I’m posting this now because the hosting company has seem to finally fix the issues, I tried emailing and tweeting to them but got no response from any of the parties.
A few weeks ago there was some buzz on Rage Against the Machine’s site: Rage Against the Machine, Public Enemy & Cypress Hill member were forming a supergroup called Prophets of Rage. On the day of announcement they posted a mysterious webpage with just a countdown clock, http://prophetsofrage.com .
Upon going to the website you were greeted with an open index
Anyone with knowledge of website creation would know you should at the very least have an index.html in your directory to stop someone from browsing files in your directories. If anyone downloaded the wordpress.zip seen in the open directory or browsed to the /_MACOSX directory would have been seen the files used to create a WordPress CMS. But the company hadn’t just have the default files for a wordpress install, they had an edited wp-content.php with credentials to their MySQL database.
I quickly tried tweet to @RATM and @mediatemple, the company who was hosting the site. Apparently, they are a new company started under the parent company, GoDaddy. No one responded to my tweets directly but shortly after their MySQL seemed to be down finally.
Finally today their site was live but not using WordPress, only a static page it seemed. So i hope they dont try to revert back to WordPress with their old creds anytime soon. So the moral of the story here is don’t roll out a website live, or at least wait until its finished before giving the url out to he media. 🙂
I dug threw the source, and found an email address to their marketing team. I sent them an email with my number, and they called me back 20 minutes later. Listened to their half-ass plan on restoring the site from a backup, told them they were fucking retarded, and to nuke that shit.
They tossed their shitty wp build, and went with an older version (even though that one had 11 fucking vulns in it as well). I told them to ditch their shit-ass DC (hosting off some VPS in Florida, with 256 other BS sites on it) and go with someone else.
you had more patience than me to deal with them on the phone. the site is still a hot mess