26 Comments to “More Hacked sites on the same server”

1. Charlie | June 6th, 2009 at 4:37 am
   

   Whilst I am also not happy with the service mdwebhosting is providing, I do not appreciate you listing my client’s site as somewhere to avoid. There are no files at this site that should cause anyone concern.

2. grynge | June 12th, 2009 at 10:43 am
   

   Hi Charlie, I have no ill will against your clients site but I hate to tell you that your site is still infected. Not sure if you are the owner or the web builder but either way you should clean up your site. If you don’t know how I am more than willing to let you know.

3. Dean | June 12th, 2009 at 11:06 am
   

   Charlie…
   You say
   “There are no files at this site that should cause anyone concern.”
   How can YOU possibly know what is being hosted on a server with how many sites ? unless you are the host provider themselves.. ?

   I think what you say is very possibly right, however VERY OPTIMISTIC and unrealistic as there ARE so many infections out there these days.
   Sorry Charlie but man you need to smell what your shovelling mate.

   MD have a lot to answer for both to the owners of sites and to the public for passing some of the stuff on and around.

   Of course we all have opinions and they do vary from one to another for sure.

   MD SUCK BIG TIME would be a gross understatement !!!

4. Karla de Oliveira | August 31st, 2009 at 8:46 am
   

   Hello, I would like to introduce myself as the new Business Operations Manager for MDWebHosting.

   You’re welcome to contact me directly any time you
   need help.

   As you might have heard, MD WebHosting is now part of Online Growth Solutions Ltd group of companies, alongside Netregistry, PlanetDomain, NETT Magazine and Hostess.

   You can read more about it here:
   http://www.mdwebhosting.com.au/mediarelease010809.html

   I am just passing by to drop a quick note and say that I am reading every single comment that is being posted on this website, and that we are adressing every single issue we encounter on the way. This is just the beginning.

   I am sorry if you do not want to hear from us, but here we are, ready to hear from you. I am glad to inform I will be here on a daily basis.

   Of course, server/website security is a major concern for all involved in hosting a website – specially the website owners; as it can affect their sales, business/personal reputation/passion, depending on the website content.

   However, we should also be aware that there are websites hacked due to server related issues and that are websites hacked due to incorrect file permission set by the user. In the first case, we should not only remove the offending code, but also investigate how that code was inserted there and address this vulnerability immediately. Secondly, we sould be contacting the website owner informing their website was vulnerable (due to poor coding, incorrect file permissions) and also direct them on how to address the issue as quickly as they can to avoid any further damage to their website. These procedures are being implemented as of NOW and you will see considerable and hopefully satisfactory results from now on. We will strive to achieve it.

   Whilst we see there are gaps when it comes to server security, I would like to inform these are being trated by our ICT department, (which is now much larger then you imagine) as high priority. I know it is impossible to make everyone happy 100% of the time. I respect every one of you for your choices and I also thank you, for sharing your experiences with MD with the world, this way we can see them, evaluate them and address them as we move forward improving MD overall services.

   Follow us on twitter get the latest news to find out what we are up to:

   http://twitter.com/mdwebhosting

   Any questions, just email me.

5. grynge | September 8th, 2009 at 11:51 am
   

   Hi Karla, thanks for leaving a comment. I am watching with great interest the goings on at the new MD Web Hosting. Having never had anything to do with Netregistry I don’t feel like I can comment. I do have an account with MDWeb and am monitoring the situation. From what I have seen over the last few weeks it does seem that netregistry has changed the method of operation for MDWeb. I do know though in the past it has been the lack of server security knowledge at MDWeb hosting that allowed so many sites to be hacked. I am not blaming the new regime. I am starting to suspect that the need for this site might no longer have value but again I will monitor my account with MDWeb for a little while longer. I had in the past contacted MDWeb about their customers sites being hacked as well the server mine where on was hacked when I was with them. They tended to blame anyone and everyone for their problems apart from them. I still have all emails/live chat transcripts. I do wish you and the team at Online Growth Solutions Ltd all the best.

6. Sal | October 5th, 2009 at 9:53 pm
   

   Nothing has changed at MD for the past 4 months we had nothing but warnings for google that our site was distributing Malware. As am not very good with computers so I was really at a loss, I would contact MD tell them the problems and ASK for advice as to how to prevent this from happening in the future all I got from them was a message saying we have fixed the problem and to blame me for what had happened and 2 days later I would be back in the same position and back to contacting MD who would fix it at their end, then blame me & not answer any of my questions on how to prevent this! I ended up changing hosts and it has been a little of a week and I have not had any problems. Karla I don’t think MD has implmented any changes in the way you handle things and I got the impression that when I cancelled the hosting that MD was glad to see me go, as no one at MD addressed any of the issues I listed as the reason for me cancelling my service and no effort was made at all to try and retain my business.

7. Sal | November 4th, 2009 at 10:37 pm
   

   They still can’t get it right at MD webhosting, a month after cancelling my service, they have now sent me an email telling me they have suspended my hosting as I have not paid my account,I wonder how they suspended a service that does not exist? Lets hope for their sakes that non payment of a non existing web hosting account does not effect my credit rating!

8. grynge | November 4th, 2009 at 11:50 pm
   

   Hi Sal, I warned them ages ago about their lack of security and even showed them several servers that were hacked. I am sorry for you problems I hope you have been able to get google to remove the malware report. I have a test account with them that I am doing a report on and yes I have seen that they may have been taken over but they obviously still have the same incompetent individuals running the servers. I hope your new host is a better operator.

9. Sal | November 8th, 2009 at 8:09 am
   

   Thanks have been able to get google to remove the warnings and have no trouble since being with the new host. I have threatened legal action to MD twice in the past 10 days both times they have danced around the real issues and have made out they were fixing my problems. Unfortunately on a personal level I am not computer savvy, but fortunately I have access to a very good legal team.

10. Jackie | December 4th, 2009 at 10:54 pm
    

    Luckily I did a google search on md webhosting as I was considering using them for a basic website. I take was has been written here very seriously, as you have gone to a lot of trouble to warn others.
    Anyone else you can recommend would be great, I was only going to use one of their sites builders so something similar (& not too expensive) would be great.

11. Marc | January 28th, 2010 at 11:51 pm
    

    I also use mdwebhosting and would have to say they are the worst hosting provider in Melbourne.

    They have extremely poor customer service and my server goes down all the time and it takes them days to fix.

    I recommend everyone avoiding using them and everyone should be warned against their company.

12. Karyn | September 27th, 2010 at 11:33 am
    

    I came across this site of yours as i AM SICK TO THE BACK TEETH of MD.
    I have had SO MANY dramas with my site being hacked with viruses as well as LACK of service, lack of knowledge etc from MD.
    I am trying to get my domains off them to transfer them…and yet STILL have sent over 30 emails back and forward to get my domain released and have spent over 13 hours getting nowhere.
    EVERY time of the past 7 years I have needed something from them, i have had nothing but useless service and bad service.
    I think this site MD SUCKS is an understatement.
    I cant wait to get my domains off them and LEAVE FOR EVER.

13. grynge | September 27th, 2010 at 11:52 am
    

    Karyn i sympathise with you. I was only with them a short period of time and had nothing but trouble. Dozens of other people are in your situation, it seems even with the take-over of the company it has not got any better. I hope you find a decent host. Yourself and people like you are the reason I keep this site active.

    Good luck with your endeavours.

14. Andrew J. Dunar | November 13th, 2010 at 1:18 am
    

    I’d have to agree with this. MD has spiralled down hill and as a result we’ve moved our web reselling elsewhere. Such as the nature of the internet.

15. Jo | January 4th, 2011 at 3:59 am
    

    I am disgusted with md web hosting! I called and spoke to indians requesting my service was cancelled to which they said it was! It’s only after they invoiced me that they advised me the only way you can cancel is through a form – and too bad for you but you have to pay this anyway, did the hosting get cancelled!! Do not use this provider!!!

16. grynge | January 4th, 2011 at 4:09 am
    

    They seem to have a habit of doing that, if it was to your credit card you can endeavour to have the bank do a recharge on them. Sorry to hear of your troubles.

17. David | February 2nd, 2011 at 5:12 pm
    

    Wow..this site is great. I wish I had know it was here earlier.
    I had my reseller hosting account with MD aswell. My site was hacked and phishing emails for various banks around the world were sent from my site. one bank in Australia too. This of course grabbed the attention of the Australian Federal Police who I had to deal with and which I might add finally got the attention of MD.
    After I suggested that their service was terrible and I was thinking about finding another provider they blamed file permissions for that one too but also suggested that once hackers found my site they would just keep on hacking and that I should find another provider.
    Well I did find one. i still have domains there but I am slowly getting those transfered too. Which brings me to my last complaint. I had trouble finding my EPP transfer code for one of my domains and registered a support ticket to help me find it. Well that was about 12 hours ago now….does it really take that long to find it for me???? Well my domain expires in May so I hope i get it by then.

18. grynge | February 3rd, 2011 at 12:12 am
    

    Hi David,
    it sounds like they are still up to their old routines. Did you do a reverse dns on the server to see what other sites where on it and then check them for the hacked code? They tried to blame me but when I tested the server everysite also had the same code that was injected into every .html .php file.

    I do hope you get your domains sorted. The EPP code every registrar is supposed to have those available to the client well according to AUDA. If you have the old resellers ip address send me another comment and I will check it out for you if you like.

    Good Luck with your new hosting.

19. David | February 3rd, 2011 at 3:11 am
    

    Well it is close to 24 hours now since I lodged the support ticket for my EPP. I recieved the automated reply that we have your ticket bla bla but nothing else yet.
    I have looked through my main account and logged into the actual domain login area and I can not find it anywhere. I can change my DNS, password etc but I can’t find the EPP.

    Anyway I do not have enough knowledge of the code to determine if other sites had been infected.

    I have been with my new hosting company now for a while and they go out of their way to help and even admit when they make mistakes as they did during a recent server migration.
    I even get a free SSL everytime I transfer a domain to them.

20. David | February 3rd, 2011 at 3:17 am
    

    Hmmmm…I wonder what happened to Karla the Business Operations Manager for MDWebHosting. I think I read that “I am reading every single comment that is being posted on this website, and that we are adressing every single issue we encounter on the way.”
    Hmmmm..if if she can’t address the time it takes to respond to a customers request for an EPP I find it very unlikely that she has the ability to be the Business Operations Manager for MDWebHosting.
    Well, just a thought….

21. grynge | February 3rd, 2011 at 8:27 am
    

    If you are still having problems getting your epp, you can visit AUDA password recovery and if your email address is on the contact list you will receive it from AUDA.

    I am glad your new host is working out for you.

22. grynge | February 3rd, 2011 at 8:56 am
    

    MDWeb used to keep an eye on this site but I am not sure, they have either changed ip’s in which case I don’t know the new ip or they have not bothered because I haven’t done an update for a long time. I do know from the statistics that we get a lot of traffic for their keywords. If it was me I would keep an eye out but then again who knows.

23. Will | April 3rd, 2011 at 2:39 pm
    

    It may have something to do with MD practically becoming Netregistry. Their website had a similar style client area to Netregistry, however, now the site simply redirects to Netregistry. Cya MD!

24. grynge | December 11th, 2011 at 1:53 am
    

    Yes Will seems MD Web Hosting is no longer with us.

25. Mick | December 18th, 2011 at 8:54 pm
    

    Hi over 6 months ago I had my website hacked they replaced my pages with there own stuff. not knowing alot about web set ups I had to get somebody to fix problems

26. grynge | January 9th, 2012 at 3:05 am
    

    Sorry to hear that Mick, did you change hosts or are you still with them?

Leave a Comment