Host unlimited blogs, websites for $4.95 only with this web host
or order a planet alpha dedicated server for less than $50 here

Hostgator is our recommended web hosting provider. Sign up with hostgator here

This is a hostgator review posted by Purrsonality Designs on 19 July 2004

I’m an Aluminium Reseller and one of my clients’ guestbook (Advanced Guestbook 2.2) was hacked via a SQL injection vulnerability last week. This granted the attacker administrator access and prevented me from logging into admin to remove the extremely offensive and obtrusive scripts/html.

I contacted IM support as soon as I became aware of the problem and I was then asked to lodge a support ticket via email. This ticket went unanswered for around 15 hours. The response I received was less than satisfactory, indicating that “the pw stored in the program is encrypted. I have no idea where or how this would be decrypted and the administration program for the script is useless. I’m not sure there’s much more we can do on this end.” This would lead one to believe that the only remedy was to delete the DB in it’s entirity and start again.

Luckily in the meantime, I had done some online research regarding Advanced Guestbook hacking - apparently, the attack is very simple and consists of inputting a password string (which I was able to find online but for obvious reasons won’t repeat), leaving the username entry blank. Fortunately, I was able to re-enter this pw to gain admin access and rectify the damage. I also discovered that this attack could have been prevented if packages/accounts had been upgraded to Advanced Guestbook 2.3.1.

I know on the grand scale of things that guestbooks aren’t of major importance but I believe that any breach of security which is brought to your attention should be taken very seriously, given high priority and researched. For around 10 of my client’s, the guestbook is their primary source of feedback and needless to say, having guestbook pages displaying obscene or offensive images/material is completely unacceptable.

In the past I have had nothing but praise for HostGator support but I felt it necessary to voice my concern regarding this incident. I believe HostGator should be working harder to address and improve matters of security.

Discuss this review in detail or sign up with hostgator webhosting

• Hostgator Review : Another unhappy, long time customer
• Hostgator Review : Annoyed - 2nd Time
• Hostgator Review : Reseller: Migration to HG
• Hostgator Review : How many techs does it take
• Hostgator Review : Unhappy customer
• Hostgator Review : The Google of Web Hosting
• Hostgator Review : Reseller for 3 years, 2 months
• Hostgator Review : Forget about 99.9% uptime guarantee!
• Tech News : Security Breached At SFO Due To Stolen Laptop
• Hostgator Review : Love the service, some issues

This web hosting blog is proudly hosted with reliable Hostgator webhosting for only one cents through this hostgator coupon. If you're new here, you may want to subscribe to this web hosting RSS feed