IX Web hosting lame

5Dec

Back in August I posted about some of the problem I was having with my web host, IX web hosting. All of my files had been reset to read only as well as having junk code inserted into them. When I contacted IX they shirked all responsibility for the issue and insisted it must have been because I had a virus or trojan on my PC.

Well that post has evidently been found by various other IX Web Hosting users since I posted it and guess what, they had the exact same thing happen to their accounts. Of course this meant that IX was full of shit. The compromise was not isolated to one user’s content, it spanned the server. It really pisses me off. In response I sent the following to them as a “comment”. I hope it gets in front of the higher ups at IX but I highly doubt it will make it past Vladimir or Dimitry…

Back in August I contacted IX after every single file across ALL of my domains had their permissions reset to read only and also had malicious code injected into the end of every single html and php file. I notified IX of the hack and told them that it happened across all of my domains, not just one. I suspected there was a server wide compromise that could have allowed the hacker access to all of my domains.

IX help desk staff dismissed any responsibility for the problem. Instead they pointed the finger back at me, saying the problem was surely because I had a trojan on one of my computers or perhaps one of my software installations was insecure.

I indicated to IX staff that this was highly unlikely since I am a local network administrator and take the necessary precautions to make sure my local pc is not compromised. Furthermore, the applications I had on IX (WordPress blog and PHPBB3) were up to date with the latest versions.

None of this mattered to IX staff, they refused to look into any sort of problem on their end. They said that had no other reports of problems on the server.

Since that initial problem I have had several other incidents where phishing files were dumped into my site as well as some malicious code being injected into my PHPBB3 board.

Again I did some research and contacted PHPBB3 tech support. They indicated the type of attack pointed to a server wide compromise. I passed this information to IX support and again asked if they could look IN DEPTH at web237 to see what was going on.

AGAIN I was told I had a trojan or my software was not up to date. IX refused to accept any responsibility for the hacks.

Well I posted about some of my issues with IX in my blog. You can view that post here. https://blog.duf.net/?p=1800 (read the first paragraph and the comments from other IX users at the end)

What I discovered were other IX users having the EXACT same compromise that I did, meaning the problems WERE across accounts and not isolated to just mine because of a trojan or virus on my pc.

If IX has any interest in maintaining it’s customer base I suggest a new attitude is taken by their support staff. There ARE issues with security on your shared servers and they are not being addressed by your network admins.

I understand it is far easier to simply point the finger back at your customers instead of making the considerable effort to full investigate these type of issues. However I would offer that if you have any interest in more of this bad word of mouth not spreading across the internet you may want to stop exclusively blaming your customers for the poor security on your shared servers and take some responsibility for securing your shared hosting services.

I would appreciate it if this comment found it’s way in front of the IX President/CEO.

ix web hosting problems

10 comments

Nicole December 13, 2008 at 2:06 pm

If you are sick and tired of the lies and deceit from IX hypocrits, please leave a comment on my block.

http://ixwebhostwarning.wordpress.com/

It’d time IX stood up to their faults, and stop blaming the customers!!

Tony Collings January 22, 2009 at 9:29 pm

This may not be a hosting issue. The majority of open source applications use TinyMCE as a WSIWYG editor in the administrative areas of their applications.

A TinyMCE hack allows you to inject encoded PHP script, infecting every file on that domain.

I reported it some while ago.
http://techblog.tonycollings.com/?p=39

Duf January 22, 2009 at 9:37 pm

My WP has always been up to date, the problems spanned domains as well as other customers domains. IX has admitted fault, kind of.

IXsupport March 23, 2009 at 7:34 pm

Just a note, IX did begin taking a very serious approach to this issue. Many times these hacks were caused by a combination of open-source software and IX’s use of an older version of PHP and Apache. We have since, updated both PHP and Apache to the newest versions possible for each customer.

Duf March 23, 2009 at 8:16 pm

Yea to be fair, the last couple months I have not been hacked. That being said, for IX to let their servers become so insecure was inexcusable. What’s even worse was their constant blame of their own customers for what was their problem.

IXsupport March 24, 2009 at 5:59 pm

Thank you for your feedback. I’m so glad that you have not experienced the same issues as before, recently.

You are absolutely right that the amount of time was inexcusable. These changes that took place are BIG. Testing had to be extensive so that our customers’ sites were not caused serious problems to their functionality.

Yes. We have had since then a serious change in customer relations policy. You should now find that customer service does not carry this same attitude.

Duf March 24, 2009 at 6:15 pm

Did you ditch the Romanian help desk? That would be a great start!

IXsupport March 24, 2009 at 10:50 pm

Lol. Let me just say that we are working to improve all avenues of support and communication.

Crystal June 4, 2009 at 1:00 am

All my sites were hacked 5 times in a matter of 6 months. I was so tired of it, and the finger was pointed towards me. I did a search and found a mass amount of people were also hacked by the same code put in my files as theirs. I’ve switched hosting to another company and haven’t had a problem since. Lets just say, it was their fault! ( Not to mention how angry I was that they kept telling me, it was me!!!)

Crystal June 4, 2009 at 1:01 am

OH, and on another note, they were going to charge me for their “techs” to go through my files and correct the problem. What a joke!