The HeliOS Project is now.....

The HeliOS Project is now.....
Same mission, same folks...just a different name

Search the Blog of helios and all comments


Wednesday, June 30, 2010


It was bound to happens hundreds of thousands of times a hundreds of thousands of websites...

We were hacked.

Actually, that isn't exactly accurate.

We were script-kiddied.  As often happens some no-talent n'er-do-well gets an email that there is a vulnerability in a specific CMS and they do what they do best.  Unfortunately, all the files on the site are now gone too so many of the graphics and media links in this blog are now gone as well.  I still have many on redundant local backup here but still...


It turns out to be a php vulnerability in the E-107 code and we've shut things down until we can get the site up again.  We have been talking about a complete revamp anyway so this would seem like a good time to get 'er done.

And we will.

Of course, 1and1 hosting service lived up to their less than worthless reputation by having their off-shore tech support tell me that there was no backup for our site and that she would look into the problem.  It has been suggested to me by others with the same experience that there is indeed a one wants to look for it or implement it.

Again, she said she'd look into the problem.

Uh...the problem nice Sir Lankan Lady is that you are fired.  To probably be replaced by nice Indian or Malaysian Lady...


My thanks to Mark Van Kingsley for his help.  We should be back up by the end of the weekend.  My thanks to the great number of you who brought this to our attention.

Not that we hadn't noticed.

It's simply flattering that you did.

All-Righty Then


dsl said...

Not sure if I'm beating a dead horse, but you might want to check in with the kind folks of wayback machine to see if they have anything in the way of "backups".

Anonymous said...

you can try for your hosting needs... also a new service they have available, storm on demand Check it out

good stuff!

Anonymous said...

Helios, may be it might be a good idea to create some form of script with wget, curl or other site saving ways to save every site into a local backup hard drive or some other GOOD online file saving service.

That way, if this ever happens again, you will have a way to recreate the site from this backup. (Not sure about how much effort it would take to restore but you would have the data saved.)

Anyone else have any great suggestions for this?

Stephen said...

Not sure this is helpful, but you still have the slicehost I set up for lindependence. I think you or anyone you want to help get get access.

Unknown said...

I agree with the previous poster, with hosted sites the best posture to take is to trust only in your own backups. A mirroring tool for the files and a database backup or export for that side.

I too learned this the hard way.

Anonymous said...

I learned the hardway myself as well.

Backups, backups and antivirus and more backups. It really *sucks* when things like this happens and with a small backup hard drive, you could have saved all of this with a small backup script or mirroring tool.

There are way, way too many suggestable mirroring tools out there with GUI front ends and for the weird, cli types with a little bit of bash scripting can do the same thing.

Do hope you find a to move forward and ust the opportunity to create some form of backing up solution to prevent this future occurence, which could have happened in so MANY different ways from a your webhost going down in the middle of the night (fly-by-night op) accidently erasure by a website system or worse, a server goes down and takes your data with it and the webhost could care less. Had that happen to a website and email archive that I had.

Remember, backups are your best friend against failure.

Unknown said...

@ dsl...

No such luck. While the much older and infamous site is fairly well archived, hadn't made it to the great hall. That's fine...we'll rebuild bigger, better and much stronger.