We have been hosting with justhost for sometime, so far the experience is ok. A good cpanel hosting with good price, that is what we think about justhost hosting. Unfortunately, recently our justhost review site had been hacked in again, and site planted with downloader virus. This is not the first time we encounter this, and we view it as high severity.
When we visited our website today, our computer antivirus detected a virus downloader that attacking firefox web browser. Fortunately, the virus get detected and clean away. The virus defination is “JS/Downloader.Agent”. The question is how this virus get into our web space. Definately, there is some vulnerability on the hosting server. We already have strong password for cpanel, ftp and wordpress login.
For today, we think justhost sucks alot. Unsecure server is bad for any website, not to mention ecommerce website that carry out online commerce world wide. You don’t want to prompt your customer with virus downloader alert and ask them to clean it.
We already clean our hosting space once again, deleting everything from our web files folder, hopefully remove the virus infection. And now, we are managed to clean it, and website back to normal without the downloader.
For the price $3.45/mo, we are hoping for secure web hosting services, and justhost need to improve on this. For twice our justhost website get hacked in, and this is annoying. Justhost sucks? Yes it is!
 |
33 Responses to “Justhost hack! Website hacked once again!”
Leave a Reply
You must be logged in to post a comment.
July 31st, 2010 at 1:37 am
I am inclined to agree as of now. I have been with JustHost for some time and have been recently hacked 3 times within the past few months. I, as well, use extremely strong passwords and know that the security breach is not on my end.
August 4th, 2010 at 5:14 am
DAMN!! I’ve started reselling on just host. 4 sites hacked…. now reading this i’m expecting a large headache!
August 6th, 2010 at 9:05 pm
me too, all my websites got hacked..
August 18th, 2010 at 11:09 pm
I had my site DNS results on search engins hacked today. Justhost.com said that its $69.95 for a secure SSL site. They said a shared secure site doesn’t work. Then said it did work.
This is pissing off my customers. If they don’t respond quickly with details and a corrective action plan I have to go elsewhere.
What makes me upset is that the justhost.com site says my site comes with SSL .
So justhost.com please get to correcting my issue asap
August 18th, 2010 at 11:20 pm
My site DNS is hijacked. The technician acts like this is the first time he’s ever heard of such a thing. I said Google my company name and click a link.
The reply is that he does not submit websites to search engines. Clearly this is not the question I posed.
Then I cannot get access to the site. Asked for a password refresh and it took over an hour. The user ID and password do not work. I even cut and paste twice.
odd that you cannot get a new password instantly and get on with solving issues.
If I don’t get a good reply I’m just packing up and going to another host like Godaddy.com with secure at low cost. Not another $69.95 like this guys. LOL I am not!
August 19th, 2010 at 12:10 am
I recommend going to another host. These guys just said we fixed it and wait 2-3 WEEKS! Forget that.
I’m switching over to Godaddy.com I think. Good price and secure.
August 21st, 2010 at 10:41 am
My jushost account was also hacked…
I have lots of client domain in there and now I will have to change everything…
August 28th, 2010 at 8:52 pm
Yep.. I’ve NEVER had my sites hacked on other cPanel host, but since I’ve been at JustHost it’s happened twice in 2 months!! I’m tired of it.. I’ll be moving my sites asap!! Don’t use JustHost.. you will be hacked!
August 28th, 2010 at 9:23 pm
Follow up from JustHost.com tech. All my files have CORRECT file permissions and I have strong passwords.. yet they still say its my fault ?!?! Terrible.. here’s the reply from the tech:
–
Victor: To prevent the hacking attempts
Victor: suggest you to change the password of your email accounts, control panel, mysql databases, etc., Also if you have turned on the anonymous ftp, then please turn it off.
Victor: Also please make sure that you assign the correct permissions to your files/folders, so nobody can access/edit them other than you.
Victor: You need to upgrade all the applications you are using on your website to the latest version.
Victor: Is there anything else I can help you with?
Victor: Shall I proceed to close this chat session, if there is nothing to discuss?
Victor: You are most welcome!!
Victor: Thank you for visiting Hosting Support. Should you have any queries or require any further information, please do not hesitate to contact us.
Victor: Have a nice day!! Good Bye.
–
Yes Good Bye, JustHost.. you will not be missed!
September 6th, 2010 at 7:39 am
All my websites of Just Host Reseller account was hacked today. They were restored and re-hacked. They are too slow to respond and it seem that they don’t know what is going on.
JustHost SUCKS Big Time.
November 15th, 2010 at 10:09 am
Poor support from Godaddy, they would not even help me reset my own password, becuase they didnt think I was who I said I was. Anyway, I switched to Justhost months ago, and everything was fine, until I had a customer update his own site. Everything went to hell from there.
I traced the attacker to this pirate site : nhihuyen.cc subdomain sv3.nhihuyen.cc
It appears the attacker did not vandelize anything, but did block all access to my admin accounts, and even to my use account on justhost.
I personlly feel the pirate site is constanly looking for a new host to store the pirated DVDs but the domain is registered with tucows.com
-
Experts say the attackers are entering wordpress sites through the plugins, I beleive the plug used in this case is one called ad manager.
-
Should I stay with justhost? I will for now, being I do not belive it was the fault of justhost at all.
November 18th, 2010 at 9:48 pm
UPDATE. The hacker actually used a Password Collector which was hidden in a file I downloaded from a file sharing site, Just Host was in NO WAY at fault.
January 19th, 2011 at 8:02 am
This is a warning for people not to waste their time by using the Just Host hosting company. Your website, if hosted by JustHost, has a very high chance of being hacked due to very poor server security. I myself have had my website hacked 3 times in a number of days. I use very strong passwords and know that the infection is not created my end. Having strong user passwords will do nothing to prevent your site from being hacked if you are with JustHost.
Save yourself a lot of time and in the long run money by using another company. You have been warned.
February 8th, 2011 at 8:02 pm
My sites are also hacked again. This is second time it happens.
I got reseller and VPS hosting and they are doing ok without problems.
I think justhost got serious security problems.
February 12th, 2011 at 3:02 pm
Hi, I too have had my site hacked whilst i’ve been on Just Host. I know its not my end as i was the last person to log into my account. There seems to be a running theme with all the comments, which is their servers are not that secure. I run a computer sales and repairs company so I know a lot about computers but little about web server security. Has anyone used ipage as a web server? I’ve been reading about it and it seems pretty good.
February 14th, 2011 at 10:53 am
we have ipage hosting account as well, read our ipage review and test them here at http://www.ipagereview.org/
February 14th, 2011 at 5:05 pm
Keep Away from Justhost my websites been hacked time and time again.
Justhost server security very open, I can go to any control panel I want .
Thank god I have moved my sites some where aus and I’m happy again
Keep Away from Justhost, Keep Away from Justhost, Keep Away from Justhost, Keep Away from Justhost.
March 7th, 2011 at 2:02 pm
Oh my God, i was thinking that is only my problem, but now i realise that JUST HOST sucks so deeply !
To anyone who wants to use their service, think twice ! That’s a wasting of money, and of course a nervous problem too.
Happy spring to everyone. Greetings from Moldova.
March 15th, 2011 at 12:03 pm
We have a JustHost reseller account. One of our client accounts has just been hacked with the r57 exploit. JustHost support are taking an age to reply and I have no idea how to get rid of it (or even what it does). This is on latest version WordPress site with pretty vanilla JustHost install. The passwords are very strong so I don’t think it was a password crack. Judging by the comments above I am worried that Justhost are an insecure host. A bummer as otherwise their offering seem very good.
March 16th, 2011 at 12:08 pm
JustHost is not responsible for hacker attacks.
Its probible lack of security on your website, as anyone with common sense will tell you, The hosting company is simply a host for your files. Its up to you to keep your site secure.
Its like blaming the a cell phone service provider for the poor performance of the brand of phone, like samsung. And vise versa, blaming a High quality phone like Nokia, for poor service from the provider. Each is not responsible for the others performance.
March 16th, 2011 at 11:20 pm
There are two type of hacking, first is the most commont that hack from website over the internet (taking the largest percentage) and the second type is hack within the server either from infected sites or via direct hacking to the server.
IMHO.. Both good website & good server is require to prevent further hacking problems.
March 17th, 2011 at 5:41 am
There is nothing clever installed in the web space, just a simple web site based on WordPress (latest version), with latest version of some very common plugins and the ubiquitous NextGen gallery. We have run this site on our own servers for over a year with no problems. It does seem a mite suspicious that within a fortnight of moving it to JustHost it gets hacked.
And Rick, I don’t think security issues are a simple or black and white as you make out. Justhost Review is more correct. If I were to run a simple html (i.e. plain text) web site with no scripts and the home page was hacked (not via password sniffing) then it’s pretty certain that the host is not supplying the required level of security. If it were an Windows based server (which I am more conversant with) and the host did not install the OS security updates released with alarming frequency by Microsoft then any resultant web site hacks would definitely be down to the host.
The hack we suffered from may have been automated but seemed to use a r57 shell script that (at the least) changed the home page (and style sheet). The new home page stated we’d been hacked by Seif Jelidi – who’s (assuming he’s a person) boasting page can be found here: http://www.zone-h.org/archive/notifier=Seif%20Jelidi
JustHost’s (rather slow in coming) response to our support query was:
“Your login info can be taken from your browser’s cache by some virus, then credentials to access your hosting account can be delivered and used by somebody else. So, I advise you to check your and your customer’s PC with help of some good anti-virus software and then change the login info to access any area of your account. Also, it is strongly recommended for you to check all the software used for your sites (applications, plugins, modules, themes etc.) it should be always up to date and fully patched (secure)”
June 19th, 2011 at 7:57 am
February and March was months with massive hack attack, and we have received quit some numbers of users complaining their websites being hacked in.
Three months went passed and we haven’t received any new hack report so far, and we can’t find new hacking report in most online source too, this clearly indicating the justhost servers are right now back to safe and secure environment.
June 24th, 2011 at 3:51 pm
Unfortunately I use JustHost. They were fine until two weeks ago when all my web sites, email and ftp went on the blink. At first I did not get a proper answer but finally they said it was a DDoS attack, that took over 24 hours to fix. Now, it has all gone wrong again and I read disturbing reports of a massive security (twitter.com/#!/ContraHax).
They say this is not true but I have had so many excuses I really do not believe them. Definitely going to swap. Anyone have any suggestions?
June 28th, 2011 at 9:52 am
Yup I’ve just been hacked on all my sites with just hosts. phoned their support and they have no interest at all, tried to insinuate that I was to blame for their poor security.
No longer will I tell people to use them
July 24th, 2011 at 9:36 am
My site is hacked too – just noticed
August 1st, 2011 at 11:34 am
YOUR ALL NUTS
Justhost provide security on their own end of the server. Are you all to stupid to know this? You should be providing your own security on your own end of the server. Sitelock or similar sites provide just that.
Get a life and stop moaning about your own errors!!!
August 6th, 2011 at 2:36 am
Today All my website are hacked
August 18th, 2011 at 12:07 pm
all of my sites are hacked on justhost.
August 22nd, 2011 at 5:23 am
I have had 14 attacks in two weeks. Theme files locked down to 444, strong passwords, all wordpress plugins and wordpress up to date. No problems for 2 years, then hacked to death!
September 15th, 2011 at 7:46 am
My site has been hacked twice in just 3 weeks! An intrudor allocated phishing links and sent thousands of emails with my domain…
My account was suspended the first time by justhost without letting me know, and now my website is just down since yesterday, and I do not receive a reasonable explanation from justhost…
October 4th, 2011 at 8:52 pm
Our site has been hacked three times in the last six weeks. Every time I change the passwords and update the wp theme. This is a phishing attack. They create unique sites under our domain. We’ve done a complete scan of the only PC that has access to the Cpanel and found no virus. At this point I don’t know how to stop it or if we can stop it. I’ve not found the solution…yet.
October 17th, 2011 at 3:08 pm
my justhost site were hacked 3 time in 3 weeks by some dude from pakistan. I called they have real remedy for the problem.