My site ended up unexpectedly being shut down for a couple of hours yesterday, so I do apologize if anyone tried to read anything that I have here and was unable to do so. Needless to say, it was quite a wild ride!
It all started a couple of weeks ago, when I started receiving some feedback from my friends and readers that my site was showing up on their antivirus software as possibly having malicious content, specifically a Trojan. I have only been self hosted for a few short months, so I don’t know too much on the subject or the inner workings of things. I ran a full scan on my computer, which turned up nothing and then I called BlueHost, who hosts my website and asked what they could do about this. The man from technical support ran a scan on his end, also found nothing malicious on my page and told me that if I could provide evidence of these alerts or of the malicious software that BlueHost could investigate further.
I put out the call for people to send me some screenshots of what the man asked for and a very dear friend sent me an e-mail the other day with exactly what I needed. I immediately shipped that off to BlueHost and awaited their response. Near the end of my work day, I received two e-mails from BlueHost, one telling me that they had found a large amount of malware in my site and had created a folder with all of the information about it in there. The second e-mail was from the Terms of Service department, telling me that a third party sent them a complaint about the malware on my site and that they determined that I was phishing, which is a violation of the Terms of Service. Because of this infraction, they were going to deactivate my site and give me 15 days to contact them and get the matter resolved, or else they would potentially delete anything that they are hosting of mine.
I called the Terms of Service department and they basically blamed everything on me. They denied any responsibility for the malware getting through and told me that it is my job to monitor my site and make sure that it remains free of such things. They denied any knowledge of promises that were made to investigate or clean up the site further and were unsure why someone in their technical support department would make such claims. I was given the name of two third party companies that would be happy to help me clean up my site and help keep it clean, all of course for a low monthly fee. Needless to say, I was pissed. I didn’t know any of this. I assumed that by paying them to host my site, that they were also going to keep it safe. There was never any indication that they did not automatically provide this service to me and this was the first time I had ever been offered the services of other companies to do such things. It never came up until now.
Terms of Service wrapped up the call by stating that they would be happy to reactivate my site, if I could show them that the site was free of all malware and other potentially suspicious software and they would wait to hear my response on this. I didn’t know where to begin. One of my friends offered his assistance with this and we sat on Vent together and figured out what to do. I gave him the information that would allow him to access my control panel through BlueHost, to see what he could do. Mind you, I wouldn’t suggest you do this for just anyone, but these were desperate times and I really felt I could trust him. As he is working on cleaning up my site, he was surprised to discover that nearly a dozen phishing sites or companies had basically taken up residence on my server. Some of them were masquerading as tax companies or well known banking institutions. It was an impressive feat and certainly not something done by amateurs.
After he felt like he had cleared everything malicious out, I called BlueHost to see if my site met with their approval and if my blog could be reactivated. The man on the line said I still had three pieces of malware remaining that they would like to see removed. Let me get this right – they can tell me where the malware is and what it is, but they can’t remove it? How does that work? Again, it’s not their job. Or at least that’s the way they see things. So, I dragged my friend back on Vent and he removed the last three pieces of malware, to BlueHost’s satisfaction. Minutes later, my site was reactivated and everything appeared to be back to normal.
I walked away from this experience feeling paranoid and confused. How on earth did this happen? I have always prided myself on being smart about my web surfing and my online shenanigans. I don’t open attachments I’m not sure of. I don’t give out my password to strangers. I use authenticators. I run virus scans often. I don’t unscreen comments that look suspicious. I don’t download porn from sites that I don’t trust and that aren’t secure. I would like to think I’m a smart person, in that regards. I also don’t know how to prevent this from happening again. I really assumed that I would be safe, that my host would keep me safe. That didn’t happen. My friend and several others offered me hosting on their spaces and I’m seriously considering taking them up on this. I don’t need massive amounts of storage or numerous e-mail addresses. I just want to feel safe. I want to know that I can have a site up and running that’s not going to negatively affect those who try to read it or that will negatively affect me. I didn’t even know something like this was possible.
So I’m trying not to give this too much thought and move on. I’m still trying to determine where I’m going to end up, come 4.3. I haven’t had any luck finding any runs in my current guild or group that are looking for healers or that would have me back (after the whole “me refusing to go discipline” fiasco), so I’m having to take my business elsewhere. I had one guild interview last night that I thought went well and I have had a few offers from others, too. I really want to make sure I do it right this time and that I find a group that I enjoy first and that I can progress with second. Before, it was the other way around and I realize that maybe that wasn’t the best way to go about things. I have learned that and I’m still learning other things, too. I just need to find the right group that is willing to learn with me and possibly even teach me a few things, too.