Hostgator and their poor security
Hi, everybody!
I was working as a DB Admin & Webmaster on a site that is hosted by hostgator. I found a big security hole on their (hostgator's) server and I could view and copy everything from their's server. I sent a letter to support and told them that if they give me a free hosting account I will tell them where that security hole is.
Instead of saying "ok" or "no, we can't give you such a reward" they suspended my boss's account and accused me by blackmail. As a result of account suspendation my boss dismissed me from the job. Now I am without of a job because their security is poor.
I tried to write about that on another forum but they sims to have a deal and everithing I writed about hostgator on that server was removed from the forum. And now I understand why there is writen only good things about hostgator.
So what can you suggest to me? What could do now? I also want to buy a host. What is the best host for a resonable price?
Thanks!
hostgator doesn't deal with terrorists
"I could sell that info on internet and put some money in my
pocket but I thought it would not be nice for you. So I thought
that it would be better if we will cooperate. I can tell you where
the hole is for a reward." This is what he sent us.
The only security issue on the server was him. He was actively trying to
hack the box uploading php shell scripts etc. We had open base directory
disabled for his site, and rather than it being used for good it was used to
gain further access on the server. (The very reason we have it on)
If he was able to view any important information I'm sure the box would have
been hacked by now. The truth is there was no security exploit he gave up on trying to hack the box and got a little useless information / tried blackmailing us into giving him what he wanted.