|
Jan
2
9
|
Delisting 101: Bad Webhosting Can Even Get You Banished From Google |
|||||
You thought cheap webhosting was a bargain. Maybe … but bad webhosting isn't just a bummer — it can get you delisted, added to badware lists, etc. And it doesn't have to be your fault (directly, anyway).
Use IX Web Hosting | ixwebhosting.com web hosting at your own risk. One day you might just get hacked and/or defaced. Even worse, you might be — courtesy of some Turkish hacker — installing malware on users' computers by proxy. The hackers seem to be pretty good, if a little mean. Fix it, and then it just might happen the next day anyway. That seems to be the story reported everywhere. A few associates of mine have — they got hacked … and finally delisted.Now that's OK. People get hacked all the time because of their own incompetence. But at least one of them that I know has a totally static web site. That leaves brute force and/or password sniffing cleartext passwords. Both are unlikely en masse. So it's that, or your web host *itself* is hacked!A possibility. I found this all suspicious. I Googled it. What I found is absolutely appalling — Hundreds and hundreds of hacked domains, with a similar vector.Some of these people are upgrading often and responsibly, using custom applications, etc. The same vector simply can't apply to everyone's web sites. They're running various applications with various flaws. So that's unrealistic. Some had weak passwords, I'm sure — but so many? Hence, it's more likely that it's an underlying problem with the web server. IX continues to tell everyone to use stronger passwords, upgrade their anti-virus software (¿que?), and be more careful. As if key-loggers are that common? Um no. Maybe they should take their own advice and tighten up their own boxes before blaming the user. The users are reportedly get hacked over and over — and over. Scary. So all of them have the same flawed anti-virus application, and use weak passwords? No. Probably not. If your web host gets hacked, you're at their mercy. So they'd better know a thing or two about security. But you paid $2.99 per month, did you? Bad move. That was your mistake.Several References: Find more: The worst part is, when you get hacked courtesy of their lackadaisical security, they throw up a monetization page while you're down. So they're profiting while you're getting delisted and Google thinks you're either dead, hacked, or someone snapped up your domain to monetize old links and random traffic. Awesome IX … awesome. That's some pretty lousy SEO. Cheap web hosting can really be the end. Google might notice of course, and give this lot (of presumably similar IPs) a second gander. But what if they don't? So bad web hosting can't just lead to downtime. It can lead to permanent exile from Google, and getting on the spyware/badware bad-list for a long, long time. And then R.I.P. everything. Kiss it all goodbye … all thanks to $2.99 hosting.Related posts: The Best Libido Enhancer is No WordPress Security … for spammers, anyway. Upgrading WordPress often might just help!... Circuit City R.I.P.; Awesome eCom Web Site, Terrible Store Circuit City was a terrible brick-and-mortar store, don't get... Stop Hackers With Our WordPress Firewall Plugin v1.2 Getting hacked is a total bummer, right? Right. But... eBay Integration + Fixed Price + Variations is Next "Big Thing" You've done it. I've done it. We've all done it.... Don't Get Hacked: Sandbox WordPress & Other Applications. Here's How. WordPress is great. So are most other free and/or open-source...
| ||||||
"9 Wise Comments Banged Out Somewhere On The Internet ..."
How can use of any particular web host cause a site to be delisted? Please explain.
The web host itself may not adequately mitigate attacks from other users getting hacked – i.e. Billy Bob's Farm web site gets hacked because he's using some old Joomla install. Hacker gets limited access to the machine, then uses another published attack to gain root access. And then it's ALL OVER. The number of reports indicates to me that something similar to the above is happening. Just because you get hacked doesn't mean it's your fault. And with the blatant overselling and ultra-commoditization of web hosting, I don't doubt the good admins don't do web hosting anymore ;/
If the box is compromised it is entirely possible for the hacker to put a worm for example on the pages contained on that server. Google will then see these as malicious sites and if not cleaned up within x amount of time remove them from the index and possibly blacklist them making them hard to get renentered. That is bad enough if it happens once, Google may forgive the first time however if this happens multiple times they will stop giving chances.
oops that last comment was aimed at Anna Baustin not written by her.
Yeah, was wondering about that when I was approving that comment. My guess is, yeah … the boxes have something rkhunter would find, and they just aren't finding it.
Dedicated IP address or C block should greatly help for not being delisted from google. =)
So if you had to use shared hosting then what would you use and why?
AGX: I fail to see how dedicated IPs would help. They're still on the same box. A separate IP would only mitigate the problem somewhat. And rarely. If the web host is incompetent and the whole box is rooted, you'll get rooted too. J.
Jameson: This blog is hosted on Pair.com. They seem to know what they're doing. They also charge more. But I know they're much more interested and proactive about security. The problem with hosting is that its become a hypercompetitive commodity. If they can charge more and have a viable business, then it's probably a good choice.
|
