So your website is spewing out spam from the server and causing you and your host quite a bit of grief. That server’s IP could already have been blacklisted or soon could be! This is naturally of great concern to you… If not; it should be! Any respectable web hosting company would quickly take action as soon as they realized that this was happening and the usual procedure would be to suspend the service. This is could be detrimental to your business.
The first thing that needs to be done is to resolve the issue ASAP! Blacklisted IPs are a hassle for your host company to clean up and could result in unexpected charge-backs to you for the work involved in repairing it. So drop whatever it is that you are doing and immediately address the issue!
“What, this is my fault?” Ironically, this is often the retort we hosting companies receive from clients when we advise them their website has been hacked and unfortunately, the bottom line is very often; “yes, this is your responsibility”.
Instinctively, the first thing that happens in many of these cases is a session of finger-pointing and trying to find the “culprit”. Although this is counterproductive; this needs to be addressed.
We have an analogy we like to use to put things into perspective:
- You purchased a new car (your website) from a car dealer (your web designer)
- You drive it into a parking lot (your hosting company) and park it and take a flight to Cuba.
- You unintentional (or not) leave the driver door unlocked, they keys in the ignition and your wallet on the dash (not properly applying security measures such as regularly updating your CMS core installation and components)
- Your car (website) gets vandalized and someone is recklessly driving it around town smashing into other cars and eventually use it as the getaway vehicle after having robbed the local bank (site being hacked and used to send out spam or possibly even used to financially scam innocent internet users)
- You get a call from the parking lot supervisor (the hosting company) claiming your car has been stolen and based on police reports, used to destroy public property and possibly even the involved a bank robbery!
- The authorities (part of the hosting company here), seize your car and starts questioning you.
Are you getting the point been made here? It’s not the car dealer’s fault (Web designer’s) that your car was stolen and used in this manner; nor is the parking lot owner to blame (hosting company). Website hosts should have at least minimal surveillance in place, but remember “the car was left unattended by the owner and wide open to theft and misuse”.
Gone are the days when simple HTML based websites would sit on a server for years at a time and be fully secure. In today’s Web world, websites are built on constantly evolving CMS platforms and they change fast. This is similar to most science and technology; look at cell phones! This rapid evolution is quite a challenge for Web designers and Web hosting companies who must constantly adjust to keep up to date. Your part in this as a client is to be aware of this, and be ready to have your website progress accordingly.