No hackers, just providers! (aka Upgrading stories, Reloaded)
(Beware: nearly all the links contained in this post point to contents in italian)
So, where do I begin? From here, I guess. In this post I explained you that this website has been offline for some hours on Friday due to a “nice” hacker incursion; the alleged hacker just renamed a folder, putting my weblog offline, but without deleting anything (good thing, my latest backup was…. old, to say the least).
So on Friday evening I restored everything, upgraded the blog to Wordpress 2.3 (it was running 2.0.3), and had dinner. And, after dinner, discovered the truth in my mailbox.
In a mail, my provider , (apparently not so popular among bloggers as you can read here, here, here, here, here, here, here and here) informed me of the “suspension” of my website, responsibile of hosting “insecure scripts: /htdocs/weblog/” (that’s the folder of this blog). Obviously I immediatly submitted a support ticket, asking what exactly was this “insecure script” (and in the meantime, I also shared my experience in an user forum).
After some mail exchanges in the forum, and an answer to my ticket, everything is clear now. That’s what happened:
1) An automated script, which monitors all customer partitions, has found an “insecure script” in my weblog/ folder
2) But they don’t know which script is insecure and what kind of vulnerabilities can cause. Best guess is, Wordpress 2.0.3 is considered insecure in itself (bad bad Wordpress guys 
3) But they ask me to provide them my ID card just in case I put this (unknown) insecure script intentionally, or someone else used the (misterious) script
4) And they have the right to ask me the ID card since the law asks them to verify the identity of their customers.
That’s it, no hackers, just providers!
No big deal anyway, I restored everything pretty easily, and since I’m stuck at home sick I’ve started the migration of this blog to a new provider. It’s almost done, I’ll wait for a couple of days just to test that everything is fine.
Hope not to forget to send them my ID card!
Powered by ScribeFire.
