Tweet
Reseller accounts do not have any proection against attacked
I just like to inform others on the accounts here. I have 2 Cpanel reseller accounts and has been using them for few years. Recently my accounts has been hacked into with C99. This is not the first time but the responds they gave make me mad.
I informed them on the hacking and ask them to investigate. The first reply they said is that my script is vulnerable for attacked and I should update my scripts. Fair enough that I should look into my script but the problem is not on my script but the vulnerability on the account. The ClamAV they have is not working and not functioning at all (at the time I try to run). There is no mod_security and no other modes of preventing hacking. I have other reseller account with other provider and they can detect it and does not allow them to be uploaded.
I tried to ask them to put mod-security but they rejected it and confirmed they will not at any time install them. Why are they not installing them when it is good for everyone and it is free. I really don't know.
I fully understand and agree that there is no such 100% of protection and no 100% detection; and that there are still some ways to exploit the system but AT LEAST there should be some measures to try to block them or to detect them in our accounts.
My accounts are hacked and all they can do is nothing.
I informed them on the hacking and ask them to investigate. The first reply they said is that my script is vulnerable for attacked and I should update my scripts. Fair enough that I should look into my script but the problem is not on my script but the vulnerability on the account. The ClamAV they have is not working and not functioning at all (at the time I try to run). There is no mod_security and no other modes of preventing hacking. I have other reseller account with other provider and they can detect it and does not allow them to be uploaded.
I tried to ask them to put mod-security but they rejected it and confirmed they will not at any time install them. Why are they not installing them when it is good for everyone and it is free. I really don't know.
I fully understand and agree that there is no such 100% of protection and no 100% detection; and that there are still some ways to exploit the system but AT LEAST there should be some measures to try to block them or to detect them in our accounts.
My accounts are hacked and all they can do is nothing.
Comment