Last Week, HostGator (www.hostgator.com), a global leader in VPS and dedicated web hosting declared that a large number of IP addresses used for email gateways on virtually every webhost in the world being blacklisted on multiple networks. Because of the accident, globally the email becomes undeliverable (any time the email originated from one of the blacklisted IPs and was “received” on one of the blacklisting networks).
This inability has lasted for more than two days and affected lots of customers. Fortunately HostGator was one of the first companies to successfully ease the situation and after that it has offered its help to other companies with this issue. At the present HostGator is making efforts to remove its IPs from the blacklists and restore full worldwide email deliverability from the network.
Different from the situation in April in which, WordPress websites were attacked by Botnet, this time it’s targeted at Joomla which has been found to have a series of exploits against known vulnerabilities. These vulnerabilities, related to JCE, had been early addressed via certain mod_sec rules. But finally a workaround which can install and later activate malware was applied to the uploading and execution of mailing scripts.
It’s attributed to a mix of many factors which can be traced back to several months ago. Those mailing scripts were activated altogether and began a massive spamming campaign which directly explained the blacklisting of email gateway IPs worldwide.
The first one to have users’ reports about this issue was AOL, one of the largest networks, and then HostGator produced the forum post. Since last Friday HostGator has increased extra monitoring capability on the system to keep alert to situations like this even faster and sharper. Its work was back to normal though it’s not until the next day that the majority of the blocks were resolved (spam lists move slow, with good reason).
There are lessons to learn about this incident. The most important one is to (again) keep all scripts on the hosting account latest. Most scripts have a one-click feature to update them anytime a new version is released. Keeping scripts updated is the most significant to secure hosting account. Failure to update scripts, as well as not exercising basic security practices, will make networks vulnerable to situations like this. An out-dated script on a hosting account is similar to an unlocked car left in a parking lot, which could easily get damaged. The best way for protection is to lock it. So log into the hosting script back-ends and ensure they are up-to-date.
For more information about the company go to HostGator Review page.