only release fixes for MS products on a system.

    Just my 2p's worth and as I said this was not to start a OS war but just a valid reply to jeffbkane's post.
     
  14. Myacen

    Myacen Well-Known Member

    Joined:
    Apr 6, 2002
    Messages:
    222
    Likes Received:
    0
    Trophy Points:
    16
    Who said he was running a business?
     
  15. twhiting9275

    twhiting9275 Well-Known Member

    Joined:
    Sep 26, 2002
    Messages:
    538
    Likes Received:
    15
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Twitter:
    As someone else said:
    It's YOUR responsibility to administrate your server, NOT the responsibility of CPanel or any other control panel, or server "tool". YES, CPanel makes your life easier as an admin, however it does NOT and WILL NOT do the job for you.

    As a server admin, you need to keep up to date on the latest updates and bugs from CPanel and any other software you have running in your system, and if necessary take action to prevent from being hacked. I'm sorry, but the "I want credit from CPanel" cry won't get very far here. You want credit for what? Not doing YOUR job?

    If you have a linux system, it's almost a full time job keeping on track of things, but it CAN be done. I'd advise you find a systems admin. Nobody can keep you 100% hack free (the only way to do this is to unplug the eth0 cord), but a decent systems admin can at least keep you sane and decently checked and let you know if problems arise.
     
  16. strongbow

    strongbow Member

    Joined:
    Dec 2, 2003
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Nottingham UK
    shutdown -h now

    is an even better way :D
     
  17. emeric21

    emeric21 Well-Known Member

    Joined:
    Aug 5, 2002
    Messages:
    49
    Likes Received:
    0
    Trophy Points:
    6
    That's right,
    I admin my own servers for hosting since 1999...
    But when i make my upgrape from cpanel last friday, 10 minutes later my server was hacked and that is not my fault.
    The kacker use cpanel hole to hack my server.

    Cpanel can say in these terms which it is not responsible but all the
    servers which were hacked (even at large companies) show their responsibility.

    It is as if you changes the engine of your car and you go on the
    road and that explodes. You does what?
     
  18. twhiting9275

    twhiting9275 Well-Known Member

    Joined:
    Sep 26, 2002
    Messages:
    538
    Likes Received:
    15
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Twitter:
    Cpanel aint a car, and this aint a highway, pretty simple there.

    And this is Cpanel's fault HOW? C'mon now. Had you provided the basic security essentials, you wouldn't find your server being hacked.

    Better yet, you KNOW that the server was hacked 10 minutes later HOW? Seems quite a bit fishy to me.

    Blaming CPanel for your own screwups isn't acceptable. If you properly secure a server, it's going to stand less chance of getting hacked. If you keep up2date with all of the software updates, update your kernel, keep your configs up and running, secure your /tmp directory, don't allow logins, keep your passwords secured and up 2 date, then you'll have few (if any) problems.

    It's not CPanel's fault that your server got hacked, it's your own, for not ensuring that your server was not secured. Quit trying to blame someone else for your poor judgement.
     
  19. stboch2

    stboch2 Member

    Joined:
    Aug 18, 2003
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    Where have you been if you only have had to update 3 patches... there has been like 10 vulnerablities. I work for a security agency all we do is scan computers for vulnerablities. What you should do is get smart and block all connections to the server until its patched.
     
  20. rpmws

    rpmws Well-Known Member

    Joined:
    Aug 14, 2001
    Messages:
    1,824
    Likes Received:
    5
    Trophy Points:
    38
    Location:
    back woods of NC, USA
    I get out, call a wrecker and go find a new car. If it were a hacker that blew up my engine I blame him, not the gas company who just happens to use the same hole to fill the tank. Good idea might be to lock your doors and a better idea would be to watch things 24/7 so your car doesn't blow up. If it keeps hapening ..just leave it in the driveway and take off the wheels and weld the doors shut so it can't be stolen or hurt anyone else.
     
Loading...

Share This Page