Web hosting company Network Solutions LLC has had a bad month for security this April 2010.
At the start of the month some of their customers who were running WordPress blogs started noticing that visitors to their sites were being redirected to a website that then infected their PCs with malware!
Sadly, the company tried to explain it as an issue with WordPress and try an deflect any questions away from their own security setup.
It later became apparent that Network Solutions LLC had a poor security configuration on one of their servers and that allowed people on the same box to read each others’ configuration files – YIKES!
…essentially that meant the person that did this, just setup an account with the company and was then able to “scan” other customers WordPress files and insert the code for the malware URL redirect.
(If you want some basic security advice for WordPress blogs then I have a section in my new Security Guide that walks through this important topic.)
The second security problem Network Solutions LLC have had this month is some customers having code added to their websites! Here is a quote from their support blog:
“We have received reports that Network Solutions customers are seeing malicious code added to their websites and we are really sorry for this experience. At this time since anything we say in public may help the perpetrators, we are unable to provide details. It may not be accurate to categorize this as a single issue such as “file permissions”. Please know that we have all hands on deck fighting this new internet threat and investigating the cause.”
…well this clearly shows, in their rather cryptic language, that this is NOT another WordPress iframe injection issue.
So what is it? …well the company are not saying at the moment.
When it comes to selecting a webhost for your hosting needs, i suggest you do some research in the search engines first to read any stories like this one.