Did you know web hosting companies that provides reseller accounts leave your websites vulnerable? In this article, I Haider Ali Khan will share a little knowledge of mine that could save your websites from being hacked by your enemy’s or haters.
I am not trying give a bad image to web hosting companies that provide reseller hosting, nor am I trying to take customers away from them. So if you are running a web hosting company owner, don’t get angry for whatever I share in this article 😛 .
I am sure many of you may already know how can a attacker hack its target using WHM (Web Host Manager) reseller account while many may not. I recently found that attackers could use a WHM reseller account to create sub-domains of any site hosted on the same server. Once the attacker creates a sub-domain of its target, the attacker can then run that sub-domain without the owner of the official site knowing. The sub-domain would be used just as if running your own site. An example would be if a site of yours is parked on a server, such as yoursite.com. The attacker can then create secure.yoursite.com using a WHM resellers account on that server. The attacker can add a deface page just to scare you or could add a phishing page to steal your users login details.
Web Host Manager, or WHM, is a powerful program that allows administrative access to the back end of cPanel.
I hope you learned something from this article. If you have any questions, feel free to comment. This article has been written by me (Haider Ali Khan @ www.HaiderK.com).
Follow me on Facebook: