Site hacked, ebay phishing site uploaded, hosting wants to charge $100 Site hacked, ebay phishing site uploaded, hosting wants to charge $100
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

Site hacked, ebay phishing site uploaded, hosting wants to charge $100

Started by Cyfarian, October 26, 2006, 12:17:50 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Cyfarian

 I have used coppermine repeatedly and love it.  When my daughter was born two years ago, I created a gallery for her and uploaded all of her newborn pics to share with the family.  I kept it current for about a year, but then due to time constraints I stopped updating it.  I left it up though, cause my family still visited it. 

Well, I didn't keep the version current  :'(.  I kinda just forgot about the site.  It was version 1.3.1.  Anyway, I came home last night and  found my website had been suspended.  I have a reseller account and have a very small one person business as a webdesigner. I contacted my hosting company and they said that the FBI contacted them and told them to shut it down, that there was an ebay phishing site.  It seems that someone hacked her newborn photo album and uploaded  some stuff into the userpics folder. 

So I deleted the entire coppermine installation. Now they are telling me that I will be responsible for a $50 - $100 fee.  They said that the datacenter that houses their servers will charge them a fee since the AUP was broken with them, and they in turn are going to charge me a portion of that fee, which will be the $50 - $100. 

Have you ever heard of a hosting site charging you for breaking the AUP?  I host many, many sites through them, so I am afraid to raise too big of a stink, b/c I don't want them to shut me off unexpectedly.  I backed up all of my sites last night, though.  I read the TOS and I don't see how this is possible.  Every TOS that I have read just says that termination of the account may result if you fail to meet the AUP standards. 

I know I should have kept the software current.  That is definitely my fault.  I am just astounded that they are going to try to charge $100 for being hacked!  This is what he said "...you need to realize not all things can come without a penalty for something major such as this....This all requires time and thus is not fair for us to face financial burden by something not caused by us."

I told them I didn't think their TOS had anything in it that said I should be liable.  I still have the page up in my browser from last night. He sent me quotes from it that are NOT on my page in the browser.  They flipping edited the TOS last night to include that they could charge a fee for this instance.  What should I do?

Joachim Müller

I'm not a lawyer (nor am I a webhost), so I can't give legal advice wether you have to pay or not. Morally you have to imo, as neglecting to keep the site current actually caused costs and maybe even loss of reputation for the webhost, so from my point of view the fee is OK. My webhost charges me approx. $80 per hour if a webhost tech has to look into things that I've messed up and I'm responsible for (they explicitely say so in their TOS, although I never actually had to pay out of courtesy).

Just my $0.02

Joachim

Cyfarian

GauGau,
Thanks for your response.  My biggest issue is that this was not in their TOS until after they told me that I would have to pay a fee.  I read the TOS.  There was NOTHING in it about being liable for anything.  I pointed this out to them.  A few hours later, their TOS changed to state that I would be liable.  THEN they tried to play it off as if that is what the TOS had always said.  I had the page from last night still loaded in my browser.  I sent a screen cap of last night's TOS and this morning's TOS to them, but I have yet to hear back from them.  I would never get into an agreement with a webhost knowing that I would be liable for hacks.  Especially when there is no amount described and it says that the amount is at their discretion.  Prior to this, all support was 100% free.

mac8394

Hello.

I have never heard of that silly policy that will charge you a fee because you broke a rule.

I'm sorry your site was used for phishing.  Just open a new site with a different hosting service.

kegobeer

This is a legal matter.  If you want help, ask a lawyer or legal aid office.
Do not send me a private message unless I ask for one.  Make your post public so everyone can benefit.

There are no stupid questions
But there are a LOT of inquisitive idiots

sgugal

Quote from: Cyfarian on October 26, 2006, 07:15:42 PM
GauGau,
Thanks for your response.  My biggest issue is that this was not in their TOS until after they told me that I would have to pay a fee.  I read the TOS.  There was NOTHING in it about being liable for anything.  I pointed this out to them.  A few hours later, their TOS changed to state that I would be liable.  THEN they tried to play it off as if that is what the TOS had always said.  I had the page from last night still loaded in my browser.  I sent a screen cap of last night's TOS and this morning's TOS to them, but I have yet to hear back from them.  I would never get into an agreement with a webhost knowing that I would be liable for hacks.  Especially when there is no amount described and it says that the amount is at their discretion.  Prior to this, all support was 100% free.

I never heard of such AUP at any Host so far. How can they charge you for support of Reseller account ? Weired . Btw, what happend at last ? have you paid them?