These days we get confronted more and more with all kinds of abuse on hosting accounts, when hackers and alike gain (partial) access to a site or server. Most of the time the damage is limited, but in some cases it can result in the entire deletion of a site, or in the worst case, the destruction of a whole server.

What we see a lot nowadays is that hackers embed their own files into a site and direct traffic towards it. Mostly this is done to boost their SEO ranking in the search engines.

So how can they do such things, without having the login information?
In nearly all cases they gain access via insecure or outdated scripts which are hosted on that account. Scripts such as WordPress, Joomla, phpBB, just to name a few. These scripts are generally updated regularly by their developers to fix security issues. But when those scripts are not updated, then that leaves the door wide open for hackers to gain entry via those scripts.

You have to keep in mind that no server in the world is 100% hacker safe. But no matter how secure a server is, if it hosts insecure scripts then it will stand a bigger chance of getting hacked.

The most commonly used hacking method is through SQL injection. This is where the hacker inserts their own code to gain more access than allowed.

To give a simple example, the following is a piece of SQL code from a vulnerable script:

"SELECT * FROM `users` WHERE `name` = '" + userName + "';"

This SQL code is designed to pull up the records of the specified username from its table of users. However, if the “userName” variable is crafted in a specific way by a malicious user, the SQL statement may do more than the code author intended. For example, if the hacker enters the “userName” variable as:

' or '1'='1

then the SQL statement will be rendered as follows:

SELECT * FROM `users` WHERE `name` = '' OR '1'='1';

If this code were to be used in an authentication procedure then this example could be used to force the selection of a valid username because the evaluation of ’1′=’1′ is always true.

This is just one example. There are many other, many more complicated ways of abusing scripts. hence why developers need to constantly update, because new vulnerablities are discovered all the time.

This brings us to the importance of keeping your scripts up to date at all times. Often this is neglected. Sometimes simply forgotten, or because the account owner can’t be bothered with it.

It does not have to be this way though, and it’s certainly far from difficult to update your scripts, even for those who are not technically minded.

Softaculous
All our hosting accounts come with the auto script installer Softaculous, which can install over 170 widely used scripts within a few clicks. It can be found within your cPanel.

Softaculous will also automatically mail you when a script is outdated. Please do not ignore these mails! Perform the update as soon as you receive the email!

Softaculous also offers the possibility to import already installed scripts, so that they can easily be tracked (and then you will also receive emails when a script needs updating).
To import a script, first use the script list in the left column to navigate to the script you wish to add. When you are on the script page, click the ‘Import’ link (top right) and enter the domain and directory where the script is located, and click the ‘Import’ button.
That’s it! Your script can now be managed and updated via Softaculous, and you will also receive emails when it needs updating.
Please note: be sure that your contact email within cPanel is up to date!!

If you are in doubt about anything, ask us, that’s what we’re here for.

Security Tips
There’s of course other ways hackers can gain access to your account, like stealing passwords from your computer or your site itself.
A few security tips to minimize the risks:

• Change your passwords regularly
• Make your passwords hard to guess (DO NOT use names, locations, birth dates, etc….)
• Keep your passwords in a safe place (best thing is to learn them by heart and not to write them down)
• Have separate passwords for each login (e.g. don’t use the same password for your cPanel, email, databases, etc. If a hacker finds it, he has access to ALL of them)
• Never give 777 permissions to files! Setting 777 permissions to files will enable anyone to read/write/execute them.
• Backup your data regularly, and store it offsite
• Keep your scripts up to date
• Remove any unused scripts
• Use the cPanel antivirus scanner to scan your folders regularly
• Scan your computer regularly for viruses and spyware/malware

As we said, it’s impossible to make a server 100% hacker safe. And it’s equally impossible to keep all scripts up to date at all times. But updating them at least regularly will seriously minimize the risk of getting hacked.

Keep that in mind, and use the above to your advantage!

We’ve been officially in business for 6 months now, and things are moving fast!

We are constantly adding new features and improving existing ones to make it easier for our client and for ourselves. Because that’s what people want. Nobody wants to wait for ages nowadays to for example get their account created or to wait ages for support to reply and look into their problem. Everything, and especially the web hosting business, needs to be fast paced and easy accessible for everyone.

So let me tell you what we have been up to lately.

US Shared and Reseller accounts
We already offered shared and reseller accounts from our data center in Germany. Now we have the same packages available in our US location as well! The data center is located in Dallas, Texas, and is owned by SoftLayer.

More Details:
- Shared Hosting: http://www.icebluehost.com/services/shared/
- Reseller Hosting: http://www.icebluehost.com/services/reseller/

Instant Script Installation
We have added a new option to all our shared packages. When signing up for such a package, you now have the option to select a script of your choice (blog, forum, image, gallery, …) which will then be instantly installed when your account gets set up. This means you can start using the script right away when you receive your new account details. The script can easily be removed or updated via Softaculous within your control panel.

Master Reseller
Our reseller packages in Germany now have Master Reseller available! With a Master Reseller account you can create your own reseller accounts, normally only available when you have your own dedicated server. This brings a lot more possibilities for resellers, and a chance to build up their business!
The Master Reseller panel also includes some interesting tools, such as restoring full account backups and unblocking IP’s which have been blocked by the server’s firewall.

Live Sales Chat
We currently have live sales chat available. Although not a 24×7 service at the moment, we aim to provide 24×7 technical live support in the near future if the demand is big enough.

Affiliates
We will also be launching an affiliate system soon: earn money by referring new clients to us, and you don’t even need to be a client of ours to sign up! Stay tuned, as this will become available very soon.

IceBlueHost is run from the city of Rovaniemi, at the Arctic Circle in Northern Finland.

Needless to say, it is very peaceful here and the beauty of nature is overwhelming, making this a very nice place to be

But Finland is also a technologically very advanced and well equipped country, with well known brand names such as Nokia, and with high speed internet access widely available.

Rovaniemi was also recently granted the title of ‘The Official Home Town of Santa Claus’^® by the European Union Community Trademark. The Santa Claus Office, just outside town, is visited all year round by many tourists from all over the world.

Some pictures:

The line that defines the Arctic Circle

Santa Claus's Office

A taste of Finnish nature.

And here we are, we now have our very own company blog!

So what makes this blog different from for example the forums or the announcements? Well, this blog intends to give a more personal vision on things, apart from bringing you updates about the company itself. We will be posting about things we like or don’t like, news about hot new products in the IT world, and some personal touches as well, like our surroundings here in the Northern region of Finland.

And if you are a regular visitor, you might run into a special hosting promotion from time to time, which will only be posted on this blog and nowhere else, so keep visiting often! 

Enjoy your stay, and watch out for new posts soon…