SupportedNS.com - Google Phishing Warning - Temporary URLs Disabled Network-Wide

[Michael D.]

Unfortunately spammers, fraudsters, and phishers are constantly working to find new ways to perpetuate their activities.

 

For a long time we've allowed temporary URLs of the format http://server-name.com/~account-username/.

 

What this means is that if you wanted to test loading content from your site while avoiding DNS - you could just put in your server name, such as 's3.supportedns.com' followed by '/~your-cpanel-username' and see your site. It's not a perfect solution because many scripts, such as WordPress, look at the URL requested and will give a 404 on a temporary URL if not configured for the temporary URL.

 

Due to a recent phishing attack on the S3 server - where an account was used via this temporary URL to host a phishing page - the entire server hostname has been blacklisted by google temporarily. Here is what you may see trying to access your cPanel, WHM, or Webmail on the S3 server currently:

 

If you do see this you can safely click "Ignore this warning" in the lower right hand corner of the page to proceed to your cPanel, WHM, or Webmail.

 

We are presently working to identify which account is hosting phishing content, however, without a direct report containing the URL we're searching for a needle in a stack of needles. Being that we've been unable to identify the account with the bad content as of yet we've disabled temporary URL access on this server. This will cause the original listing to fail and ultimately Google will de-list the server hostname.

 

This isn't the first time this is happened and I'm sure it's not the last. Unfortunately the convenience of temporary URLs does not out-weight the ability of our customers to reliably and consistently access their cPanel, WHM, and Webmail interfaces. As a result - we've chosen to disable temporary URLs network-wide.

 

The best way to gain temporary access to an account is to park the subdomain of an active domain on the account. For example if you run "mysite.com" you can park "accountname.mysite.com" onto the account and then load it via that subdomain. If you need assistance with this our technical support department will be happy to assist you.

 

To view the site on it's actual domain prior to DNS propagation you can also use the HOSTS file method. It is admittedly a bit more complicated but it does work well when properly implemented. Not only will the HOSTS file method result in your site displaying properly [as it's not a different URL from normal] but it does not face the issues the normal temporary URL structure faces. Directions on using the HOSTS file can be found on our blog here.

 

If you have any questions about any of this feel free to either reply here or to open a support ticket.

 

Thank you!

[juliebolddogge]

Michael,

 

You guys taught me about the HOSTS file method a long time ago and it works perfectly. Thank you as always!

 

Best,

Julie

[Michael D.]

The new temporary URL format is:

http://SERVERNAME.temporary-access.com/~USERNAME/

So if you're on the S1 server and your username is "someusername" it would be

http://s1.temporary-access.com/~someusername/

This issue has resulted in some email delivery issues for some customers that are using php's mail() function instead of SMTP. We've requested the domain 'supportedns.com' be de-listed at various RBLs and anticipate this issue to be fully resolved within 24 to 48 hours.