Due to a large number of malicious attacks targeted against FTP accounts, we have decided to make some changes on our users behalf. As of this post all personal and business account users should see the FTP security lock enabled on their accounts. This blocks FTP access until you reverse this option via our site.

In addition if your account was exploited by the attackers we may have also randomized your FTP password. Please note that only a very small fraction of our users have experienced this issue – however, these measures have been taken out of an abundance of caution to protect all accounts. For more complete details on the FTP lock and updating FTP passwords please see:

http://www.34sp.com/ftp-problems

If you have any questions regarding this update, please drop us an email at help@34sp.com.

Over the last 48 hours we have noticed an increased number of attacks against hosting accounts. The attacks take the form of exploiting the FTP server to upload malicious content to accounts. The present attack we are seeing uploads files (htaccess) used to redirect incoming search engine visitors to spam sites.

In light of this current uptick we have updated our FTP scanning system to detect and block these uploads before they can prevent damage to accounts. If an account is deemed to have been exploited we take three steps to protect you. The files are removed, your FTP password is randomised and an FTP lock is enabled on your account. You will also be emailed about these changes at your registered email address.We recommend then updating your account passwords to non dictionary words and using SCP over standard insecure FTP. You should also check your account to verify no other malicious changes have been made.

Furthermore it would be wise to run a full virus scan of your own machine, using upto date virus scanning software. We believe that the attacks may have originated from users own machines, exploited with a trojan.

For more infomation on the FTP lock and how to enable/disable, please see: http://www.34sp.com/ftpsecure.

To update your siteadmin password:
Log into /siteadmin
Click Edit
You can update your siteadmin password here.

To update your FTP password:
Login to /siteadmin
Select your domain
Select ‘Hosting Setup’
You can update your FTP password in the section.

All account holders that use email are interested in reducing the incidence of spam. Whether your account is our new Professional Hosting, or VPS Hosting, or a Reseller Hosting account – greylisting may be of use to you. Greylisting is a method of defending email users against spam. A mail transfer agent (MTA) using greylisting will ”temporarily reject” any email from a sender it does not recognize. If the mail is legitimate, the originating server will try again and the email is accepted.

Greylisting is effective because many mass email tools used by spammers will not bother to retry a failed delivery, so the spam is never delivered. If a spammer does retry a delivery after the waiting period has expired, any one of a number of automated honeypots will have had a good chance of identifying the spam source and listing both the source and the particular message in their databases. Thus, these subsequent attempts are more likely to be detected as spam by other mechanisms than they were before the greylisting delay.

The main advantage from 34SP.com users’ points of view is that greylisting requires no additional configuration. You will just be require to go to: http://www.34sp.com/greylist. You will only notice a delay on the first message from a given sender, so long as the sending email server is identified as belonging to the same whitelisted group as earlier messages. If mail from the same sender is repeatedly greylisted it may be worth contacting us with detailed headers of delayed mail. You can simply email the header details in to our support department for analysis.

When a mail server is greylisted, the duration of time between the initial delay and the re-transmission is variable. Some mail servers use a default of four hours, though most will retry sooner. Most servers have retry rules set to attempt delivery after around fifteen minutes.

To add greylisting to your account please view: http://www.34sp.com/greylist.