Posts Tagged ‘malicious files’

“you may come to know what a brain seizure is really like after you’ve experienced the comical and incredibly maddening world of IX Web Hosting Customer Support.”

Ix web hosting worst host ever

Posted by **** *****  Dec.26, 2009 

With one of the best pricing plans, and seemingly unlimited capability, ixwebhosting.com fails to live up to any claim of service dependability. Uptime? In the past 30 days, the server hosting my websites [not associated with thedealis.com] has been down 4 times. This downtime typically lasts 3-6 hours.

Typical response from ixwebhosting tech support: Sorry!

This is the first time I have encountered this in the approx. 5 years I have used the service. I switched to different servers last month. Tech support says upgrades [blade servers] are coming in January and that ixwebhosting will “redeem themselves” with this update. I hope so!

I can’t recommend this service to anyone. Had you asked me a couple months ago, I would have raved about the service. I have not had an issue with billing or tech support previously. Is tech support located in India? Possibly. Seems lately, I reach Jahuud Hussein each time I call the 800#.

These are the issues I have encountered. What other issues are lurking within ixwebhosting? If you have had issues with ixwebhosting services, or can recommend a better hosting service – let me know!

I did find this quote from one [former] ixwebhosting customer on the web “you may come to know what a brain seizure is really like after you’ve experienced the comical and incredibly maddening world of IX Web Hosting Customer Support.”.

Original artical can be found HERE

Hahaha.. I know it is really not funny, but sometimes you just have to laugh…  The above screenshot is from www.examinarse.com  Seems like the owner packed his / her bag and left in a hurry..

While I’m here, I might as well post a few recent comments from HAPPY IX CUSTOMERS.

———————————————————————————————————————————

I hope Google ranks this website in their top search results for anyone wanting to know more about IXWebhosting. I had been with that webhost for more than 4 years and changed all my sites to a different host just last week. IXWebhosting is the most poorly managed, technically incompetent and frustrating company I have ever had the misfortune to deal with.

Why have I been with them for 4 years?
Their webhosting plans were at the time and still are pretty cheap when compared to other competitors. But its true, if you throw peanuts, you’ll get monkeys. You are ok till the time you have a website with only static (html pages). That’s what I had for 2 years. The moment you have a dynamic site, have anything to do with databases, use pages in asp or php… God save you. I’ve had nothing but trouble for the remaining 2 years pulling my hair out with every trouble ticket raised.

Customer Service
Its the most slowest, incompetent buffoons I’ve ever interacted with. Every ticket raised takes a minimum of 14 hours to be verified. Their typical replies are “everything’s ok at their end”. They do not understand your query, nor can they understand any technical issues.

Spam-
I lived with spam in each of our mailboxes for all the time I’ve ben with IXWebhosting. Spam is like its brother. Besides having issues with our mail disappearing from our mailboxes (their backup could only restore some of it as it was infrequently taken), I had to put up with tons of spam. At the time of writing this, I believe they have made the web access to the email accounts over https, but still, my experience with them was ghastly.

Server Security-
My websites were hacked many a times. Their servers are easily vulnerable to anybody. I will rate my expertise with networks and security at advanced. To test the security I have hacked into my own hosting webserver and seen the list of domains, their entire contents by simply installing a ridiculous script. I raised this issue in a trouble ticket and the response was.. you guessed it..”everything’s ok at their end”

Their famed easy to use preloaded scripts (Easy Apps collection)-
It is user friendly to install, I’ll agree. But every one of them is completely outdated, buggy to customize and of course vulnerable to hacks. Their excuse- Its the entire collection of scripts that they install when they update the server software (maybe years before). The scripts in them cannot be changed or upgraded.

Final Comments-
If you have a simple website with a couple of html pages and you don’t mind spam, if your wesite is hacked or defaced, its good value for cheap hosting.
Otherwise, Avoid Them Like The Plague… as someone else wrote in here.

I am not affiliated with anyone or anything from anywhere and all the experiences above are my own.
Archie H

=====================================================================

We have been using IX for a long time. First thing that happended was that they allowed my EX-Wife access to my account after we were divorced because she has paid by her credit card at one point for one domain name. They changed the admin panel and allowed her full access to everything because she did not pay for her domain and called them! MORORNS! We have a pro business account and they allowed her access to customers account info, OMG what a night mare! Finally after getting the police involved they fixed it. Now 3 out of 7 of our accounts have been hacked… We have not done or changed anything, in fact the accounts that have been hacked are just place holders for domanins… I have asked it to be fixed from backup 4 times so far and as of yet nothing… I am just in the process of moveing everything to a new local box and say GOOD BYE loosers!
Michael

===================================================================

Server vulnerable to hacking, infected our site, IX Web Hosting refused to acknowledge or address, arbitrarily shut us down. Luckily, we had just completed set up with an alternative server and this didn’t cost us the significant downtime, money and trouble it could have. AVOID them like the plague!
Dayl

====================================================================

 

In the beginning (up to a year ago) everything was fine. Now I have had so many problems that today I have changed my hosting company and left ix-webhosting and went to BlueHost.

My problems:
1. extremely slow server response (average response to a simple html page over 5 seconds). Regularly browser says: no server response. My customers are complaining. Maintaining my blog is almost impossible
2. ftp regularly does not work (complaint by server: too many clients, but I have just one ftp connection open)
3. average response time of trouble ticket about 24 hrs
4. tremendous problems in upgrading from php4 to php5 (I had to change ix-webhosting servers), without any help from them. They offered me help but that would cost me over 200$
5. their mysql server is slow

When I complain to them they tell me these problems are temporary and that they are about to improve it all.
Ad

=================================================================

Once again I have had a horrible experience with IX WebHosting. Here is a list of issues that I exprienced over the last year of being with them:

1. The password to the control panel keeps getting reset and I know for a fact that only a select few have access. Any changes made by those few are logged and disseminated to the rest. When I ask I am made to look like “what’s the big deal?”

2. They NEVER return calls and almost never update tickets except to close it and say that it was your fault. They refer you to the “system admin” who is a ghost as far as I am concerned then are quick to tell you that they can’t do anything else to help you.

3. Press as you might the cannot suggest when the problem can be fixed. It is like they think that your business and clients that are affected by problems don’t matter.

4. Their first level support are unskillful googlers who waste no time in presenting irrelevant rubbish explanations that clearly shows that they have missed the basics of training.

Most Recent Exerience:

Unfortunately they host my mail (haven’t gotten around to hosting my own as yet). One of my customers suddenly cannot send me any mail from their domain, at least I no longer receive it on my domain hosted with IX Webhosting.

My customer had a recent SPAM issue that was resolved however they were not blacklisted. All this time I was receiving mail fine. However a while after the issues is resolved I cannot receive any mail from them.

I try chat support who quickly tells me that I need to call in to report the problem.

ok I call and some guy is trying desparately to convince me that there is a problem with the MX records of my client. And even though I tell him that mxtoolbox gives me a clean report and also that my hosted mail is the only domain that is not receiving mail from my client along with other information he refuses listen. Eventually he gets tired and tells me that he has to get a system admin to call me back.

24 hrs later no call from any admin and I decide to log a ticket myself and describe the problem – no response.

I call back again and a young lady informs me that the issue was left untouched, whatever that means and puts me on hold after every question I answer. She then routes it to the “correct” queue and pomises me that I will receive a call.

24 hrs later no call and no update other than hers that says the call is on hold.

I update the ticket to ask what is going on?

12 hrs later no response so I call and was informed that since I updated the ticket to ask a question it was reverted to the end of the queue. Apparently I was punished for quering the status on my issue….

Another young lady can give me no indication as to an estimated resoution time or at least response time.

I ask for her supervisor who refused to give me his name but was quick to tell me that I would have to wait until the admins got around to looking at the problem.

He didn’t think it was reasonable for them to at least update the ticket and was quick to tell me that “we are just the phones” and that they couldn’t escalate beyond redirecting my problem to the admin queue. They would get to it whenever they can and I would have to wait…”there are other customers ya know?” so I have absolutely no idea how long I will be in that queue. His entire tone suggested that he had worked a tripple shift and was tired and grumpy or he simply couldn’t be bothered. Meanwhile I embarasingly have to tell my customer that I am in the process of moving my mail services which after this I definitely will.

It really upsets me when companies like this get away with such horrible service.

The least you owe your customer as a service provider is a timely and honest update(s) especially when there is a problem. Lack of communications leaves people to assume the worst and suggests that the customer is not important. It does not matter where the fault lies – you are providing a service and it should be your obligation to protect the reputaion of that service by open communications to the client at all times. As an IT consultant I can personally attribute the retension of my business not to my knowledge as much as to ensuring that my customers are always informed and have open access to me. Many times it has been my saving grace during the few hiccups I have made over the years.
Anson

=================================================================

Ordered web hosting form them on Thurs. pm, finally setup on Fri. However, could not upload web since FP extensions were not installed; I installed them from the panel. Long story, several calls to tech support, they can not get the FT issues resolved; moved up to admin. Called over the weekend and told it would be 24 hours…I had to wait in the queue. On Monday afternoon I was told give them another 4 -5 hours. I cancelled later that night about 10 pm…issue not resolved. Tech support was useless. They did offer 2 months extra time if I stayed. After 30 days I would have los the $$; they did refund my $$. I had used them for a couple years in the past without too many issues, site did go down several times. Not recommended.
Rick

===================================================================

And the list goes on and on and on, but that makes good posting for another time.

EVERYONE  knows that IX web hosting pays for high listings and “Praise Reviews’ [ read article HERE  ] and their ” Affiliate Army ” is told to SPAM boards trying to lure people to use IX Web Hosting. Do not be fooled by the low prices and  Unlimited Everything, Do NOT become a statistic, because like 1000’s before you, you WILL regret it.

Just see for yourself what REAL Customers that have NOT been paid to post positive comments about IX have to say:

http://www.webhostingreviews.com/ix-web-hosting-reviews.htm

AND

 http://www.webhostingstuff.com/review/IXWebHosting.html 

AND Another one

http://www.web-hosting-top.com/web-hosting/web-hosting-top.ixwebhosting.com-reviews

You will start noticing “Positive” reviews being posted by the Paid Affiliate Army.. but they always stand out as being Fake.

During the last 4 days Numerous People are reporting their sites are infected, and customers are being re-directed to a Russian site.
So far ALL the sites reported are hosted on NS3.IXWEBHOSTING.COM and NS4.IXWEBHOSTING.COM.
If your site is hosted on these servers, OR possibly other servers, you should check your website, by using a SEARCH ENGINE. DO NOT go directly to your site through your search bar OR shortcut, but use a Search Engine. The results are being re-directed. It will also be a matter of time before these sites will be “Blacklisted” by Google and other search Engines.

Feel Free to contact IX Web Hosting about this matter, but they will only blame you for their issues, and  lack of  knowing how to treat their customers with respect.

Please send us a message if your site has been comprimised.

This week has been a complete disaster for 1000’s of IX Web Hosting’s  customers.

reported-web-forgeryx

A new wave of the .htaccess injection is affecting 1000’s of sites, but things just get worse and worse, Google is flagging sites hosted by IX Web Hosting because of the sites being redirected to infected sites.
Some customers sites are even getting “Splashed” by Google with “‘Reported Attack Site’ ” can you imagine spending YEARS building up a reputation and then having your site and your reputation  Destroyed because of a hosting company that after 10 MONTHS!! still cannot and has not fixed this security issue…

10 MONTHS!!!  IX WEB HOSTING… You should be ASHAMED!!

Here is an example of someone who has spent YEARS working hard to build a (basic) website and a reputation, and all was lost…

This is the third time I’ve requested review and had it result in a continuation of the ban. I’m a simple artist trying to make a living while going to school. My reputation is being destroyed by this, as well as my art. I’m not a programmer but I know my html that I wrote for my site, and it’s ridiculously simple. All the 3 pages, even though it was said there where 5 pages, that were listed in webmaster tools were the same exact html files I wrote. These were:
 http://www.****art.com/ADAbout.html
http://www.****art.com/ADBreedKirin.html
http://www.****art.com/Itemhtml/directions.html     { Links killed by neverix}

I’ve downloaded and looked at the code of each of these, finding nothing wrong with them.
I also have called my Host, IXwebhosting, who crawled through my site and looked at my files. They said they couldn’t find anything either and that there seemed to be nothing wrong. They also said the ‘Reported Attack Site’ html page google slapped on top of my index wasn’t showing up for them. I had posted once on this forum before with the question: ‘WHERE is the malicious code showing up,’ and I was told how to submit a review. Google is ruining my reputation, my site, my client base, and wasting my precious time. I don’t know what to do anymore, because nothing I have done seems to have worked. I re-uploaded my site, changed permissions to 444, removed any kind of php and unnecessary files, changed my two user passwords to more secure ones, and everything else I’ve mentioned in the above text. I don’t know what else to do. I’ve spent years establishing that site and it’s reputation…years now wasted and ruined.  Please someone help me.

I hereby invite IX WEB HOSTING to send me their side of the story about this issue, I will post it on this blog for everyone to read…  It’s only fair to hear both sides of the story.

And NO, this is not just a “One Off”  see 1000’s more : http://www.google.com/search?hl=en&safe=off&q=%27Reported+Attack+Site%27+ix+web&start=0&sa=N

 

From a Unhappy  IX  customer

I was beginning to think I was crazy. My site would get hacked and I would change the password. This would keep happening over and over. Yet every time I would call in they would say it was my fault. Well today I discovered that once again my site had been hacked as well as all the other domains in my userid for them.  While going through one of my sub domains I found a hackers control panel which I downloaded and took a screen shot. I even looked around in it. I realized quite quickly that I had server root access and I could see other peoples files like I was on a regular computer. This control panel seems to have it all. Anyway here is a screen shot for all you who wonder what is going on:

I have marked my info out to spare me as well as the folder I was browsing. But this control panel seems to have any exploits you want on it with very little effort.  It even has a handy self kill button which I used. Of course I am sure they will be back and hack right back in. Meanwhile I have to look into another host.

IXhackerscreen6

CLICK ON IMAGE FOR LARGER PREVIEW

 

So many people being banned by Google, and cannot find the source of the Injection..

 I have previously posted on this blog WHY you cannot find the code.. Because  the code is NOT on your page. The code is, and can be anywhere on the server ( I have posted 3 links to the code that was hidden as a .jpg)  The code added to your site is actually an Iframe, so what you should be looking for is a small snippet of code that calls the script. ( check your Config, Header, Footer, Index.php etc.. ALL pages that get called on every page

Yesterday someone contacted me with this issue, and that person was also banned by Google, and had spent weeks trying to solve this problem.. They  finally found the code in the CONFIG File . ( thanks to this blog)
The site is now clean, but it will only be a matter of days before it is injected AGAIN!!

Here is the post I posted in December last year:

Hundreds of  IX customers, are contacting me to ask about the Injected script ( posted in a previous post) they are asking me HOW to remove it, because they cannot find it…

The Reason they cannot find it??

Because of a MASSIVE SECURITY ISSUE on IX WEB HOSTING’s SERVERS!!.. the script is NOT actually put onto any of your pages, the script is actually hidded somewhere on the server..

So far I have found 5 “seeds” .. These are the codes that are appearing  in  over 100,000 sites

( These have now been removed by ix web hosting but as you can see, the actual file is well hidden and disguised as an image. REMEMBER, this is where the files were stored that YOU can see on YOUR pages )

Remember to view the “source code” in the above links.

Very interesting is the second “seed” that is actually in an IX standard “modlogan” folder, that is standard a chmod 700 .

Secondly it should not be possible on any shared server to inject this script onto EVERY file on that server. The fact that this is happening means that IX web Hosting has not got a clue how to protect their servers, and customer web sites. 

So as you can see, this script IS  NOT actually put into your script, that is why you cannot find it.. HOWEVER, somewhere on your site, there is a bit of code  ”Calling” this script, and that appears in your pages.
Check  ALL the pages that get called for every page, ie. header, footer, index, config, sidebar etc. 

So far I have evidence and proven that the following IX servers running the following Database’s  are seeded:

  • mysql33.ixwebhosting.com
  • mysql15.ixwebhosting.com
  • mysql27.ixwebhosting.com

If you know of any others that are seeded, please let me know.

Hope this helps

:: Some people have contacted me to tell me that the Injected Script is ( also ) injected into the database, and in some cases a new table is created.
I have checked 9 databases of infected sites, and I have not yet come across the script in my Database’s, so I think that this might be “script” related, maybe that some scripts such as PhpBB2 allows for this to happen, so I recommend searching your Database for the script as well ::

=================================================================

This issue has now been going on for more than 10 months…. 1 year this May.. Will IX Web Hosting be celebrating  this milestone?