Recent 'downtime'

If you have been trying to access the site, or anything on it recently you would have noticed that everything had a 'forbidden' (403) error.

Reason (story behind it if you care to read):

Well, recently in my email inbox I received an email which 'appeared' to be from ebay - a buyer asking me a question about an item. With no current auctions, and because email spoofing is extremely easy, I inspected the email for suspicious links that lead away from the ssl ebay domain. Sure enough there was one as soon as you tried to 'contact the buyer' back. I visited this page, stripped all the code, and viewed it to see how it all worked. It was a few .js (script) files which recreated the positioning of the real ebay site, a cgi file which emailed whatever address they wanted with the information you put in, and a plain html file to hold it all together.

Where I went wrong was I was going to write a news story and post some of these files (with the malicious email line stripped of course) as a proof of concept. As I was testing the cgi file (replaced their email address with mine to see if it actually worked) I received this email from abuse@oneandone.net (my web host).

This letter is complete bullshit. "We received several complaints stating that a so called phishing site was uploaded to your web space" is a lie, and "This was possible because your are using outdated/exploitable scripts on your web space" is false. They were there because I put them there - not to steal anyones information, but to explain how to avoid such sites and how easy it is to be fooled by them. I didn't have the files available to the public at this time so it's impossible they 'received several complaints'. What probably really happened was they have an alert system built into the host (that they don't tell their customers about). This system probably 'alerts' on certain named files that are uploaded to be scanned for any malicious code. Very good idea, I agree with such a system, but don't lie to me thinking that I don't know what I'm doing and someone compromised my account.

So next I login to my web space and delete the files they asked. After deleting them I try to load up http://devz3ro.com/ and I see this 403 'forbidden' error. It was expected, I knew I would have to CHMOD (CHange MODe) a few files because of this email. I ftp into my webspace and all my php-fusion files are untouched, so CHMOD would do nothing if they already have enough permissions. After scratching my head and removing & granting myself permissions I STILL get a 403 error using http. Still messing around I stumbled across a .htaccess file in the root of my web space that I KNOW I didn't put there. After trying to download, delete, view, rename, edit, etc. and getting a 'permission denied' error I knew this had to be the culprit. This .htaccess file should have been within the folder of the 'so-called malicious' files (which I had hidden from the public). NOT IN THE ROOT OF THE WEB SPACE. Had it been in the correct location it could have been deleted easily because the parent directory (root) would of had enough permission to do so. So my web host basically screwed up and made my entire web page inaccessible with no reversal option.

Yup you got it, now I'm calling these people. The first 'customer support tech' (I have know idea how they can give them such a title) had ABSOLUTELY NO IDEA what I was trying to explain to her. She barely spoke English so she 'escalated me up to level 2 support'. Apparently level 1 and level 2 support are the same level (or are damn close to each other). The next 'tech' spoke English a little better than the last woman but it still wasn't great. He understood what permissions were and that I couldn't access my site, but he had no clue about CHMOD. He only knew what his control panel allowed him to do, so I asked him to delete the .htaccess file in the root of my web space. After some verifications to prove who I was he attempted to delete the file unsuccessfully. I EXPLAINED TO HIM how to CHMOD the file using smartftp and still no go, he was obviously no admin or had admin privileges so he would be no help =(. He said he would escalate this up to their fantastic level 3 support team and have them email me when it's been resolved.

While waiting for an email from the geniuses at the level 3 1&1 support team I replied to the abuse letter I received initially asking them to delete the .htaccess file. Since someone from the abuse team put it there they should be able to remove it right?. I received an apology email 6 hours later noting that the problem has been resolved. Still nothing from the level 3 support.

This is the second time I had to speak with the web host over the phone. The first time the issue was dealt with in a timely fashion (sub domain not available) and I was sent a 'survey' of how my experience was on a scale of 1 to 5. No survey yet on this one, I was kind of looking forward to it =).

I purchased web hosting from 1and1.com originally because it offered more than godaddy.com & networksolutions.com for a cheaper price.

I guess the old saying is true: "You get what you pay for."

18 Comments · 755 Reads ·

Comments

God, Matt. Your post made my brain explode. You really do know your stuff don't you?

Wedding Dresses Tight structured corsets and Bodices appear as a major factor in these designs. Wedding Dresses Lace covered bodices look well with the simpler skirt, the more elaborate skirts go well with plainer fabric corsets.Tiaras and long trailing veils are a favorite of the fairytale bride. Very traditional and the symbol of the wedding day the veil comes in 1,2 and 3 tiers, depending if you want to wear the veil over the face or trailing along the back of the head. Some gowns are exquisite enough on their own you could get away with wearing no veil at all. Wedding Dresses Tiaras come in many styles pearl and diamond encrusted, large intricate designs and smaller simpler head bands the choice is yours.The Simple Elegant bride The less fussy, simple and elegant style of gown would draw inspiration from dresses worn by Jackie O and brings to mind the style and class of Audrey Hepburn. wow power leveling With classic simplistic designs and clean lines, less is sometimes more when trying to look amazing.The simple gown should be designed to draw attention from the dress itself and allow the beauty of the bride to shine through. The simple dress should not differ from the beauty of the bride and take center stage itself, wow power leveling remember the bride should wear the dress not the other way around.Classic designs include some wonderful gowns from Vera Wang, Sharon Hoey and other popular designers. The simple white silk backless gown always look stunning as worn by Jennifer Aniston on her wedding day. Long Mother of Groom Dresses ㎞㎡ More structured lines with no straps falling to the ground brings to mind wonderful visions of Grace Kelly and that old Hollywood glamour. This type of gown can also be subtly influenced by other styles and eras keeping in tune with the bride's personal taste. Tea-Length Mother of Groom Dress The key here is to keep it subtle and you will ooze class and style on the big day.Wedding dresses are literally the icing on the cake on every bride's wedding day. You can find perfect wedding gowns online, mvjsdiiyqd or simply brainstorm which style of wedding dresses to start looking for as you narrow down your search. Modern Mother of Bride Dresses First you need to determine which types of wedding dresses are right for you.Wedding Dresses zdm.

★★☆Related Article☆★★

http://www.qsxbjy.com/home.php?mod=space&uid=6&do=blog&id=11
http://c360.52photo.com/home.php?mod=space&uid=1007&do=blog&id=143
http://www.gjiudian.cn/plus/view.php?aid=217
http://www.l7zz.com/plus/view.php?aid=3434
http://www.0510.in/home/space.php?uid=51383&do=blog&id=337
http://www.wbtopedu.com/plus/view.php?aid=137

Post Comment

Ratings