You can bet I will be posting this on Web Hosting Talk later. I already do not like iPower as a host. They suck, simply put. One of our last sites on iPower, one that was not on our iPower reseller, had been the target of a rather malicious and nasty .htaccess hack.
Not only is it irritating that the site got hacked and iPower did not notice or inform us, when we called to tell them they did not sound one bit alerted to the seriousness of the issue. Really bad host.
When asked if they could look into the log files, as I knew the exact date and time it happened, they said that would not lead to much. He would not even transfer me to a Tier 2 tech. I did not push the matter, as I was about to ring his neck. I had already fixed the problem and I could tell the tech was not concerned at all in the matter.
As a matter of fact, he said a "hack" usually happens when a new or old web guy is involved. Well, I work for the old web guy and I am the new web guy, so I don't think so buddy.
This was an genius little hack, some script kiddie must be so proud. They used RewriteCond statements in the .htaccess file to redirect all search traffic from about 20 different search engines to a porn site script that sent you to a random site, oh and 301 redirects to boot. There were also ErrorDocument scripts as well.
Once I looked into the matter the first thing I noticed was the Index and the .htaccess files were modified on April 11. That means the site has been like this for six bleeping days.
The most shocking thing to note here is that "this is not the first time this has happened to one of my client sites," as I am told by coworker. HUH?
Needless to say I changed the password on the account and am moving them to our new reseller on Liquid Web. Hit the jump if you are interested in the code from the little hack.