Sulit.com.ph is now back online of course not without any casualty, remember a site as big as sulit.com.ph will lose a big chunk of revenue if the site went down even for just a few minutes.
Earlier today, Sulit was defaced where the homepage displays the “ayosdito.ph” instead.
Now on his Facebook account Sulit Founder RJ David explains what really happens and how a simple .htaccess hack even if it’s just for a few minutes may take 48 hours to propagate globally, he also mention that this similar to the November 2008 hacking of Dot.ph which was still the early days of the site.
RJ David further explains that from the first Dot.ph to this latest one, dot.ph customer service remains the same which provided no help at all, which is very strange for a registrar and web hosting company and “takes pride in providing quality service.”. I guess if RJ David only has a choice he would have move to a new registrar already one that provides better customer service and a more secure service.
Dot.ph is the only registrar in the Philippines where you can get a “.ph” domain name.
Here’s the complete post of RJ David.
Somebody was able to access our account at Dot.ph again and change the details of Sulit.com.ph. As of now, we have already changed the details back and just waiting for the domain to propagate globally which unfortunately can last up to 48 hours.
This issue was reminiscent of the November 2008 hacking of Dot.ph wherein our domain was intentionally parked to earn from the redirected traffic.
But there are a few differences this time:
1.) Only our password was changed and not our email address. We received an email for a password change to there might be a security hole in Dot.ph password change process. There was a high probability that the attack vector was this process. If this was the case, then it can happen again if Dot.ph won’t do anything fast.
2.) The domain was not parked but instead forwarded to the website of one of our competitors in the industry
But one thing remains the same:
Nobody is still answering from Dot.ph to help us resolve the issue. Just like the November 2008 which happened on a weekend, we might not hear from Dot.ph until Monday.
This is a very big problem of the local internet industry and Dot.ph must do the necessary steps to keep the local websites running 24/7