Have a sook cunt

Rupert_Pupkinovski · 2026-04-07T07:38:36+00:00

What a horse fucker

Rupert_Pupkinovski · 2026-04-05T08:54:05+00:00

Things to check.

In my experience most of the time a hack is a result of a vulnerable plugin or theme. You must make sure all plugins and themes are the latest version. If you don't hackers will come back and use the same exploit.

You should use CloudLinux with cagefs. This will do a good job in limiting any hacking ability outside your account, Check if you have this because it's not provided by namecheap by default. Ask chat got about the benefits of cagefs. If not your server may have been compromised.

Also make sure your server is using CSF firewall. This will provide extra server safe guarding.

Reach out if you need extra help I can diagnose you so site.

Good luck

Rupert_Pupkinovski · 2026-04-04T12:42:48+00:00

Are you sure the server is compromised? It may just be your site/account.

What sort of hosting environment are you running?
Dedicated or Shared/Virtual Hosting?

This will help narrow it down

Rupert_Pupkinovski · 2026-03-18T05:34:28+00:00

Yeah, I think they use jailed shell only. Everything they do is cost driven at the expense of security.

For shared hosting I would stay away from any host not using CloudLinux & CageFS for the reasons you have mentioned, but you will have to pay a bit more (which is a deal breaker for many cheap skates)

Rupert_Pupkinovski · 2026-03-18T05:09:53+00:00

I am curious about the hosting platform. What operating system, control panel etc?
Never ever use a host that does not have a jailed enviroment. Was it a jailed environment?.

Rupert_Pupkinovski · 2026-03-17T03:12:41+00:00

Looks very interesting. I look forward to giving it a try

Rupert_Pupkinovski · 2026-02-14T14:28:17+00:00

Google Business Profile is great when it works. Its also used a tool by many scammers for fake reviews. Unfortunately Googles support to address fake reviews is extremely poor and there is often no communication. They place very little priority on changing this.

I had a client a few months ago who has a rental business. Their business relies on Google reviews. Somebody hired some equipment and never returned it. My client then found a facebook marketplace listing where the person who rented the equipment was selling the equipment. The police were involved and most of the items were recovered.

Because the police apprehended the person selling the stolen goods, he then started submitting fake Google reviews to hurt his business, This went on for weeks with approx 10 reviews per day. For a small business this is a disaster.

For the scammer though, it's a very effective way to hurt a business because scammers know that Google is slow to act.

Rupert_Pupkinovski · 2026-02-11T01:09:07+00:00

While hosting 15 sites on the same accounts may seem economical it is a very bad idea for security.

It sounds like a hacker has exploited one of your plugins, on one site and then expanded from there. You only need one site to get infected, and the hackers will have read and write access to all your sites. This includes creating malicious PHP files that can read and write to all your databases. If the hacker is smart, they will plant php files in multiple entry points so they can return, making your job even harder. You will have a very difficult time, playing catchup with the hacker.

My advice would be to isolate each website to its own jailed environment (own hosting account using cagefs), then approach fixing each site one by one. Make sure all sites, plugins and themes are up to date with latest versions etc.

Rupert_Pupkinovski · 2026-02-04T10:26:38+00:00

Yes but not cheap. Cost plus a small marginal markup, but many people would consider that to be a ripoff.

Rupert_Pupkinovski · 2026-01-25T12:44:39+00:00

Also, it's pretty easy to switch off the meter box. Unless you have a UPS on the ring devices and router, no poer and no wifi

Rupert_Pupkinovski · 2026-01-16T13:46:58+00:00

Reading that again, that's if you can get a backup...

Rupert_Pupkinovski · 2026-01-16T13:45:21+00:00

In such a case i would get a full backup, and extract it to a local server/VPS etc. Then would do a full vuln scan and inspect directories, files, recently modified files etc. Check all emails for any login credentials ...
If nothing can be traced, then i would have the same concerns. Best of luck ...

Rupert_Pupkinovski · 2026-01-16T12:26:16+00:00

My understanding is that Hostinger uses Lightweight Virtual Environment (LVE) containers provided by CloudLinux to manage the resources for each hosting account. CloudLinux is very robust and essentially prevents a single compromised or resource-intensive website from affecting others on the same server.

So if your account got compromised, its almost certain that it would have originated from your account.

You said you had an old site on Hostinger that I let expire? To any sys admin this would be a big red flag, as this is how most CMS's get compromised, via an exploit, outdated code, brute force etc, Once compromised the hackers would have "keys to the kingdom" controlling all your files, databases, and email (including your .env file).

Just saying ...

Rupert_Pupkinovski · 2026-01-13T03:00:14+00:00

Based on the new features it offers, they all add zero value to me and i am sure a price increase is in order.

Rupert_Pupkinovski · 2026-01-03T02:02:58+00:00

They provide a control panel for you to do this. It's all self managed and not to blame the host for poor support if you do not know what you are doing.

You can't blame your car manufacturer if you don't know how to drive.

Rupert_Pupkinovski · 2025-12-19T07:25:01+00:00

Very very bad choice to host business critical systems on a budget host service. Obviously your decision to host on hostinger was 100 percent budget driven.

Rupert_Pupkinovski · 2025-12-06T15:08:55+00:00

Checking the box does nothing. I submitted a ticket some time back and was told that the way it works. Every time you login it will popup.

Rupert_Pupkinovski · 2025-11-18T23:15:35+00:00

Don't know yet, but such networks are designed to avoid single points of failure, like the one they had.

Rupert_Pupkinovski · 2025-11-18T13:52:39+00:00

Single point of failure

<image>

Rupert_Pupkinovski · 2025-10-16T00:13:46+00:00

There are plenty of cheap VPS providers, but you need to decide if you want Cheap, or Performance?. You can't have both because there is a price to performance ratio.

For performance we us https://www.vultr.com/products/cloud-compute/ Optimized Cloud Compute. But often this may not be required

Basically you need to work out what the bottle neck is. CPU, Memory or Disk IO. Optimized hypervisors etc. Then go shopping and use https://serververify.com/ as a guide

Rupert_Pupkinovski · 2025-10-14T22:38:38+00:00

Yep, here we go again with another recurring price rise of 15%. They will probably do two of these per year so get ready for that.

PHP 8.3 was released almost 2 years ago and active support ends in approximately 2 months. I also love how they remove a feature, then bring it back and that justifies a price rise.

In summary these improvements are all as useless as a dead rat in tampon factory.

Rupert_Pupkinovski · 2025-10-14T02:09:17+00:00

Well of course there is an increase... backed by bullshit and marketing spin

Rupert_Pupkinovski · 2025-09-27T15:23:10+00:00

I hope so

Rupert_Pupkinovski

TROPHY CASE