|
有熟悉服务器的帮忙看一下哇~~
Dear Sir/Madam,
Regarding your server enener:
The ××××(我的帐号ID) virtual dedicated server has been found to have been compromised on or before March 9, 2011 which is a violation of section 3 "Your Obligations" section of Go Daddy's Web Site and Virtual Dedicated Server Service Agreement.
The relevant passage of this agreement has been provided below:
"You may not use Go Daddy's servers and Your web site as a source, intermediary, reply to address, or destination address for mail bombs, Internet packet flooding, packet corruption, denial of service, or other abusive activities. Server hacking or other perpetration of security breaches is prohibited and Go Daddy reserves the right to remove sites containing information about hacking or links to such information."
Go Daddy's "Web Site and Virtual Dedicated Server Service Agreement" is located at the following URL: https://www.godaddy.com/agreements/ShowDoc.aspx?pageid=HOSTING_SA
This situation has resulted in a potential security threat to Go Daddy's network and the security we provide to other customers.
It appears that this abusive action may have been the result of your virtual dedicated server becoming compromised and ultimately exploited by a third party. Upon detection of this problem Go Daddy's Security Operations Center requested that Go Daddy's Advanced Hosting Team alert you of this action in the hope that you can resolve the issue.
*** IMPORTANT ***
Due to the serious nature of this malicious action, your site is scheduled to be suspended if you do not take immediate action. This suspension will take place on 2 August 2011 at 9:00 AM and will occur if either a repeat occurrence of the abuse is, at any time, detected OR you fail to reply to this message.
****************
Go Daddy's security team has collected the following information to assist you in troubleshooting this issue:
Your account was compromised on or before 9 March 2011, however recent attackers have also exploited your wordpress installation. In both cases, attackers have uploaded malicious code to your server. This code was used to further upload malicious content to your site and to promote search engine poisoning.
At this time we require that you restore your server from known good backups prior to 9 March 2011. If these are unavailable, you should thoroughly review content for all of your sites and remove any additional malicious/spam content found. We have deleted all obviously malicious files. YOu should also change all FTP account passwords and ensure the use of strong passwords in the future that contain at least one upper and lower case letter together with a number. It is preferable also to use special characters. You are at a high risk of future compromise until your passwords are changed and applications updated to the most recent patches.
This matter can be closed by simply responding to this notice with the following:
1. A statement that you have reviewed and agree to abide by the terms of the "Web Site and Virtual Dedicated Server Service Agreement," and
2. A statement that you have removed any malicious content residing on your virtual dedicated server, and
3. A statement that you agree to secure your virtual dedicated server in such a way as to ensure that there is not a re-occurrence of this issue in the future.
After we receive your reply with these statements we will reactivate your virtual dedicated server. (We reserve the right to suspend the server again if a repeat occurrence of this security violation is discovered.) |
|