Go Back   MacRumors Forums > Special Interests > Visual Media > Web Design and Development

Thread Tools Search this Thread Display Modes
Old Oct 19, 2013, 05:56 PM   #1
macrumors newbie
Join Date: Jul 2008
FTP Access Malware?

2 days ago I started getting rejections from FETCH FTP when accessing websites hosted on Bluehost. No trouble accessing FTP on GoDaddy or any other webhost. Bluehost tells me in 1 hour over 17,000 attempts were made from my ip to log in. tens of thousands attempts in 2 days. So they blacklisted my ip. I changed my public IP, accessed one account, then again got the "503 fetch access denied suspicious behavior" again on all accounts. All computers on my network scan clean. How is it a problem only on Bluehost and not any other service?
arcticblue is offline   0 Reply With Quote
Old Oct 20, 2013, 09:00 AM   #2
macrumors 68000
SrWebDeveloper's Avatar
Join Date: Dec 2007
Location: Alexandria, VA, USA
Originally Posted by arcticblue View Post
All computers on my network scan clean. How is it a problem only on Bluehost and not any other service?
Assuming it's a LAMP setup on the remote and you got the same exact 503 before and after changing IP...

I cannot address why it is happening, you took a good first step by changing your public IP and scanning your network. However, it is extremely insecure to use standard FTP - you should be using SFTP (secure FTP which uses ssh and encryption) and require a public/private key pair from now on.

FYI: Generating a keypair is as simple on a Mac as going into terminal:
ssh-keygen -t rsa -C "yourname@yourdomain.ext"
(usa a passphrase when asked for max security)

Then upload the pub key to the proper place. This might be managed via Control Panel or copy the id_rsa.pub to the remote host where is should be put in the user's ~/.ssh/authorized_keys with permissions 600. Ask their support if unsure.

Or, there is always the option of using GIT with a remote repository which uses SSH/rsync and the same kind of pub/priv key. That way you can push from your local to the remote repository (i.e. github.com, free account/1 repo), ssh into your server's docroot and pull from the remote. Or maybe Bluehost has a repository you can use and all you do is setup the key and push from your local.

Or, use rsync with ssh you can synchronize files between the two securely such as outlined here: http://beyondtheclick.ca/lab/technol...sing-rsync-ssh

I never used Bluehost, so ask their customer service if they offer SFTP and a place to upload the key (usually in a control panel) and/or repo using GIT or SVN. Any of these, your security is vastly improved.
Jim Goldbloom
Sr. Web Developer, owner GoldTechPro, LLC
SrWebDeveloper is offline   0 Reply With Quote

MacRumors Forums > Special Interests > Visual Media > Web Design and Development

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Similar Threads
thread Thread Starter Forum Replies Last Post
Resolved: FTP Server problem - Everyone has access to / user1690 PowerPC Macs 7 Mar 22, 2014 12:32 PM
How would I set a static ip for remote access if I don't have access to the router? pruppert OS X Mavericks (10.9) 8 Feb 5, 2014 06:05 PM
'Parallels Access' Launches in App Store, Bringing Mac and Windows Access to the iPad MacRumors iOS Blog Discussion 49 Sep 16, 2013 11:10 AM
No FTP access using two Apple Extremes brainwave89 Mac Peripherals 3 Aug 2, 2013 09:22 AM
Someone used Safari remote login to access my computer. What did he have access to? zephonic OS X 10.8 Mountain Lion 2 Jul 25, 2013 09:52 PM

Forum Jump

All times are GMT -5. The time now is 06:44 PM.

Mac Rumors | Mac | iPhone | iPhone Game Reviews | iPhone Apps

Mobile Version | Fixed | Fluid | Fluid HD
Copyright 2002-2015, MacRumors.com, LLC