Web hosting archive
Dreamhost invitations
2008-06-09 21:39
I just received five Dreamhost invitations. What are they? Quite possibly the best deal possible if you are looking for shared web hosting:
- Dreamhost hosting is green, Carbon Neutral
- Invitation signups get four times the regular disk space for signups. That’s 2TB of disk space.
- Invitation signups also have four times monthly transfer. That’s 20TB. Which is, frankly, more than you’re going to be needing
- You’ll also be getting a $150 discount if you sign up for five years, bringing five years of hosting to $267. That’s less than what I initially paid ($382 for two years of hosting, back when I signed up a few years ago. Mind you, my net payment for Dreamhost is negative — the promo codes and signups have covered my hosting costs for a number of years now.
- Invitation signups for ten years of hosting enjoy a $200 discount, bringing it to $514. That’s about four nights of partying in Oslo.
- Dreamhost are also offering Google apps for your domain for free. In other words, use GMail for all of your mail, with your own domain.
As said in the beginning of the mail, I have fivefour invitations. The first five people who reply here with legitimate e-mail addresses receive a valid Dreamhost promo code that can be used during sign up. When all invitations are taken, my $79 discount promo code is still valid.
Carbon Neutral
2008-02-16 18:55
I somehow completely missed this, but DreamHost hosting is Carbon Neutral.
Shameless plug: My $79 discount for hosting is still valid, and DreamHost’s current hosting offering is 500GB of disk space and 5TB monthly transfer. Even if you don’t plan on hosting a high-traffic site, it’s a great opportunity to buy a cheap, online, offsite backup solution. When I get back from vacation, I plan on writing something about how you can keep an encrypted backup there.
How to proceed if you were a victim in the attack against DreamHost
2007-06-07 13:46
Like about 3500 other people, me, my site and my accounts fell victim to the massive account attack against DreamHost (see here and here for a few other people burnt by it).
The anatomy of my attack was somewhat different from what Dave Shea experienced, as I saw that all files whose names matched the regular expression .*index.* got replaced with a 130-byte file with the following content (URLs deliberately removed).
<!-- ~ --><iframe src='[URL REMOVED]' width=1 height=1 style='visibility: hidden;'></iframe><!-- ~ -->As I was in the process of mailing DreamHost support, changing my passwords and cleaning up, the attack was still ongoing, and the contents of these files changed again:
<!-- ~ --><iframe src='[URL REMOVED]' width=1 height=1 style='visibility: hidden;'></iframe><!-- ~ -->
<iframe src="[DIFFERENT URL REMOVED]" width=1 height=1></iframe>
What hides behind the removed URLs?
Well, suffice it to say that I believe organized crime is behind it. Upon inspecting the removed domain, I Googled for the domain, and was met with this search result
Yes, that’s Google’s malware warning service for search results.
Upon snooping around on the site where iframe injected, I discovered a zip file of about four megabytes. A cursory glance at the file reveals that the zip file contains what seems to be keylogs, contained within about 1000 files, as from the output of find . | wc -l. I have not conducted a deeper analysis of the contents of the file, since it’s not my business discovering user’s passwords and personal information. However, I urge any relevant authorities to do just that.
What to do first?
Here is what you do, regardless of you having seen infection or not:
- Change all of your affected DreamHost passwords! For all of your users! This is extremely crucial.
If you have seen infection:
- Inform DreamHost of your situation using the support wizard;
- Read to the end of this blog post. Seriously.
If you’ve gotten an e-mail from DreamHost informing you that any of your accounts may be at risk:
- Read to the end of this blog post. Seriously.
How to locate infected files?
In the case of my attack, all of the infected files had the unique marker — which means that I could locate all of the files by ssh’ing into my account, and search for all files containing this string (replace USERNAME with your own login name):
$ find . -user USERNAME -exec grep -l "<\!-- ~ -->" \{\} \; > result.txtIf the anatomy of the attack against you is different, you may instead try searching for all files that have been modified within a given time interval:
$ find . -mtime 3 -user USERNAME > result.txtHow to restore infected files?
DreamHost has a self-service backup, called Automated domain snapshots contained in a directory named .snapshot, containing the following directories: hourly.0, hourly.1, nightly.0, nightly.1, weekly.0 and weekly.1. If any of your files are infected, go to that directory’s snapshot, locate an unaltered file and restore it. For instance, let’s assume the folder “myharmedfolder” contains an infected index.html that has been altered.
$ cd myharmedfolder/.snapshot/weekly.1
$ rm ../../index.html && cp index.html ../../Note that just copying the file over may not work, because the cp command will just claim that the files are one and the same, so you need to remove the infected copy first.
I’ve changed all my passwords, cleaned any infected files, been declared healthy by DreamHost. Is there anything more I need to do?
Indeed, there is, and I really should not need to say this, but I will: Call your bank, and block any credit card you have used with DreamHost!
Upon discovering what had happened to my account, had changed passwords, cleaned up, and was back to normal, I called my bank. They told me to call Visa Norway to ask for further advice. What Visa’s security department told me was this: Even if DreamHost, as they stated in the e-mail they sent to affected customers, has no reason to believe that credit card information was lost, you should, regardless of DreamHost’s statement, block any cards that you have used with DreamHost. There is a very simple reason to do this: If DreamHost are right, and your CC info is safe, you have lost nothing but the time it took you to block the account, and any amount it may cost you to get a new account opened. If DreamHost on the other hand are wrong, and your CC info has leaked, your old account is unusable to the criminals who performed the break-in. Further, if you knew about the attack, and don’t change your card as adviced by Visa in such cases, you may yourself be liable to costs incurred (this might depend on jurisdiction, but this is the case, at least in Norway). If you are deemed liable, you usually have to cover all the costs yourself. The moment you block your card, your liability goes away. Simple as that. If you were among the attacked, go ahead and block your credit(debit) card now.
DreamHost vs. Amazon S3
2006-10-19 16:38
Ok, I wasn’t planning on blogging anything about DreamHost for a while, but last month, DreamHost made their hosting so much more attractive: They doubled their bandwith, and multiplied disk space by a factor of ten.
Joseph Scott compared the DreamHost prices to Amazon S3 — the short story is: If you’re going to be storing large amounts of data, DreamHost wins hands down on price: The most basic of DreamHost plans, level 1, gives you 200GB of storage, and 2TB of monthly transfer for $9.95/month. Go with Amazon, and you’ll have to shell out $430/month to be allowed to store and transfer the same amount of data.
Add to it that DreamHost has regular FTP (SFTP) access, shell access, and perhaps the best of all: Subversion repositories, and the solution should be just that more tempting for the end-user.
If you think $9.95 is too expensive per month, my Dreamhost promo code ‘dirtcheap’ still gives you a $79 discount on your first payment if you sign up for any of the plans with yearly or bi-yearly billing. Going for the Level 1 plan brings the cost to $3.37/month the first year, or $40.40 in total.
DreamHost discount update
2006-01-30 19:21
Some time before christmas, I started offering DreamHost web hosting with a $79 discount. Since then, DreamHost have made their offering even better, with the most basic of plans offering 20 GB of storage space, and 1 TB of monthly transfer.
Since then, I have also made my $79 DreamHost discount a permanent fixture of this site. So, if you need cheap hosting, read about the promotion.
(And this will be the last I write about DreamHost in a long while, I promise)
DreamHost: Get a $79 discount
2005-10-12 19:40 – One comment
DreamHost discount offering from virtuelvis.com: Use the "dirtcheap" promo code and get a $79 one-time discount on 1- and 2-year plans from DreamHost
I love DreamHost
2005-07-08 22:33 – Three comments
And so should you. I’ve been quite busy during the last week, but logged briefly into my control panel at...
Self-service backups on DreamHost
2005-05-08 14:26 – One comment
Installing Ruby, Rails and Tracks on Dreamhost
2005-03-10 01:20 – Leave a comment
Setting up PHP 5 on Dreamhost
2005-02-28 09:46 – Leave a comment
My experience with DreamHost
2005-02-14 14:31 – Two comments
In answer to a comment, I'm sharing my experiences with DreamHost so far.
If you can read this ...
2005-01-14 13:43 – Four comments
I have just switched from a Norwegian hosting company to DreamHost, with their Code Monster plan with 7680MB disk space, and 192GB transfer per month, and these are my experiences with switching.
Changing my hosting?
2004-12-15 15:04 – Ten comments
Which hosting solution should I go with? DreamHost looks like they have the best plan, but are there others?
Knowledge Base Humour 1
2004-12-14 01:28 – Leave a comment