Orangescale Studio

I’m not sure when this problem firstly noted. I just found it today. I don’t have a personal account at MediaTemple’s (gs), but I do maintain an account — with some sites installed under it.

MediaTemple reported:

Starting Nov 6, 2009, we noticed many customers reporting a new php injection exploit. If you feel that your sites may have been impacted, here are the steps need to fix the issue:

• Examine and remove any eval() code from your php scripts.
• If necessary, replace all of your CMS (Wordpress, Drupal, etc.) core files from a know, clean source. Consider updating any plug-ins at this time also.

A developing update is available at Kyle Brady’s blog post.

Honestly, I was a little bit panic. Reading all information in brief, I make a conclusion that the problem is not on the installed softwares/applications. Many WordPress-powered sites are infected. But, Drupal and also Expression Engine are also infected. I hope MediaTemple will solve this problem as fast as they can. I run to one of (gs) account at MediaTemple I manage and check every domains hosted. Starting from .htaccess and index.php files. For WordPress-powered sites, these two files are the first files to check. It looks that I am lucky. Everything is normal.

Anyway, the first reason I chose (recommended) MediaTemple is for its good reputation. I heard many positive reviews about them. I know, the price might be higher compared to other providers. But, sometime it’s not about the budget. Meanwhile, I think I’ll ask my friend who has an account with MediaTemple to stay with them for a while and see how they deal with this issue.