Jump to content
xisto Community
aumedina

Xisto Sold A Subdomain Of My Domain?

Recommended Posts

We own colegiodepediatria.com, official site for the Colegio de Pediatria de San Luis Potosí, a mexican medical association.

I received at 1205 the following feedback in the site:

Hey, just discovered that my VPS was compromised and did a google search to see if their were any other victims and I found out you are.
http://forums.xisto.com/no_longer_exists/

The above page showed some asian text. I contacted Xisto online help, which weren't able to help and told me to contact support. I wrote them and got the following answer:

"We have checked your issue and found that site donsa.colegiodepediatria.com is hosted with us on other server under other user ownership.
Server is not hacked and your domain colegiodepediatria.com is safe."

And after I queried I didn't understood how somebody else could own a subdomain of our domain:

"Hello Aldo, Its already owned by someone else and you are trying to create it now. You can verify the whois record on whois.domaintools.com for more information if its owned by someone else or you. Update us if any query. Thank you Ashley Support. Ticket Details Ticket ID: AFU-693904"

Of course a whois for donsa.colegiodepediatria.com only shown information for colegiodepediatria.com

A query to sales got me this answer: "I have forwarded this issue to our senior executive. You will receive a response in 12-16 hours, I am very sorry about the delay in action but we need to make sure that no one faces a loss here :D"

And then nothing. The ticket was closed. donsa.colegiodepediatria.com disappeared. The problem has been solved, but we didn't get any answer from our hosting/domain company. This worries us, because we're talking about an important resource for our group.

Will it happen again? :(

Edited by aumedina (see edit history)

Share this post


Link to post
Share on other sites

I checked your ticket and found this reply by Velma.

Aldo,
First of all let me apologize for this extreme delay, I know you are very frustrated as the issue was indeed a serious one and once more I hope you can forgive us for this mistake. This ticket was assigned to our Senior but as he was traveling, he was unable to reply to your ticket. I am sorry about that.

Now coming to that sub domain, there was a slight glitch on the server in the matter of permissions therefore one user was able to create sub domains of accounts present on the server. Now none of the data was compromised. We immediately terminated the clients account along with the sub domains created.

We have changed all the permissions so that users cannot see other domain names present on the server to prevent this issue. I hope you can accept an honest apology from me for the late response and the late action.

Sincerely,

Velma
Sales Executive.
Xisto - Web Hosting.com


Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.