Insider viewpoint and some news on what is going on at CyberLNC …
A week and a half ago a new set of dangerous exploits were discovered in the PHP language that puts any server at any host running “Apache Module” (DSO) based PHP in serious danger to hacking. Several of the exploits discovered were disclosed publicly and several others were kept from the public due to the dangers they pose; However the hackers apparently learned of the identified issues irregardless because the past week has shown an enormous exponential rise in attacks on servers all across the internet trying out the newly discovered exploits and also creating loading issues and traffic surges as well as damaging vulnerable servers.
As one of the top recognized security specialists, CyberLNC asked me to assist them with increasing security following the most recent incident a short while ago and in that time enormous strides have been made to improve their security and reliability. However, one item they held off and resisted was my recommendation that they convert all servers to SuPHP for the added security it provides.
Their hesitation in following my recommendation is literally because of the posts here where many users blindly (and ignorantly) try to find new hosts immediately upon learning that their hosts plan to convert to phpSuExec or SuPHP. The pure irony is that every web user out there should actually do the exact opposite and leave hosts still running Apache module (DSO) based PHP on their servers in favor of those running SuPHP!
In light of the revelation of the new exploits and the enormous increase in hacking attacks targeting DSO based servers across the internet over the past week, CyberLNC had no choice but to move forward with my recommendations in order to protect their users and clients even if some of them don’t fully understand the security ramifications or that this is being done to protect them.
The server conversions were scheduled to begin at midnight Pacific time last night but 2 hours prior to the scheduled conversions and security upgrades were scheduled to begin, the very attack they were worried about avoiding actually happened, and ONE (1) of the servers was targeted and hit by hackers before the changes and conversion to SuPHP could be performed. The hackers only targeted the operating system and deleted critical system files bringing the server to the ground and a reload and rebuild of that one server is in progress. Client data files were not touched.
The planned upgrades were postponed and all attention diverted to the attack.
[COLOR=“Blue”]Those clients on other servers at CyberLNC are currently unaffected![/COLOR]
Those clients on the attacked server at CyberLNC will be back online as quick as possible; However, that server will be upgraded to 64 bit and the original planned SuPHP conversion that did not take place will be performed before the server is brought fully back online.
Over the next 2 days, the remaining servers will be converted as well, though none of them should be offline anywhere near as long as this server, as this one server was actually brought down by attack and not from the scheduled planned upgrade that ironically would have prevented this attack before it started.
Over the past month or so, I have observed enormous changes and improvements for the better at CyberLNC and I believe those of you hosting at CyberLNC will be very happy once over this one final but extremely important hurdle.
For those of you who indirectly caused this ----
I am actually talking to those of you out there who think you need to have your site on a DSO based server where you can setup “777” permissions, let this be a vivid illustration to you exactly the reason why you DO NOT want to be on a server that is running Apache module (DSO) based PHP!
To those of you at CyberLNC, the good news is that CyberLNC is in the process of converting to SuPHP and I have also agreed to give them full access to all my specialized security technologies that normally isn’t available to any regular host and is reserved only for the largest corporate and government clients so the level of security measures and level of protections in place at CyberLNC will continue to rapidly improve as will their reliability as I have also agreed to give them access to some very unique technologies in that area as well that will blow all your minds!
To those of you not hosted at CyberLNC, I would be checking with your host and find out if they are Apache Module (DSO) or SuPHP (CGI) based and if they are in fact still DSO (you can actually set 777 permissions is a good hint) then my first question to your host would be their plans to upgrade and convert to SuPHP and if they tell you there is no plan — I would get another host ASAP!
Incidentally …
Contrary to popular belief, CS-Cart does not require 777 permissions on any system (that’s right — I said ANY) and works 100% perfectly on both phpSuExec and SuPHP based systems respectively.
Even DSO systems, 777’s are entirely unnecessary and are in themselves very dangerous!
I have setup thousands of such installations and know everything I say first hand and would be glad to assist anyone who asks for my help.
–Spiral
PS: Once CyberLNC finishes the current planned conversion to SuPHP, they will be able to immediately deploy the full arsenal and collection of advanced technologies that I have offered them! Be prepared to see a lot of good things come out of CyberLNC very quickly!
[quote name=‘jegesmaci’]I don’t know if CyberLNC is going to post something, but they just sent me an email.
They are currently working one of their servers. They said it will be up as fast an humanly possible.
Keep your fingers crossed. Glad they communicated what was going on.
Adam[/quote]
I recommend Host Gator as hosting provider. They are really good.
[quote name=‘indy0077’]I recommend Host Gator as hosting provider. They are really good.[/QUOTE]
Thanks! Now I have to go find a towel to clean the coffee of my monitor! 
Oh the stories I can tell you about Host Gator …
Host Gator has for a number of years been the subject of non-stop problems
and issues and were solely responsible for hundreds of Cpanel based servers
that got hacked a few years ago. That doesn’t even begin to cover it!
[quote name=‘Spiral’]Insider viewpoint and some news on what is going on at CyberLNC …
A week and a half ago a new set of dangerous exploits were discovered in the PHP language that puts any server at any host running “Apache Module” (DSO) based PHP in serious danger to hacking. Several of the exploits discovered were disclosed publicly and several others were kept from the public due to the dangers they pose; However the hackers apparently learned of the identified issues irregardless because the past week has shown an enormous exponential rise in attacks on servers all across the internet trying out the newly discovered exploits and also creating loading issues and traffic surges as well as damaging vulnerable servers.
As one of the top recognized security specialists, CyberLNC asked me to assist them with increasing security following the most recent incident a short while ago and in that time enormous strides have been made to improve their security and reliability. However, one item they held off and resisted was my recommendation that they convert all servers to SuPHP for the added security it provides.
Their hesitation in following my recommendation is literally because of the posts here where many users blindly (and ignorantly) try to find new hosts immediately upon learning that their hosts plan to convert to phpSuExec or SuPHP. The pure irony is that every web user out there should actually do the exact opposite and leave hosts still running Apache module (DSO) based PHP on their servers in favor of those running SuPHP!
In light of the revelation of the new exploits and the enormous increase in hacking attacks targeting DSO based servers across the internet over the past week, CyberLNC had no choice but to move forward with my recommendations in order to protect their users and clients even if some of them don’t fully understand the security ramifications or that this is being done to protect them.
The server conversions were scheduled to begin at midnight Pacific time last night but 2 hours prior to the scheduled conversions and security upgrades were scheduled to begin, the very attack they were worried about avoiding actually happened, and ONE (1) of the servers was targeted and hit by hackers before the changes and conversion to SuPHP could be performed. The hackers only targeted the operating system and deleted critical system files bringing the server to the ground and a reload and rebuild of that one server is in progress. Client data files were not touched.
The planned upgrades were postponed and all attention diverted to the attack.
Those clients on other servers at CyberLNC are currently unaffected!
Those clients on the attacked server at CyberLNC will be back online as quick as possible; However, that server will be upgraded to 64 bit and the original planned SuPHP conversion that did not take place will be performed before the server is brought fully back online.
Over the next 2 days, the remaining servers will be converted as well, though none of them should be offline anywhere near as long as this server, as this one server was actually brought down by attack and not from the scheduled planned upgrade that ironically would have prevented this attack before it started.
Over the past month or so, I have observed enormous changes and improvements for the better at CyberLNC and I believe those of you hosting at CyberLNC will be very happy once over this one final but extremely important hurdle.
For those of you who indirectly caused this ----
I am actually talking to those of you out there who think you need to have your site on a DSO based server where you can setup “777” permissions, let this be a vivid illustration to you exactly the reason why you DO NOT want to be on a server that is running Apache module (DSO) based PHP!
To those of you at CyberLNC, the good news is that CyberLNC is in the process of converting to SuPHP and I have also agreed to give them full access to all my specialized security technologies that normally isn’t available to any regular host and is reserved only for the largest corporate and government clients so the level of security measures and level of protections in place at CyberLNC will continue to rapidly improve as will their reliability as I have also agreed to give them access to some very unique technologies in that area as well that will blow all your minds!
To those of you not hosted at CyberLNC, I would be checking with your host and find out if they are Apache Module (DSO) or SuPHP (CGI) based and if they are in fact still DSO (you can actually set 777 permissions is a good hint) then my first question to your host would be their plans to upgrade and convert to SuPHP and if they tell you there is no plan — I would get another host ASAP!
Incidentally …
Contrary to popular belief, CS-Cart does not require 777 permissions on any system (that’s right — I said ANY) and works 100% perfectly on both phpSuExec and SuPHP based systems respectively.
Even DSO systems, 777’s are entirely unnecessary and are in themselves very dangerous!
I have setup thousands of such installations and know everything I say first hand and would be glad to assist anyone who asks for my help.
–Spiral
PS: Once CyberLNC finishes the current planned conversion to SuPHP, they will be able to immediately deploy the full arsenal and collection of advanced technologies that I have offered them! Be prepared to see a lot of good things come out of CyberLNC very quickly![/QUOTE]
Good enough for me. I look forward to the changes and getting my site back up and running!
Adam
Hello Spiral,
[quote name=‘Spiral’]
PS: Once CyberLNC finishes the current planned conversion to SuPHP, they will be able to immediately deploy the full arsenal and collection of advanced technologies that I have offered them! Be prepared to see a lot of good things come out of CyberLNC very quickly![/QUOTE]
If your level of technical knowledge equals your ability to wield the pen, then CyberLNC found the man who can solve much of (maybe all) their worries!
Waiting to read your news here!
But in the meantime, would you have a website to give us for waiting?
Lee Li Pop
[quote name=‘indy0077’]I recommend Host Gator as hosting provider. They are really good.[/QUOTE]
I actually left host gator and went to cyberlnc. They were even a bigger disaster for me. Our entire database would continually disappear. We’d contact them and they would claim not their fault and they can’t do anything about it, but then miraculously, the database from a week ago would suddenly reappear. I had all kinds of issues with them, but they never claimed fault, would say that they couldn’t restore it because I exceeded file size, but then would quietly restore things in the back without communicating anything to me. So I would spend HOURS trying to restore stuff (they would always time out when trying to upload the zipped database so I would have to upload section at a time manually), then they would override my restore and set me back a week. Hours of wasted time fixing what they broke when I could have been playing with my kids (visions of my boy screaming “you care more about your site than me!” flashes through my head when thinking of hostgator!).
I’m glad that CyberLNC is honest and open with their issues. They did email those of us that are still out with an update. Yes, there may have been a lot of recent issues with CyberLNC, but you can’t beat their honesty. So now, I can sit back, enjoy my coffee, spend time with my kids, knowing things will be taken care of for me. And the night off from packing was actually a mixed blessing!
[quote name=‘Spiral’]Thanks! Now I have to go find a towel to clean the coffee of my monitor!
Oh the stories I can tell you about Host Gator …
Host Gator has for a number of years been the subject of non-stop problems
and issues and were solely responsible for hundreds of Cpanel based servers
that got hacked a few years ago. That doesn’t even begin to cover it![/quote]
Would you post your experience on our page?
Hello Moka,
I tried to see your “modified skin”, but I only get a “Powered by CPanel” page…
Lee Li Pop
Just got another update from CyberLNC.
CyberLNC, keep up the communication. That is the most important part.
Thanks,
Adam
Status update —
CyberLNC has just contacted me to tell me that the server now has a fresh clean install of a new operating system image and they took the opportunity to also upgrade the server to 64 bit (It was previously 32 bit).
Right now at this very moment, operating system is loaded and configured and server software is being deployed and I’ve been given the green light to go assist with security hardening and related.
The server has been fully rebuilt configured, tested, and optimized and now starting to reload accounts onto it, some of you will be seeing a default cPanel landing page, until your site has been completely loaded.
Kind Regards
CyberLNC Internet Solutions
i will be glad when mine is done need some sales badly
Did anybody get their service restored?
nope and it’s been at least 13 hours… i hope there will be compensation for this ****…
ditto, wrong message
[quote name=‘Struck’]Yeah, I don’t think Lee Li has even a drop of common sense…
Nearly every post she makes is both abrasive & annoying. Not sure what in the world her objective is behind it all, certainly isn’t making her any friends in the CS-Cart forums! 
[/quote]
Agree, and the advertisement links on her signature are not related to this forum (like “learn chinese”) and the best thing, the url’s are pure clickbank links which don’t bring the user of this forum to related content of ecommerce, web design or similar. I think people which use this site don’t want to learn chinese.
I received the same email. I have to say that I was recommended to CyberLNC by a well known and respected site administrator from here and I have been very happy with their service so far. I still stand behind them and they have excellent communication skills with me so far regarding this problem. Take the rest of the day off if you are like me and your website is down, you have earned it and its going to be okay, I promise. Stuff like this happens and will happen again but don’t let it ruin your day or control your mood or that tool that did this in Korea has won. Go for a walk my friends, take the kids out to the park or go buy some Christmas presents, you have earned and deserve this short break.
The thing I’m confused about is that if you look at the date, it says 11/30. I think that is a warning for an upcoming upgrade and has nothing to do with the current situation.
[quote name=‘Lee Li Pop’]Hello Moka,
I tried to see your “modified skin”, but I only get a “Powered by CPanel” page…
Lee Li Pop[/QUOTE]
have you not been following the thread?
[QUOTE]Agree, and the advertisement links on her signature are not related to this forum (like “learn chinese”) and the best thing, the url’s are pure clickbank links which don’t bring the user of this forum to related content of ecommerce, web design or similar. I think people which use this site don’t want to learn chinese.[/QUOTE]
Hi Indy ! 
Well, I have noticed that she hasn’t been quite as abrasive lately, however, it must be too good to be true! 