Ottaway Communication, Inc.

Ottaway encountered an issue with one of our websites today: It appeared that a WordPress site we built for a client, who decided to retain their hosting with Network Solutions, had been hijacked. Google started labeling the site as malware as a result, and warned customers not to visit the domain. Anyone who used Chrome, Google’s web browser, was not able to visit the site at all. At first glance it seemed like a security problem with WordPress, so we quickly restored the site to its previous state and then updated to the latest version of WordPress.

But we needed to be certain that this would fix the problem or else the attack may have been worse the next time. We used a comparison program to look at the differences between the old version of WordPress that had been “hacked” and the new version. Not having found anything different that would solve any of the usual types of attacks (i.e. SQL injections), it was evident that the problem was not yet solved.

After some investigation, it turned out that the problem was with Network Solutions, the hosting company. While we were trying to determine the problem, we noticed that a lot of WordPress sites had been attacked in the same manner, all hosted by Network Solutions. That gave us an area to focus our attention on. In the end, Network Solutions was not properly configuring their web servers. Every user, regardless of their permissions, was able to access the files of every other user on the server.

Network Solutions originally tried to blame the security hole on WordPress thinking it was a software problem. However, the ultimate responsibility of configuring a webserver so that users cannot view the files of other users is with the host. WordPress is completely blameless in this matter.

Network Solutions is one of the more trusted names in hosting, having been the most recognized name for the longest amount of time. In a world where hosts come and go Network Solutions has been a constant. They have at this point acknowledged that they own the problem, and that they “…are learning from this experience.” But that just raises more questions about their qualifications: How can they still be “learning” when the tools to prevent this very thing from occurring have been in existence for years? This rule is the most basic of the basic and students learn this from day one: you don’t allow users access to the files of every other user. How can they still be learning that basic and most important rule?

The worst part is when you consider that they are constantly setting up new web servers to keep up with the constant flow of new customers. Thus it stands to reason that they must have a Standard Operating Procedure for setting up new webservers and adding new clients to each of them. It isn’t as though each technician has carte blanche to set up a new webserver however they see fit. So if there is a Standard Operating Procedure for this huge mistake, then it must come from the people who are supposed to be the most knowledgeable in the organization because these are the guys writing the books!

There is no way that we can’t recommend abandoning Network Solutions to any company we encounter who hosts with them. How can anyone ever trust such a company ever again? Learning from past mistakes is great. Even better: hiring people who paid attention in class when the professor taught them how to use tools that were created to fix someone else’s past mistakes.

Ottaway Digital is here to help.