Several accounts have been reported on this server as having fraud sites (of banks, Paypal, etc) and the server has been put on probation by the data center for cancellation.
We encourage all our clients to manually check their accounts for suspicious files or scripts not belonging to their account. We do not want this server to be disconnected by the data center for repeated offense.
April 19th, 2009
We discovered a problem with the Warden server (126.96.36.199) this morning that all sites return an Error 500 (Internal Server Error) when loading PHP files.
Accounts with simple HTML are not affected by the problem. We are figuring out the cause of this issue and is trying to resolve the problem as soon as possible. We will update this post for additional information along the way.
Update 1: File and folder permissions of accounts are fine as well as ownership. Memory limits in PHP.ini have been adjusted.
Update 2: Running cPanel Update and updating all Perl Modules. (Will run EasyApache next). Still running cPanel update….
Update 3: Recompiling PHP thru EasyApache.
April 11th, 2009
We discovered the problem with Gravatar server a bit late. Our monitor showed it was running fine but it turns out there was a problem with the DNS. This was fixed right away.
April 9th, 2009
Today, the Data Center has shut down the Gnome server (188.8.131.52) for several hours after discovering two accounts from our clients hosting a phishing website for Bank of America and Wells Fargo.
We coordinated with the DC engineers to get the server back online so we could investigate and remove the phishing sites.
It turns out that the two accounts by clients have folders that were open and allowed culprits to upload a zipped file of the fake website and extract them. We have deleted the files and secured the folders. We’re still looking into other client accounts that may have similar cases.
We request all clients to regularly and actively check their accounts for open folders (CHMOD them to 644) and update any add-on scripts or web apps they have installed so to avoid similar incidents in the future.
April 5th, 2009
We experienced a couple of hours of slow server access on ArchMage due to the system installed CLAM Antivirus. Once the system initiates the virus scan, it sometimes overloads the server depending on how much files are in queue in the mail server. When this happens, the load shoots up and the server freezes.
February 22nd, 2009
PHPBB has announced an injection vulnerability on their website. Those running PHPBB software are advised to update a patch on their installations:
February 13th, 2009
The Gnome server was temporarily shut down by the Data Center for a phishing site made by one of the new clients placed on this server. We were informed of the enforcement policy very late in the evening and was unable to act on it in two hours prompting the DC to disconnect the server so the site cannot do any damage.
We will be very vigilant to impose suspension on sites that could case a similar incident int he future. However, even if this problem was caused by a single client, it dragged along with it all other hundreds of clients in the server.
February 11th, 2009
Those who are running WordPress can now update their blogs to the latest version 2.7.1. This version fixes bugs and security holes in the software and everyone is advised to upgrade as soon as possible. Make sure to have a backup first before doing the updates.
February 10th, 2009
The Gravatar server is having some issues with the system Firewall (APF). There will be instances where a specific IP address or a website is automatically added by the firewall in the block list (deny_host list) so even if the server is running fine and smooth, some ISPs and IP ranges may not be able to gain access to their websites.
January 22nd, 2009
We maintain at least 2 hard drives on each of our servers. The first drive contains the host files, databases and emails while the second drive is reserved to store backup files that are automatically generated every end of the week and end of the month.
December 22nd, 2008