Dear Media temple, why do I keep getting hacked?

I have been running my two blogs on media temple for quite some time. Recently they have been getting hacked. Very frequently. My hosting provider is Media Temple, and I can’t say I am very happy with them right now. I am hesitant to say that the hacks all are media temple’s fault, but at least one of them was (they admitted it) and they aren’t giving me any evidence that this has been as pervasive as they say.

This is the fourth time they have gone down in under a year, and the second time in less than a month. I want to believe that it is not specifically media temple’s fault, but if that is the case, then (even worse) I am just really disappointed in wordpress as a platform.

I have done most of the things listed in order to harden your wordpress install, and I am having a really tough time believing that even 10% of the existing wordpress installs out there are (a) jumping through those hoops and (b) still getting hacked.
Continue reading

Site hacked – media temple’s reaction.

UPDATE – I just spoke with the VP of customer service at media temple. It seems as though there is a lot in the works. He wanted to reassure me that their reaction to this has been very carefully thought out, and that they are currently investigating the hacks.

While I generally want to know everything about anything immediately as it happens, I understand that if MT handled this that way it could lead to a situation where an exploit was widely disseminated before the vendors had a chance to patch it. There are an incredible number of pieces of hardware and software involved, and it only takes one exploitable piece to create a problem.

In short, sit tight. Media Temple will hopefully release more info when the time is right. In the meantime you can rest assured that their measured reaction is the result of careful consideration, not sloth.

I will leave the original post below quoted for reference.

There aren’t many answers here, but recently this site was hacked (which is bad) and my host Media temple saw errant behavior, (and recognized it) changed the ftp password, and restored backup to the site (which was good!)

At first I was not very upset. These things happen, and it seemed like media temple did the right thing in a timely manner. Then today I searched for one of the php files the hackers had put up on my site and discovered this page (google cache) which has quite a few other sites that had been hacked in a similar fashion. Something very fishy seems to be going on here.

Media temple sent out an email blaming the hacks on old ftp passwords. That would make sense if it was a handful, but hundreds of sites? That sounds like something only Media temple could screw up.

I sent in a ticket asking them if they had been compromised. I’ll update it when I have an update. Personally I am much more upset about media temple’s failed coverup than I am about media temple getting hacked.

Here are a few links from other people who seem to have caught the story earlier then I. One guy had his blog hacked twice!