-1

If I'm sure the domain is not registered any more (since almost a year) I've deleted the FTP account to the folder of that "Addon Domain", deleted the folder, changed root cPanel's user password and assured the domain is not registered, but only left it's registry as Addon Domain...

  1. Could someone find a way through to re-create the folder and it's "injections" and "hacked" files without being me or the Hosting company itself?
  2. How could an intruder (person, malware or automated virus) find out the existence of this supposed domain when even the folder isn't existent in the file system?
  3. Why would someone want to inject malware to the folder of a domain that doesn't exists for a year already (other than doing a malware scam)?

If you could also answer how should someone register/capture digital scam proof to be legally sustainable and enough for building a case with a Consumer Protection Agency or even to take it to the court I would appreciate it lots.

Thanks in advance.

DavidTaubmann
  • 99
  • 3
  • 2
    Just move your application elsewhere. Period. Preferably on your own self-managed server **without** cpanel. – EEAA Mar 07 '17 at 02:09
  • 2
    Aside from that, getting legal advice here is very much off-topic. Enlist a lawyer if you need. Or at the very least, hire an expert systems/security person to help you out. – EEAA Mar 07 '17 at 02:10
  • 3
    Also, you seem pretty sure that this is a scam. How sure are you that one or more of your applications aren't hacked and horribly vulnerable? Because that can cause the exact same symptoms. – EEAA Mar 07 '17 at 02:13
  • @EEAA, as told, I've many packages contracted there, each of them has 50+ client sites hosted, I'm not against paying, I'm actively being congruent on demanding the services as they are ment to be. My own apps are not hosted there, but one of my other businesses is offering resold hosting. – DavidTaubmann Mar 07 '17 at 02:32
  • 2
    You clearly do not trust this company, so why continue giving them business? – EEAA Mar 07 '17 at 02:35
  • You've banned my question? Tell me how it is not "managing information technology systems in a business environment" related!? Tell me how demanding a provider to give the service it supposedly offers is not related and should be silenced by "changing the provider" (of 200+ sites) and letting everyone else do the fight by themselves!? What stackexchange community should this be posted then!? – DavidTaubmann Mar 07 '17 at 02:37
  • @davidtaubmann cPanel questions are off-topic here (there's even a specific close reason for it). Legal questions are off-topic here. Shared hosting is off-topic here. "Help, my server got hacked" gets closed as a duplicate of http://serverfault.com/questions/218005/how-do-i-deal-with-a-compromised-server. In short, there are like a half dozen reasons to close your question. – ceejayoz Mar 07 '17 at 02:40
  • I put your question on hold, yes. You are a *customer* of a shared web hosting business. That makes you a customer, not the administrator of the service. All shared web hosting questions are off-topic here. Also off-topic are questions involving the use of cPanel or its peers, as they actively discourage people from learning the skills necessary to troubleshoot the exact thing you're dealing with. Lastly, your question is *far* too broad. I'm not saying this is a *bad* question. It's just off-topic here. – EEAA Mar 07 '17 at 02:41
  • 1
    Oh yes, and our canonical compromised server QA, which @ceejayoz linked to. – EEAA Mar 07 '17 at 02:42
  • I've modified it... if still you don't agree it is a matter under "managing information technology systems in a business environment", then please answer... What stackexchange community should this be posted then? – DavidTaubmann Mar 07 '17 at 02:49
  • Look, if you're convinced - as your original question appears to indicate - that this is your host colluding with bad actors and actively defrauding you, you need a lawyer (one who deals with cybercrime, who will be able to direct you in preserving forensic evidence), not a StackExchange site. Editing your question to *hide* the cPanel/shared hosting stuff doesn't erase our memories of it. – ceejayoz Mar 07 '17 at 02:52
  • 1
    Your edit of the questions makes it even more difficult to comprehend than before. I'm *trying* to help you here. You're out of your depth - you should hire someone to help you out. Maybe you're being scammed, but it's highly unlikely. It is *much* more likely that you have one or more compromised applications on your account, which is causing this. – EEAA Mar 07 '17 at 02:54
  • [this](http://www.hermesthemes.com/scam-alert-hostgator-sitelock-malware-extortion/) and [this](https://www.whitefirdesign.com/blog/2016/10/11/hostgator-is-actively-hiding-the-true-nature-of-their-partnership-with-sitelock/) doesn't seem to be compromised applications... And that's exactly what is happening to us. – DavidTaubmann Mar 07 '17 at 02:57
  • I am done discussing this in comments with you. I've presented clear reasons why this question is off-topic here, and have presented my recommendations on next actions for you. Others have made similar recommendations. If you wish to continue arguing your side of the story, you can do so at meta.serverfault.com. – EEAA Mar 07 '17 at 02:59

0 Answers0