![]() ![]() Often its a script compromise that they can redirect to a chosen domain, or to create a bot net through compromised sites or in this case post multiple spammy comments. However, mostly these hackers arent malicious hell bent on destroying a server. Normally I htaccess redirect the urls to not show any cms type of info.Īpart from the huge rise in that one database the others arent affected as I checked all in phpmyadmin. I didnt robots.txt out the cms directories so anybody looking for that script through Google could have found potential sites to attack. Ive checked through ssh and grep`d, check file timestamps and that corresponds only to that site. Ive resolved that and the activity was only on that site, which I can see in the traffic logs. But these hackers are clever guys.Īnyway I did deduce that one site did have an out of date code that was a known CSS hack. I`m not a server expert but even shared hosting there must be CSS protection across CP accounts, even if the domains are all on one server. I doubt they will report a hack elsewhere thats affected my site, hardly likelt to admit it. Theyre hard work but they understand the issue. On my dedicated server I get UK direct support but on the cheaper sites I use shared hosting and those weird accent Philipinos who talk pidgeon american are the admins. My user account password is 13 digits of upper lower case and illion to 1 of guessing that for that CP login.ġand seem to be saying its an admin error on the domain dns changes? I had to manually reset the dns on the domains, theyre all back and I dropped the records of the hight activity websiteas it went up 290MB which is huge for just text comments. But was random changes, some database sites, other html sites that are harmless. I have the logs, anything to look out for?ġand1 usually lock down the accounts immediately on unnatural activity, as they did with a wordpress hack a couple of years ago. Im wondering if that site was hacked but I thought it would be impossible to change the DNS settings for all control panel domains through a site hack? Thats a different server I believe. Ive looked at the ftp logs and discovered multiple chinese ip addresses on my ftp account.ġ17.41.184.12 UNKNOWN root "USER co" 331 -Ħ0.169.78.77 UNKNOWN root "USER co" 331 -Īccess logs show one site, a cms with lots of activity on traffic log.such asĢ7.187.11.49 - "POST /component/k2/ HTTP/1.1" 200 59 /component/k2/item/8-con-secte-tuer-adi-pis-cing-elit/8-con-secte-tuer-adi-pis-cing-elit?start=1040īut truthfully the POST activity on one site is from multiple ips from argentina to china to greece etc etc Not sure why anybody would want to change it to a non resolving 1and1 dns if hacking? We found all our DNS records edited to 217.160.30.145, which is a 1and1 Server, SCHLUND AG. Today most of our domains would not resolve, Some are database cms and others basic html5/css3. 23.185.0.2).I have shared hosting on 1and1 for multiple websites. In the Points to field, enter the desired IPv4 address (e.g.In the Host name field, specify the desired host (e.g.Click Add record and select the A type.In the Domains section of the Control Panel, next to your desired domain, click on gear symbol under Actions and select DNS.If you'd like to add both AAAA records, then consider transferring your domain or name server to another DNS host.Īn A record is required to configure a subdomain (e.g., ![]() ![]() Pantheon provides two AAAA records for improved uptime and reliability, however 1&1 only supports one IPv6 record per domain. Domain connected to the target Pantheon environment (typically Live)Ĭonfigure DNS Records on 1&1 A/AAAA RecordsĬlick Domain Center from the Domains panel.Ĭlick the down arrow to the right of the domain you want to point to Pantheon, then click Edit DNS Settings.Ĭlick the Other IP address option from the IP address (A Record) menu.Įnter the A record value provided by Pantheon in the IPv4 Address field and either of the AAAA record values in the IPv6 Address field.Registered domain name using 1&1 to host DNS.We recommend transferring DNS services to a provider that supports more than one IPv6 record per domain. 1&1 does not support adding multiple AAAA records for IPv6 traffic which can negatively impact performance, especially on mobile devices. ![]()
0 Comments
Leave a Reply. |