Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Hostslick Shared Hosting Hacked?
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Hostslick Shared Hosting Hacked?

Recently bought shared hosting from hostslick because of their corero l7 filters. Upon pointing my domain at their ip my website starts showing a scam site instead of my site. So far 0 reply from hostslick
https://prntscr.com/glr14m
https://prntscr.com/glr0gp
https://prntscr.com/glr0qq

Comments

  • Have you tried uploading a file?

  • Yeah my index is uploaded and it makes no difference. even if I manually do /index.html

  • TheLinuxBugTheLinuxBug Member
    edited September 2017

    @AlexJones said:
    Recently bought shared hosting from hostslick because of their corero l7 filters. Upon pointing my domain at their ip my website starts showing a scam site instead of my site. So far 0 reply from hostslick

    https://prntscr.com/glr14m

    https://prntscr.com/glr0gp

    https://prntscr.com/glr0qq

    I am going to guess out loud here and say you are not familiar with how cPanel hosting works?

    When using cPanel if you do not setup an SSL certificate for your domain and you go to the https version of your site on a shared IP, it will result in showing the default site associated with SSL on that IP. In this case it seems like the main domain on that IP happens to be that scam site you are seeing. In general, most cPanel hosting groups try to associate this with the default cPanel ' there is no site here' page, but this is not always the case. If you wish for this site to stop showing then you should place an SSL certificate for your site. In most cases you can get one free using AutoSSL which is included with cPanel for free, if you don't wish to purchase one.

    If you do this and continue to see the other site then you should report this to you provider as something is mis-configured.

    Also I suggest you change the topic of this thread as it isn't what is going on here. While that page does look like a scam/phishing site and it should be reported to hostslick, they are by no means hacked.

    Edit:

    To Note: I am assuming you were going to https although you obscured the URL so much that on a second look I can't be sure. So if I am wrong and you are using http, then I would suggest you ticket the provider and ask why you end up seeing that page as it would likely be a mis-configuration of the server in some way.

    my 2 cents.

    Cheers!

  • jarjar Patron Provider, Top Host, Veteran

    Thanked by 3MasonR Harambe paco
  • Probably should be more concerned about the trial license.

  • @TheLinuxBug said: my 2 cents.

    Cheers!

    Worth noting he has CloudFlare enabled with proxying. He isn't accessing the site directly. Refer to screenshot #2.

  • HostSlickHostSlick Member, Patron Provider

    @Ishaq said:
    Probably should be more concerned about the trial license.

    Correct. However, fresh setup server. Will go over to Full license when over.

    No, not hacked.
    I can confirm server and issue was checked and not compromised or hacked and he is the only one with this problem.
    OP probably pointed CloudFlare to the wrong IP which could have caused this.

    Ticket was updated. Mods can close this.

  • HostSlick said: Correct. However, fresh setup server. Will go over to Full license when over.

    erm.. Ok I guess.

    HostSlick said: OP probably pointed CloudFlare to the wrong IP which could have caused this.

    He posted screenshots showing the correct IP.

    Did you check if the mysterious website is the default on that server? That could cause this, too.

  • WirrkopfWirrkopf Member
    edited September 2017

    I checked the IP (the censoring isn't that great) and the homepage displayed on the screenshots is in fact the default page for HTTPS requests. I think you should switch your Cloudflare HTTPS settings to 'Flexible SSL mode'

    Thanked by 1jiggawatt
  • AlexJonesAlexJones Member
    edited September 2017

    The IP is pointed correctly. I bitched about it and asked for a cancellation so they closed my account and refunded. Very bad experience. They also lied about using nginx testcookie for protection when they have 0 protection.

  • TheOnlyDKTheOnlyDK Member
    edited September 2017

    @HostSlick said:
    Ticket was updated. Mods can close this.

    Excuse me, but who granted you the power to tell the mods/admins to close someone else's thread?

  • FranciscoFrancisco Top Host, Host Rep, Veteran

    AlexJones said: Very bad experience

    Did you try blaming the gay frogs?

    Francisco

    Thanked by 1paco
  • @Francisco said:

    AlexJones said: Very bad experience

    Did you try blaming the gay frogs?

    Francisco

    But, but.. we all love you, Franny!

  • @AlexJones said:
    Recently bought shared hosting from hostslick because of their corero l7 filters. Upon pointing my domain at their ip my website starts showing a scam site instead of my site. So far 0 reply from hostslick
    https://prntscr.com/glr14m
    https://prntscr.com/glr0gp
    https://prntscr.com/glr0qq

    You forgot to censor out the server name (Dolan). It pretty much gave away the hostname (dolan.hostslick.de) :P

Sign In or Register to comment.