All sites have been moved to the new server and a few minor hiccups ironed out. It all seems good. I am still monitoring for re-infection and there has been none so far. This is very good.

The migration was less stressful than I expected. Maybe it was just less so compared to the last couple of weeks.

I have had some people send me emails they don’t understand…this is good too. Keep it up.

Also let me know anything weird or not working via support.123host.au

Today I was surprised to find I was chilled enough to take up a freebie offer at Dreamworld where we went on all the rides.

Steve

All accounts have been moved to the new server.

There have been some minor issues when the transfer tool hasn’t migrated DNS settings properly but they are easy to fix and it all sorts itself out relatively quickly.

So far so good.

If you received a notification about SSL expiring, that was because the new server came with those notifications (which are annoying) enabled. I have switched them off

I remind you that if you you have any issues at all head to support.123host.au and open a ticket.

Steve

Following up from the email the other day (which you can read at https://blog.123host.net.au) I have been unable to repel the attackers.  It seems that they have installed a back door into the system (their own lock and key) and can come and go as they wish.  If there is one good thing in all this, they are not being destructive.  Their method is to insert files into sites (not modify existing files) and extract bank details from people who click links in phishing emails.  I have had a process running that advises me of some system changes and I have been jumping on anything quick smart and deleting it.  But it is a stressful, unsustainable, tail chasing exercise and I am over it.

After a lot of deliberation and following a wave of intrusions this week, I have decided to abandon this server.   I have no choice…the bastards are smarter than me and are relentless. The process of moving all accounts to a new clean server and checking them for malware is under way.  I don’t anticipate much disruption (except to my weekend) but it is a semi- automated process so errors do happen.

What I would like you to do is keep an eye on your website and let me know if anything changes.  Keep an eye on your emails and make sure they keep working. 

I know some of you have had your sites affected.  If you have, please contact me, I would like to make it up to you.

To all of you I deeply and sincerely apologise.  I have been humbled by this event.  It has affected me in many ways and has certainly made me realise that there are some bastards out there who just don’t care…my faith in human nature has been rattled a bit. 

However I intend to keep offering the awesome level of support that has seen 123host grow by word of mouth only.  I thank you for your ongoing support.

Steve

The 123host server compromise from a while back stopped.  We put in extra security measures and audited the server.  All felt good.

However it seems that feelings of confidence were misplaced.  The checking has resumed and is overwhelming me.  It is having a range of knock-on effects as sites are marked deceptive and the server’s trust level wavers.

I have no choice but to rebuild the existing server in order to eliminate whatever back door software has been hidden.

Over the next few days all accounts will be moved one at a time to a new machine.  During this time your site may be disrupted.

I can’t even from the words of apology that are needed.  You have trusted me to look after your site and I have failed.  I especially apologise to newer customer who came to 123host based on someone’s recommendation -FWIW 123host has never advertised and has grown by word of mouth.

I can assure you that in consultation with the data centre we are investigating all options.  As you can imagine, this is going to have a huge impact, not only on me and my business.  I am quite behind answering emails and I will get to them all asap.

I don’t want to overdo it with email updates so if you want to see the latest I will keep updating here.