Ransomware On Your Website – Is It Possible?

fware ransomware

Ransomware on a website?

Ransomware is popularly thought to affect only PCs, mainly containing older versions of Microsoft Windows, through phishing of login details. Actually, nothing is farther than the truth.

In fact, ransomware can be introduced even into Linux-based web servers / websites without using any phishing techniques, and even if they are behind a firewall.

The above image displays the new homepage of a website on cPanel shared hosting recently locked by ransomware. The image below is a listing of the ransomware-encrypted website files as seen via an FTP client.

fware ransomware file listing

How did the ransomware get in?

Servers are computers available on the public Internet and are required to serve information via multiple protocols such as HTTP/HTTPS, FTP, SSH, etc. This also creates multiple points of entry for attackers in addition to poorly secured entry points in web apps.

In this case, the website had allowed file uploads into directories that (carelessly) had execute file permissions enabled for everyone. In Linux this is the 777 permission. This allowed an attacker to upload the fware encryption PHP code to the website and then cause the code to execute via a web browser call.

What would you do if this happened to you?

How would you be affected if you woke up one morning to see your website that wasn’t available anymore? Even after paying the ransom there is no guarantee of receiving the decryption key and getting back your website files and data.

Luckily, in this case, the webmaster (website manager) for this website had already enabled automated website backups and was able to restore the website quickly. Most webmasters agree frequent automated backups are the best defense against total website loss. So does your website have automated backups?


More MySQL storage for Free and Basic web hosting plans

web hosting servers header

We always try to keep our customers happy and make sure they do not encounter any issues while using our services. In addition to our Paid plans, we also ensure that our Free web hosting plan support WordPress and Joomla installations.

Unfortunately with the latest release of Joomla the database disk space usage was significantly increased, which rendered the Free hosting plan completely unusable, because a basic Joomla installation consumes 9.98MB of MySQL space, while the free hosting plan had a limit of 10MB.

Ofcourse we cannot disappoint our clients, so we have increased the available MySQL storage for the Free hosting plan from 10MB to 30MB and for the Basic hosting plan from 50MB to 100MB.

With this upgrade the Free and Basic web hosting plans are again competitive and Joomla-friendly.

Check out our web hosting plans


iwebz.host logo

Free Web Hosting Maintenance – November 11th 2016

iWebzHost.net – November 11th 2016

iwebz.host logo

On November 11th 2016 at 15:00 GMT/UTC we will begin a major upgrade on some of the free web hosting servers.

The upgrade will require a full graceful restart of all services. The process will take approximately 48-72 hours, during that time there will be intermittent service interruptions.

We anticipate that if problems occur during the upgrade process this may cause additional downtime as the upgrade process will have to be restarted.

This upgrade is extremely urgent and unfortunately cannot be avoided.

During the upgrade process access to your websites and control panel will be unavailable.

We apologize for the inconveniences this downtime may cause you and we want to thank you for your patience and understanding.

For staying updated we recommend you signup to the iWebzHost.net newsletter.


icann logo

ICANN IRTP-C impact on Domain Transfers

icann logoICANN Domain Transfer Policy Updates

ICANN has mandated certain updates to the Domain Transfer Policy for enhanced verification when either the Registrant or the Registrar change occurs. This will be effective from 1st of December, 2016.

Here are some of the key aspects that are part of the new Transfer Policy :

Impact on Inter-Registrar Transfers

A Form of Authorization, or FOA, is the email that is sent to the registered name holder when a domain transfer is initiated to approve the request. The FOA will now expire after 60 days if the transfer is not completed, unless we allow an automatic renewal and the registrant has expressly opted in to an automatic renewal.

● The FOA is void if the domain name expires before approval.

Impact on Inter-Registrant Transfers

● If a material change is made, we must collect consent from both the Prior Registrant and the New Registrant, prior to making the requested change, even if you represent both parties. A “material change” is a change in the name, company or email address listed for the registrant contact.

● If the Prior Registrant and New Registrant do not confirm the change within 60 days of the request, the change implementation will not proceed.

● Once both Prior and New Registrant parties agree to the requested contact changes, the information will be updated within 1 day after.

Impact on Privacy Protection

The Registrar on Record will act a designated approver for the Registrant. So no approval is needed from the Registrant listed on the domain. An email will be sent to the registrant whenever the status of Privacy Protection is changed. This email is merely for notification purposes.


We hope this was helpful. To know more about the policy please refer to the ICANN website.


iWebzHost.net Update – Feb 2016

iwebz-host-logo-320x60For quite some time iWebzHost.net has been working toward improving the end-customer experience, because a happy customer is a good customer.

Free hosting plan – Now with MORE disk space

The biggest update is concerning the disk space of the free hosting which now comes with 1GB of disk space instead of 250MB. We have also increased the file size limits for free customers, so they can use the newly available disk space.

Zacky App Installer – Only the newest software and one-click updates

The Zacky App Installer supports upgrades for WordPress and Joomla through the user control panel for both free and paid customers with a single click of a button. We have a dedicated team which makes sure that the available softwares for installation through the Zacky App Installer are up-to-date.

VPS – Upgrades without downtime, improved set of features, and 1-WEEK trials for paid customers

We have made a lot of improvements for the customers using VPSs. All VPS upgrades are now almost instant and do not require restart of the VPS. The VPS Manager section from the Control Panel has been reworked, so more options and features are now available to the customers, like management of HDD volumes, better control and various statistics.

Another great thing about the new VPS platform is that with its release we have decided to give all paid clients the opportunity to get a VPS plan for 1 week as a trial, so they can see if a VPS is their thing or not.

Webmail – Full SSL support with Roundcube and iPhone configurator

The last update is concerning Webmail applications, in the past we supported three applications – IlohaMail, AtMail and Roundcube. From quite some time we support only Roundcube due to its diversity of themes, functionality and mobile device friendliness. We have discontinued the other Webmail applications, because SSL was not fully supported there.

Another useful feature that we added to the Webmail is the “iPhone configurator”, which allows iPhone users to configure e-mail accounts into their phones very easily.

Upcoming developments

The most important thing for us at the moment is finishing the new hosting control panel, which already includes all the features of the preceding Domain Control Panel, SSL Control Panel, VPS Control Panel and almost the entire Hosting Control Panel.

Visit iWebzHost.net >>