Seriously? Are they? Or you are another employed PR Agent for whogohost…the last time I called them… The lady was sounding like someone who was bored n just want to go home…plus she wasn’t understanding my enquiry, even after trying to break it down to her…it was so frustrating…but the CEO/PR Agent has apologised…so it’s all cool…but please help us to believe n trust in our own Nigeria thing…especially when our business n income depends on it.
This is all well and good. If you look at this case as an isolated case, which is essentially His fault.But that’s ignoring the lessons that could be learnt for the benefit of your other customers.
So here’s some free advice for you @t.obaniyi, if I were in your shoes, this will be my primary concern:
- What’s % of default passwords are still in use
- What % of above are likely compromised
- Offering sitelock as an adidtional source of revenue vs. reputational damage that could be avoided if provided free or bundled
- Are there parts/elements of sitelock that can be offered free to all accounts. (Side note: if looks bad when telling people to buy additional sevice when they’re raising an issue)
- As an addition to security audits, should be considering a bounty programme e.g hackerone
- Consider implementing 2FA across your platform and not just admin. Or ‘vulnerable accounts’ (e.g accounts still using default passwords) use 2FA.
The truth is you’re right that hosting companies all over the world (not limited to Nigeria), are particularly vulnerable to attacks. And even though @xolubi posted this as a ‘customer service’ issue (and you chose to treat it as one, apologising for the tone of the email etc). This is primarily a security issue and should be treated as one.
6 Likes
Gotta love @PapaOlabode’s free advices.
5 Likes
Thank you for the free advise 
. We will definitely review them.
However, major hosting providers across the world offer SiteLock as a means of securing their sites. We also offer 2FA to all our clients and we have advised them on this. You may click here to read more.
In the end, there is so much hosting companies can do. We strongly advise all users, regardless of the provider they use, to take steps to keep themselves safe.
True. However, there’s a lot that can still be done. And I actually think Nigeria hosting companies can even improve on best practices seen elsewhere (e.g it’s probably safer to use GTbank online banking than using Lloyds Bank but that’s another story). There’s an opportunity for you to think broadly about your security because hosting companies (like yours) are always a target.
Lol, true story…some of us talk to chop. So this is free stuff o.
We are definitely trying to find ways to help keep our customers safer. However, the illustration of GTBank fails in this case. Let me paint a scenario.
Imagine GTBank has secured its online platforms and done everything to keep your account safe and then you share your card details and PIN carelessly because you got a mail asking you to do so. The “sharp guy” will gain access to your account, regardless of the security the bank has put in place. This is because customers have a responsibility to stay safe. Banks do try to educate their users on noticing scam mails and the likes, but the customer has to take some action in the end.
In this case, our system is not compromised. Just like the banks, we have taken several measures to keep our system and platforms safe. However, the customer has to take additional steps to remain safe. The same access that is used to manage a site can be taken advantage of if the client does not take necessary care. Since most of these compromises come from the application level, it becomes very difficult for the hosting company to manage, since the hosting company does not even control the application.
We are working hard with other experts to find ways to make our clients safer. Introducing SiteLock was one of those ways. Truth is clients may have to pay a little extra for better security. We have also introduced free solutions like 2FA for our client areas and also educate our clients on how they can stay safe.
I believe education is the most important part of security. A lot of users build a website and since it works fine, they don’t bother doing anymore to secure it. Simple things like using strong passwords, changing your passwords regularly and updating your scripts can go a long way to stay secure.
It is important I explain these because many of the comments here have implied that we were compromised and this is the usual narrative in most cases of compromises. The hosting company is to blame. Some have even implied that this happened because we are a Nigerian hosting company. Statistics of sites hacked every day will shock you. How they were hacked will shock you even more.
Security of our customers is paramount to us. This is why we have several security solutions available to our customers and this explains why we try to educate them on how they can stay safe. We will however keep working on better ways.
I really appreciate the feedback we have gotten here and assure everyone we will keep working on ways to improve our security, educate our customers and ensure that our customers know how much we care about them.
7 Likes
The GTBank online vs. Lloyds Bank that I alluded to is not what you described but in all honesty, I felt your overall reply was really good…so no need to revisit.
In all, I think you guys sense the possible reputational damage even when it’s the customer’s fault. So the more you think of ways to protect customers even from self harming, the better for you. Good luck.
5 Likes
lol…I’m not a PR agent… Maybe lately they are swamped but I get a good rapport with customer care
Its 2.Like Ope and most people, you copy the password from email sent by whogohost.
I don’t get why Toba is acting like he’s speaking to kids. Other hosts do not have these issues. Not once have I had Gigalayer suspend an account or have a security breach. But then I’m careful not to come across as attacking Whogohost.
Like I said, if push comes to shove, I’ll blog my experience…but let’s talk about the hack for a second @t.obaniyi
I remember when this happened to me and I went through the hackers scripts, I found a text file of different user accounts on the entire shared server Whogohost was hosting my site on. I could use the usernames to see these were live sites.
How could a script get access to all users on a shared host, its also possible it had access to the passwords file. If I was a hacker, I could have exploited those sites. Pretty scary stuff.
I have never received a mail on 2FA @t.obaniyi but I doubt that’s the solution to a script accessing other shared hosting accounts.
Maybe you guys need to hire a security team/hacker in residence, I was embarrassed by a client the other day when I asked him to purchase Sitelock. In his words, “You have a building where I keep something, and you tell me your building is secure but I still have to pay extra for security? Are you saying your building isnt secure?” .
TL:DR We love Whogohost but it needs to work harder on security/hacks.
Regards
From what i can see in the screen shot above ,Ope is on a linux shared hosting plan,and the attackers/hackers uploaded a shell on the server to give them entering back into the server.Whogohost have to clean up this sever.
Whogohost seriously need to implement an incident response team to handle this kind incident.Attackers like shared hosting plan because,if one website is vulnerable other users on that server will also be hacked.
Ope sorry for this incident,it happens okay.Next time please do not use default password.
This I think summarizes everything. We’ve gotta do what we gotta do. Thank you, PapaOlabode.
3 Likes
This same thing happened to a friend over the weekend. Same company, PhishLabs Security got in touch with my friend but this time the phishing site on my friend’s site was targeting Access Bank customers. My friend contacted Whogohost and got the same email @FatherMerry got from Whogohost threatening to suspend my friend’s account.
Clearly this has something to do with Whgohost if it is happening to multiple customers but from what I can read on this thread, Whogohost is convinced that the customer is at fault and the solution is to threaten the customer with suspending the customer’s account.
1 Like
This says it all. Once you have been exploited via a vulnerability (default password) on a shared host, you put other users in danger. This is why the hosting company (in this case - WhoGoHost) will respond in that manner.
I also know they have email templates for various security concerns or compromises. That looks like a template to me. Laziness from the agent’s part as that query needed a more personal response
The customer service agent was VERY wrong with his tone considering the customer pointed out the error on his part.
Site-lock is just like having a a paid antivirus program running on your computer, most web hosts provide these sort of solutions as an additional layer of security and also as a way to generate income. That being said, you have to educate your customers and sometimes “force” them to take some actions. Like they have to change their default password on their next login or their cPanel will have limited access.
1 Like
Exactly this… and more. If you find yourself blaming your customers for inaction, perhaps look at your own flow to see how you can fix that.
It’s one of the things we are learning ourselves when we see instances of users entering today’s date in the card expiry fields on our payment page. OR Instances when users attempting to take screenshots of error messages they encounter, unwittingly including their full card details, cvv included. We weren’t going to stop people from taking screenshots, but we knew to change the way the error messages appeared to overlay the form nicely.
This has saved us the chance of having to write a rejoinder in the future on some forum with bullet points including one that says users should not take screenshots of their card entry forms…
4 Likes
@PapaOlabode, you are a prophet! [quote=“PapaOlabode, post:22, topic:5198”]
Offering sitelock as an adidtional source of revenue vs. reputational damage that could be avoided if provided free or bundled
[/quote]
Just as @xolubi said, companies need to start looking at how to help customers minimize exposure after educating them.
WhoGoHost is very good but can be better!
1 Like
I have been having the same problem with whogohost for a while now. It started a few weeks ago after the did an upgrade that made all the domains on their server go offline for more than 10 hours, it was on a Saturday. Two days later I tried to schedule some posts with my url on Hootsuite and I wasn’t allowed. I logged into my Twitter account to send and got the shocking message from Twitter. As I was trying to figure out what could have gone wrong I got an email from whogohost about some phishing content being hosted on my site. That I should take steps to secure the site, or otherwise they would suspend my account. I contacted someone I know and he asked the security expert at his company to look at the issue for me. Meanwhile, that same morning I got another message from whogohost apologising for the 10hrs downtown that happened 2 days earlier, that it was due to an error from the one of their guys. When I got the message I just felt that “error” was the cause of the security breach on my website, I still feel the same today.
The security expert was able to delete all the bad files and everything was okay, or so I thought, until a few days ago when I got another message from whogohost. We “fixed” the issue again, but I knew that was not the end of it…I got another message from them yesterday again, and at that point I was just done. I asked them to remove the domain from their server until I am able to find a permanent solution to the problem. It is so bad that Google has blacklisted my domain, even my McAfee antivirus was warning me about visiting my own website. Whogohost has insisted that the security breach was not from them, but I am not buying that. Anyways, me am just very upset now that my domain name is pointing to their custom suspension page. I have written them thrice between today and yesterday to completely remove the domain name from their server if they can’t display a more kinder message. I am still waiting for their response.
1 Like
To think I wanted to use WhoGoHost for a project I wanted to start… Better to be safe than sorry.
Bluehost has always been my go to guys but this dollar thing is becoming a problem 
Security breach on online platforms is not a Nigerian issue, likewise empathy for customers is not a Nigerian issue. Tech updates wait for no one, anything can happen. But it is common among Nigerian companies to be defensive when they are faced with service failure issues.
This is not peculiar to Whogohost, as I still referred someone to do business with you this week. Customer service is an attitude. We should top addressing the unit that takes customers’ complaints and requests in our organizations as customer service. Everyone who relates with customers, vendors or other businesses on behalf of your company should be ‘customer-service-minded’.
When you all realize that customers are reasons you have a business in the first place, everyone in the organization will aim at customer delight always. Your security officials self make impression on first-timers in your office.
We should all have holistic approach to treating fellow humans when they are hurt by our company or our company’s services. Someone once offered me something relatively good in recent past with some element of rudeness, I did a story like this as my response to the offer.
I have no bad belle for the parties concerned here. We should all see customer service as attitude, not job function.
My 100%cent tho!
Hacker: Sends you a trojan/silent rat (Or you download one from the web by mistake or your love for cracked programs’ just overwhelming)
You: Installs rat asynchronously with zero idea
Hacker: Retrieves all passwords ever used in your system
You: Still have no idea you’ve been compromised
Hacker: Gains access to your CP as YOU using port forwarding
Hacker: Uploads his secondary access script on a fully Permitted directory on Your behalf
Hacker: Has been using your Cpanel for free till their Job got busted and Victim contacts Host
Host: Sends Couple pre-automated messages for such case ,awaiting reply
You: React towards such critical issue and probably blame the host
Host: Suggests security measures
You: Applies security measures
Hacker: Probably still has access to your system (and reading your emails with you or on your behalf)
You: Should actually also get rid of malwares and rats from your PC cos i understand most developers normally ignore the use of antiviruses and turns off their firewall due to dev programs which need weird access/permissions.
You: Should not blame your hosts ,The annoying ones are the dumb customer care agents who have no idea what just happened and gives out formatted messages like robots not attempting to really understand the situation(cause & underlying solutions) .
EveryOne: Should use antivirus programs , Avoid Free(Cracked) Softwares (Just pay for them or ask a friend or get one from trusted source) ,Do not save passwords on browsers(what is your brain for?) ,If you still fall for phishPages yourself (I don’t know man).
While this might not be the case,Just know that with a whois lookup on your domain,hackers obtain information they use to structure targeted trojan spamming,if they know your host,they could spoof you a mail from your host which you click to download something or view some file or they link you to their PhishedUp Host Clone.Check! Check! Check! Don’t auto-pilot while reading mails.
1 Like