Security Alert: Compromised windows servers discovered, thousands of websites may be affected.
In November of 2014, we saw a significant increase in compromised windows web servers, and hosting accounts. According to security experts in the industry, who are also following this recent series of server breaches, there could be hundreds of servers that have been breached in the last few weeks, at several major web hosts in the US. It is believed that thousands of websites (and possibly hundreds of PDshop users) may be affected or at risk.
What does this mean?
If your website (or PDshop) is hosted on one of these servers that has been breached, than your site and files and databases on it (in your hosting account) could be exploited, putting you and your customer’s private information including logins, passwords, and even credit card data, at risk. In some cases, people visiting affected websites are redirected from your site to rogue sites that contain malware.
Was PDshop exploited (used to compromise these sites)?
The good news is NO. PDshop has built in security features that prevent it’s file management functions from being exploited in the manner these servers were breached. By design PDshop cannot be used to upload or modify certain types of files (i.e. .htm, .html, .asp, .aspx, .vb, etc.).
What do we Recommend?
Because of the seriousness of this issue, and the impact it will have on your customer data, and your site’s reputation, we strongly recommend that you Contact Us for assistance if you believe your website, server, or hosting account may have been compromised. Our Support Team will gladly check for any signs of suspicious files or evidence of a breach.
How to tell if your site is affected?
Using your host’s File Manager, or using an FTP client, log into your server and check all of the files in all directories for any recent changes. Check the date the files were last modified. Also look for any new files that you did not upload yourself, look in hidden directories or even image directories (look for unusual “backdoor” files).
What to do to if your site is affected?
The best thing to do is Contact Us. But if you choose not do, first, replace all files that were recently modified with the original ones. Next, remove all files you did not upload, such as suspicious looking “.asp” or “.php” files. Next, change all of your passwords (from FTP, Hosting Control Panel, PDshop Admin, etc.) . Lastly, notify your web host or server administrator, inform them that files were maliciously altered and that there may have been a security breach of your server.
What does this mean?
If your website (or PDshop) is hosted on one of these servers that has been breached, than your site and files and databases on it (in your hosting account) could be exploited, putting you and your customer’s private information including logins, passwords, and even credit card data, at risk. In some cases, people visiting affected websites are redirected from your site to rogue sites that contain malware.
Was PDshop exploited (used to compromise these sites)?
The good news is NO. PDshop has built in security features that prevent it’s file management functions from being exploited in the manner these servers were breached. By design PDshop cannot be used to upload or modify certain types of files (i.e. .htm, .html, .asp, .aspx, .vb, etc.).
What do we Recommend?
Because of the seriousness of this issue, and the impact it will have on your customer data, and your site’s reputation, we strongly recommend that you Contact Us for assistance if you believe your website, server, or hosting account may have been compromised. Our Support Team will gladly check for any signs of suspicious files or evidence of a breach.
How to tell if your site is affected?
Using your host’s File Manager, or using an FTP client, log into your server and check all of the files in all directories for any recent changes. Check the date the files were last modified. Also look for any new files that you did not upload yourself, look in hidden directories or even image directories (look for unusual “backdoor” files).
What to do to if your site is affected?
The best thing to do is Contact Us. But if you choose not do, first, replace all files that were recently modified with the original ones. Next, remove all files you did not upload, such as suspicious looking “.asp” or “.php” files. Next, change all of your passwords (from FTP, Hosting Control Panel, PDshop Admin, etc.) . Lastly, notify your web host or server administrator, inform them that files were maliciously altered and that there may have been a security breach of your server.
Related Articles
Related Topics
Search for help...