Wisetechie Blog : Ctrl your Tech Life

I am a part time moderator/web administrator on our unofficial college website. Last year our website had been hacked and some malicious script had been placed on it which was causing redirection of some Google referred traffic. It would not resend all Google referred traffic though, it even placed its own cookie in the malicious script to ensure that people are not sent to the offending site every time but only once every 86400 seconds.

For days I searched the internet desperately to find out if it was a known thing, most sites suggested it was a .htaccess attack, but I had already suspected that and our .htaccess file was squeaky clean. Just to be sure I also checked all the .htaccess files above and below out root level and they were clean. So I was sure it was a script. If your site is hacked via the .htaccess method, there would be entries like :

RewriteEngine On
RewriteCond %{HTTP_REFERER} .*google.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} .*aol.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} .*msn.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} .*altavista.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} .*ask.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} .*yahoo.*$ [NC]
RewriteRule .* http://newaddress [R,L]

After the .htaccess files were found clean, I tried some workarounds to prevent the redirection, like setting server referrer variable to null and trying to make all URLs 301 redirects but that didn’t work since the script was still able to detect the referrer as Google and redirect the website to tinyurl4.info which probably paid them a lot to get this done. It would be sent to random addresses on the tinyurl4.info site. Since the site may be hosting malware, I would request you not to go there. So this method of cloaking the referrer at my side clearly wasn’t working.

Next I created a zip file from the offending folder of the site and downloaded the whole thing using my 3G connection photon+ connection (wanted to finish it off ASAP). Once the folder was downloaded, I ran a McAfee scan of the whole thing hoping that the anti virus would be able to detect the offending code as it would be obfuscated. But I was wrong McAfee was terribly incompetent. So it was plan B , I started searching for strings like .js and tinyurl4.info to try and find the redirecting code. Windows search wasn’t very helpful here and couldn’t even find base64 which was one of the strings I searched for and was a part of the offending code.

So now it was plan C , this one worked. I listed all files in the site which had been modified within the past one year. Here is where I was able to find the culprit. One PHP file global_lang.php  had been edited in 2009 while all its peers were not listed. I grew suspicious and opened the file. To my shock, horror and relief I found the following piece of code :

which when translated turned out to be malicious code. I am not displaying the malicious code here should you get any ideas. What it was doing was checking if the person was referred by Google, Yahoo etc. and if that was true and there existed no cookie it would redirect that person after setting a cookie. The cookie ensured that once a person was redirected to the fake site, he wouldn’t be redirected for some time.

I have listed these steps here so that webmasters might be able to get a hint of how to recover from this particular type of  injection on their sites. Ofcourse, always take backups, backups ensure you can just dump them on and the malicious code is removed.

Future Proofing

There is probably no way to protect yourself from the super hackers , however you can always take precautions. First and foremost, always take backups and multiple backups. you should ideally have 12 backups from the past 12 months.

Apart from backups, ensure that the permissions on your website are always set correctly. 777 is really the devil .Never grant write permissions to outside users. 755 for folders and 644 for .php files usually works. Incase you suspect hacking, contact your host at the earliest.

Also turn off all directory listing.

Hoping you found this article helpful

Bluehost had been my first ever commercial host and my experience has been well, mediocre. I wont call it a bad experience , neither would I say that it was a Bluehost nightmare. This is the most honest Bluehost review you will ever get from someone who was on Bluehost for around 2 years and had quite a few low and high traffic domains hosted with Bluehost. Being an Indian one is more likely to end up with shady hosts, but since my domains were doing pretty well I decided to go to Bluehost for stability and the price and reputation was good.

After moving to Bluehost, I experienced downtime the very 2nd day, pretty significant, I got in touch with the Bluehost live chat support (pretty useless most times) who told me (in different words) , This is shared hosting, we cant do anything about downtimes or server issues, please take your issues elsewhere and switch to VPS. I very honestly asked the support person that I am bringing downtime to his notice and he is asking me to shift, suddenly he became soft and told me I had the choice to switch to another host but they wont take care of errant sites on server and neither will they assure me that downtimes would be reduced. It was like downtimes are Ok.

Anyway I kept on with Bluehost as it was overall reliable, then came the next blow : CPU throttling. Its every blog owners nightmare. PHP scripts would routinely be timed out and every time a wordpress page would load, my account would be throttled to ensure their grossly oversold servers are ok. I tried everything, using super cache, cleaning databases, removing overheads etc. But none of these helped. In an experiment, I myself would access a cached age of my account and still find that on each pageload my account is throttled. Page source would confirm a cached page was served. I own small sized blogs and such throttling out was giving me nightmares.

I don’t care what Bluehost tells you but CPU throttling is a deal breaker for me, the site would become excruciatingly slow during access.

Then began the search for the new Cpanel host. Stablehost was suggested by my brother as it had an offer offering 75% lifetime recurring discount. Interesting i said but warned him that if its too good to be true, it sometimes is. So I started to find bad reviews about Stablehost but surprisingly there was no bad review of Stablehost on the Internet, only people praising their personal customer support. I was impressed and those who know me know that customer service should be really good to impress me .

So I have signed up for Stablehost and its been more than a week and haven’t faced a single issue yet, all websites were transferred to the new account and things seem to be running smoothly. However I hope I don’t have to eat my own words. The reason I switched was that unlike other hosts, I can take a 6 month contract, yearly contract etc. for the same rate so switching is easy.

The customer care has been prompt and smooth, maximum time taken to respond was 12 hours for a domain transfer request to be initiated, otherwise I would get a reply within 10 minutes. Such a nice standard of personal customer service is a refreshing change from the robotic customer care of Bluehost who would routinely ask me to cancel my account in case of any downtime and never once reimbursed me for downtime.

Stablehost still has a 50% off coupon running on their website (use BDAY or TOS, both work) and if you are looking for a good, friendly host that offers realistic hosting, please have a look at Stablehost . The 5 GB space 100GB bandwidth plan would barely cost you $36 for the year after the discount. That’s much cheaper than bluehost and other hosts and they dont grossly oversell like Bluehost.

P.S. : These are affiliate links, but the review is 100% original and not sponsored.

Jubilant Foods recently went post IPO so the revenue pressure seems to be there , today we ordered some stuff from Dominos Pizza and I decided to order online using some coupon codes I had. I got the pizza soon enough in 30 minutes . This new service by Dominos India seemed amazing at first look.

But I was in for a surprise, an hour later the outlet called me and told me that no coupons were applicable on what I had ordered and asked me to pay even more money equivalent to original price of the items + tax. This call came 1 hour after my order by the way so I was all the way through the pizzas. The difference in price was around a huge difference before and after coupon.

Anyway, I didn’t want to argue so accepted the revised price (handwritten and overwritten). But this just exposes the chinks in Dominos Pizza’s offerings as the online ordering service can be very misleading especially with regards to coupons, you may think you have gotten a bargain but the local outlet can spoil your party. Wont be ordering from Dominos pizza some some time at-least.

Don’t know if the local outlet will pocket the extra money as the printed bill still lists the original price. In any case Jubilant Foods need to get their act together.

Just a short little post to warn you about Big Bazaar and some of their offers, my parents got duped twice by the same outlet (Big Bazaar Vasant Kunj) on the same item. The first time they were quick to raise a fuss and got compensation (a voucher to spend on same store within 15 days, yeah that’s what they offer for overcharging).

The second time they drove to that place to get the 1st voucher redeemed and unfortunately they were in a hurry and didn’t look at the bill receipt properly. So here was this item marked ‘buy 2 get 1 free’ everyone on the aisles and my parents didn’t get the offer. The funny bit is that its the same brand that they had been cheated on a fortnight ago in exactly the same fashion. The customer care had tried to fool them into accepting the flawed bill, but Mom and Dad have learnt from me on handling these shrewd business people and were able to get a refund in the form of a credit note. Impressive but if I were there I would have pushed for a cash refund.

Anyway, instead of driving to Big Bazaar again and going through the painstaking exercise of explaining to them again, I decided to write to them an email and asked for a refund for the extra money my parents spent. And here’s the shocker :

For the first time in my life, writing to the Future Group has failed to even evoke a response, I have used that email ID for complaining against everyone from Furniture Bazaar to Food Bazaar to Big Bazaar, but this is the absolute first time the Future Group has completely ignored my complaint. No follow-up, no apologies and no compensation. Seems like the customer complaints against them are turning out to be genuine. Hope they recover soon and go back to being the customer friendly organisation they are supposed to be. About me ? I am poorer by Rs.60, but all is well

Tata Sky , easily the most popular DTH service (in terms of opinion) in India is again raising prices. This time its the multiroom charge. The existing charge for multiroom subscriptions was Rs. 125 but today I received an SMS that the charge has been revised to Rs. 150 per  moth.

Couple that with each new channel going into a new package, Tata Sky is really an expensive proposition for the customer. Since its launch I am yet to see a customer friendly move from dear Tata Sky.

Earlier they created this Gold Pack which would have all the new channels. When people subscribed to that, they came out with lifestyle pack. Thats the latest one they are filling with channels including Discovery Science (lifestyle yeah !, wonder if they show how to make cocktails).

Before that they were notorious for hooking people on with 6 months free scheme and then raising prices like crazy.

And another instance is the unbundling of ESPN Star Sports when they had publicly humiliated and refuted Tata Sky’s claim of actually lowering costs for their customers.

Some very smart MBAs with zero concern for customers are working with this company. Lets hope they realise what they are doing wrong.

It has been 2 years and 3 months since I had bought my Dell Inspiron 1525 Laptop. Mine was one of the last batches to have been made in Malaysia with most of the assembling shifting to Bangalore later on for Indian customers. I was lucky as my original laptop was pretty robust, but one thing you notice with DELL is their lack of concern for quality in various parts.

Almost everyone in my class owns a DELL and has had to invoke the warranty atleast twice. Which brings me to a good point DELL India’s warranty is probably the only thing worth writing home about. Seriously good warranty and replacement of parts once you get past the call center. That’s why I always made an online complaint whenever I needed to invoke the warranty, no need to speak to Indian call center agents who talk to you as if each replacement part is being cut out of their salary. But this post isn’t about that, its about my ownership experience with the DELL Inspiron 1525 where it fell short and where it did good.

The Good

The laptop itself is the good thing, its working alright and all of the insides work perfectly. Its easy to clean and the RAM is pretty easy to upgrade. And that’s about it.

The Bad

Extremely pathetic plastic quality. The keyboard keys are fragile (tab broke, had to be fixed with fevikwik),one of the touchpad buttons is faulty, the palm-rest plastic is discoloured and the hinges are loose. The adaptor wire seems like its ready to break off and the power button is also losing its coating of chromium (?). But to be honest, all these things were changed in warranty except the button,adaptor and hinges. The palmrest had been broken by a Dell employee in a service visit. The keyboard had stopped working twice. The replacement parts seem to be of cheaper quality than the originals which is a very worrying prospect.

The battery is by far the worst thing in the laptop and worst of all warranty customer care wont cover it. It used to give only 3.5 hours when new and now barely gives 45 minutes on battery saver mode. Its still better than one of my friend’s Inspiron 1520, after 2 years his battery stopped all backup altogether. On the contrary one of my friends’ laptop from Dubai still gives 3 hours after 1.5 years of usage. Not sure if they get a better battery in Dubai shops.

The Ugly

Well nothing really ugly about it, its just that the manufacturing is done keeping in mind to have a low period of ownership. The only ugly i see is that 1.5 years into ownership the mic stopped working and to replace it I probably need to replace the motherboard.

Would I buy a DELL again ?

Yes, but not from India. This was my first experience with DELL India and I am now a wiser man , I would much rather wait for a relative from the US and have a better quality of laptop construction and parts. I have a DELL US laptop (Vostro) and also a Lenovo US laptop and their quality seems to be much better than the India counterpart without a need to invoke any warranty even.