Important Site Wide Annoucement
<12/3/2010> As most of you guys are aware, DailyDrivenTJ.com had been flagged by Google that the website had been compromised. It is not entirely true but there seems to be a type of breach of the php scripts that lead to such action by Google. A recent security check confirms that DDTJ is NOT distributing any malware. We have secured all the log ins and we are fully in control of the website.
For any unknown reasons, if the website has distributed any type of malignancy, it was from the act of hackers who compromised the hosting software. Because of this incident, the hosting company has suspended my php driven softwares until further notice.
I am currently doing everything in my powers to bring the website back up to its full working status. If you have been using the information posted in DDTJ and found them to be helpful, this is the perfect time to give back. I am trying to gather as much money as I can to buy the services needed to secure the website. I am personally asking for your help. Please if you can make any donations, no matter how small, please write to, Webmaster@dailydriventj.com
I apologize for any inconvenience caused. I look forward to your continued support!
While conducting our regular server security audit, we detected that the phpBB forum hosted on your account dailydriventj.com has become vulnerable to exploits and hacks and creates a serious threat to the integrity of the shared server. To ensure the overall security of the server and all websites hosted on it, we had to temporarily disable access to this application. We are very much aware of the inconvenience this issue may cause you, so we would like to take a moment and explain the reasons for our actions: as you know, your account is hosted on a shared hosting server and thus sharing the resources of the server with other customers' accounts. If one account and even one application is hacked, this will endanger the integrity of the whole shared server and all other accounts on it. This is why the above explained precaution is absolutely necessary. Very often sites are compromised because of outdated software or stolen login details. Please check the following article for more information:
Next, you may wonder what SiteGround does to protect your site. The answer is:
- By default, we have set all sites to use the latest PHP 5.2 which has register_globals and allow_url_include turned off. This prevents remote code inclusion and variable poisoning.
- We are running a hardened apache version in chrooted environment with suexec. This makes sure that your website is isolated from the rest of the sites.
- We have compiled a secure Linux kernel with grsec enhancement. This secures the server against kernel exploits.
- We have sophisticated IDS / IPS systems which block malicious bots and attackers.
Unfortunately, the above is not always enough. Most web applications require constant attention and updates to resolve the latest security vulnerabilities.
In your case we can offer you 2 solutions:
1. Clean and secure the site by yourself. After that you should reopen the ticket about this case so that we can confirm the issue is resolved.
2. Security audit performed by our specialists. We have two options:
- malicious code cleaning - we will remove all the malicious scripts from your account. However, you will have to update your scripts to make sure they are not compromised again. The price is $99.95.
- malicious code cleaning + securing your scripts. This is the complete service in which we will clean all the malicious content and secure your site. If necessary, your scripts will be updated to the latest versions (up to 3 scripts). The price is $199.95.
Please note that if the issue is not resolved within the next 48 hours, we might be forced to take further actions in order to preserve the integrity of the shared server.
Thank you for your understanding and cooperation.
Senior Support Supervisor