A popular Nepalese blog site blog.com.np has been offline for last few days and I’d previously written about it in my post blogs.com.np Hacked?. Today another blog site Nepalblogs.com seems to have similar problem. From what I see it looks like their entire content has been wipped off but the owners still have access to the site, since they have one post saying We have been hacked! We will come back soon. There are several comments to this post and one that I toatlly agree with goes like this.
Do you know your webhost releller has access to your control panel? they can simplely switch from their hosting domains cpanel though they do not get your password but they can enter your site and cpanel. Not in WHM control panel but in cpanel of domain which also has WHM has a combo box below the the portion [Last login from: xxx.xxx.xxx.xxx] and [Your contact email address: firstname.lastname@example.org] that combo box has your hosting package is also listed simply click that you will reach to your coustromers cpanel.
If your host simply gets a small threat from somebody from govt. then they can simply proxify their IP as foreginer IP and enter your cpanel and distroy every thing. Dont think that your host is reliable, a big company, since it is inside it may have got any kind of threat.
I think you understood me. What I mean is only hosting reseller has access to your cpanel other than you. You may surely know Cpanel it is same place where you upload files, change passwords or have Fantastico, etc.
I was also a hosting reseller
I suggest these blog owners to hire some professionals if they’re being hacked due to technical security issues. They should also consider switching the hosting providers because the local resellers might have their passwords which could be easily compromised. There are many choices guys: Blogger, WordPress at Yahoo, MSN Spaces, and many more.
I hope that these bloggers will let us know whether they were victims of the Nepalese Government trying to knock off everything opposed to them or simply their carelessness lead to this.