I recently posted an article about a security breach on my web server which was as a result of my own stupidity but when a site that I manage and host on HostMySite.com is breached twice in 4 days I get extremely peeved. The incident occurred on their ColdFusion shared hosting plan and an attacker was able to successfully inject code into all index files for the site. I noticed the first breach and after cleaning the site alerted HMS. Several hours later I was alerted that there was a problem with the permissions on the site and that it was patch and the files were cleaned (even though I had already removed all the malicious code from the files).
I decided to forgive this faux pas even though I have seen this before some time ago on a site hosted by HMS, that site however was using LAMP and the breach was caused by a vulnerability in the PHP version. The affected site was flagged up in Google as containing malware, this time however, Google was telling the truth! However, this morning, the site was once again compromised and code injected into the index files. After cleaning and submitting a bitter support ticket I received a response stating some nonsense about permissions being reapplied. I am amazed at some of these responses sometimes, since they are deliberately written to sound more impressive than they are. I am not a newbie and I understand very well what happened.
I am sorely disappointed in HMS, there have been numerous problems on their shared hosting environment with ColdFusion crashes, site time outs and now security breaches. This makes me look stupid to my client and it is costing me in support because I have to get it fixed, for FREE! I have never forgiven Dell for shipping a server with cables disconnected and I don't think HMS will have any business going forward. You simply cannot say you are providing a service, say you are the best at it then allow things like this to happen, it is simply not acceptable!
