Have I been hacked? Username: "amin" (64 posts)

  1. Jackson
    Posted 6 years ago #


    <p>The Others: Click here to remove rwx for other (chmod -R o-rwx) from all files and directories. This cannot be undone!
    The Group: Take it to the next level? Click here to remove rwx for group (chmod -R g-rwx) from all files and directories. This cannot be undone!</p>

    These options remove all access to your files for everyone and optionally the group. Since PHP runs as the file owner on Cloud Sites, this allows the install to still function.

    These permissions are more restrictive than those prescribed in the link you reference, which allow others and members of the same group to see your files.

    Hope that helps.

  2. mchriston
    Posted 6 years ago #

    Thanks @madjax...

    Just wondering:
    Are you staying with Rackspace or are you going elsewhere? If so, where?

    That question is open to everyone by the way!

  3. yourmwr
    Posted 6 years ago #

    I am wondering the same thing. Is any hosting company safe? RS is ridiculous. I asked them to do a file search on all my websites (250 or so) of 3 suspicious file names and they told me they cannot do it due to privacy issues.

    And then I asked them to do a MySQL query on the databases they alerted me to with possible issues and they said no because it'd take too long.

    This is crazy. I even called and talked to an Account Manager who basically said I was on my own.

    And because I was hacked on their servers a few months backs... I am triple sure my file permissions were 770 and I was running all the latest plugins and WP installs. And my WP plugins are so minimal it's crazy to think it's an issue with WP.

    Really hate that I am spending thousands of dollars in independent contractor wages trying to figure this stuff out and get it cleaned up.

  4. mchriston
    Posted 6 years ago #

    Oh man! This is getting crazy!

    We have just received a system sent email from Rackspace naming a bunch of our WP sites saying we have to changed passwords (database and admin) before 10pm CDT or they will suspend account.

    But here's the thing: We have ALREADY done those changes! And yesterday we were told by Rackspace (senior staff!) we had done everything we could possibly do.

    What is going on?!

    If anyone has had any joy getting REAL information out of Rackspace regarding the hack and current state of server, etc ...can you please post that info on this forum. Thanks!

    Yours dejectedly,


Topic Closed

This topic has been closed to new replies.

About this Topic