I guess it happens to everyone sometime. I just wasn't ready for it.
Some sleaze ball operating from a European IP address (which means he could be anywhere) managed to get my account information for my primary domain in one of my three accounts.
Then he (or she...or it) sent out more than a million spam e-mails using my primary domain. That will get any respectable server blacklisted in a heartbeat.
To my host's credit, they shut me down before most of those could be delivered. (Imagine how many bounced e-mails I would have received. Or spam complaints - even worse!)
But also, imagine my panic when I logged in this morning and saw error pages that said my account had been suspended...
Here's what happened and how it was worked out so quickly...and why.
My host sent me an e-mail immediately telling me of the suspension, but unfortunately I didn't have my alternative e-mail (like a yahoo or gmail e-mail) input in my profile, so it went to the suspended e-mail account and I didn't get it.
Lesson 1: Make sure your host has a way to reach you when everything fails.
When I called customer support, a junior technician was very nice, but only confirmed that I was suspended. When I got my security issues fixed, he said, I should give them call back. Instead of going ballistic, I suggested maybe I should talk to a supervisor.
Lesson 2: Be nice.
Nick got on the phone. He was the supervisor who suspended the account. He told me exactly why, what needed to be done on my end, and how I could protect myself from further damage. Those were three factors I needed to understand.
Lesson 3: Talk to the expert.
I took notes, including Nick's full name. Then I did what he said.
Run anti-virus full scans on all my computers. Check...
Run anti-spyware on all my computers. Check...
Check my files and folders for my websites for any strange files that shouldn't be there. Check...
Check with all my outsource partners to make sure they don't have access to my cPanel, but use FTP accounts instead. Check...
Lesson 4: Do what I was told and keep notes of the results. (No spyware or viruses by the way.)
Then I called Mark Hendricks [http://www.the60dayexperiment.com/newiss] - a trusted mentor who has gone through this stuff before. I wanted to confirm that I was doing all I could do and to be aware of anything I should get the hosting company to do. As I suspected, he suggested changing all my passwords just to be sure that whoever hacked me couldn't get into my vital info.
And one other thing: Make sure they de-listed the IP address that had become blacklisted and reinstated the account on a clean IP.
Did that...
Lesson 5: Always get a second opinion.
I changed the e-mail passwords on all my accounts, removed unused FTP accounts and changed passwords everywhere else.
Lesson 6: Change passwords frequently.
Then I called back Lunarpages.com [http://www.the60dayexperiment.com/go/host.htm] and got the account reinstated. The junior tech hesitated and suggested waiting until tomorrow when he could get the supervisor's approval. I said I had talked to Nick and read the steps he suggested, including calling back to get it reinstated when all were completed.
It was reinstated within minutes.
Lesson 7: Take notes, be clear, stay calm, be persistence until you get results.
You know much more than you think. Turn Your Knowledge into CASH! with The 60-Day Experiment: http://www.60DaysTo100K.com/eza.htm
0 comments:
Post a Comment