This website was suspended for a while this weekend. The hosing company, PowWeb, says that spam was being sent from it, that there is a corrupted script, and that I need to change my FTP password and update all applications running on the site. I did all of that within the last few weeks, and yet an attack on the site’s integrity has occurred again.
The PowWeb compliance department says that the password must have been stolen. If so, it was not stolen from me, but rather off the site. I don’t know much about web hosting, but I wonder if readers who do have any solutions in mind. A different, less vulnerable, hosting service? Some other fix?
The user should not have to be a security expert. And I certainly do not have time to fix problems on the site every few weeks. The password I changed to a few weeks ago is so complex–to comply with the host’s security recommendations–that there is no way I could remember it, and yet I am supposed to come up with a new variant every few weeks.
Suggestions welcome, or else this blog will just go away–an outcome I really do not want. Yes, I am frustrated.
You might want to send suggestions via email (either at the “contact” link on the left, or at my personal email if you have it), in case the site gets suspended again between the time you read this and I check back.