The events below are dated from July 2018
We dedicated to test a shared web hosting plan at Woothosting.com running a Cpanel installation. After several days, we received a mail from Google saying that our website was hacked. We visited our website and discovered that it was blocked by Google in Chrome, Opera and Firefox. We typed the URL mentioned in the google email and found that it was a phishing page to collect credit card details. The said webpage appeared to be in a folder of our domain. We checked our folders using the file manager of Cpanel to see if we could NOT see any webpages. Furthermore, the account mentioned in the URL was not our account nickname.
We contacted the help desk of the web hosting company but they told us that our account was fine.
This problem was very interesting and we were very happy that it wasn’t about our main website. We learned a lot about Cpanel here.
In fact, we were testing htaccess redirects to 404 and 410. So there was no index file for our test website. My HTaccess file directives could not block the phishing URL.
It means that upper in the configuration of Cpanel, someone has been able to hijack the apache configuration to map my domain name to another folder on the server.
The issue was not related to the web hosting company but it means that someone succeeded in hacking Cpanel. It also means that Cpanel is not secure.
Also, it means that Googlebot, for some reasons, is able to crawl URL even if there
We ended up cancelling the subscription to the Woothosting shared web hosting plan.