Inmotion Hosting — the company whose operates the server that Vagabond Journey is currently on — was hacked this past Sunday, September 25, 2011. It was done by a Bangladeshi who goes by the handle Tiger M@te, the same hacker who claimed Google’s Bangladesh homepage for himself in January of this year. In a real rock and roll move, he switched out the homepages of 700,000 sites that Inmotion hosts for his own page that simply proclaimed that he hacked them. If you visited Vagabond Journey on Sunday, this is what you would have seen:
The hacker, apparently, just substituted out the index pages of all the sites on Inmotion with his own kudos page, though nobody yet knows if he did more damage than this. Inmotion cleared up the obvious defacement on all the sites hosted with them within 24 hours.
Many people are saying that this massive hack — affecting nearly a million sites, perhaps the largest in history — was not the fault of Inmotion, that it could have happened to any hosting company. I say that if my hosting company can be so thoroughly compromised by a single, though very renown, hacker in Bangladesh it is high time to jump ship.
This was not the first, but it will be the last problem that we will have with Inmotion. Nearly every month I find that they have taken my site down for this or that reason, suspended my account, did not live up to their “up-time” claim. I stayed with them for over a year and a half of problems because their support staff have always been incredibly helpful, personable, and would always find a way to fix whatever problem we were having. But this massive security compromise, the Tiger M@te hack, was the final insult that we will take from this hosting company — we are off the Inmotion boat, we are moving to our own dedicated server on another hosting company this week.
Whether Inmotion Hosting was an innocent victim of this hack or if they were negligent in their security defenses is irrelevant. I have a business to run, ANY down time is unacceptable. A webmaster should never be attached to a hosting company, one fould move and you leave. This security breech — having “HACKED” stamped in big red letters on my homepage — is a major affront to my business. It is time to leave. In travel you don’t stay for more nights in a hotel where you are robbed; in webmastering you don’t stay with a host who is massively hacked. Doing either is just not good business.
My emails and tweets to Inmotion as to whether they are going to offer some type of compensation to the webmasters of the sites under their care which were compromised have gotten me two free weeks of hosting. This was perhaps enough to curb my anger, but not enough to convince me to stay. We are out of here.