I've been with JodoHost for many years. The last 8 months or so they've had a lot of down time. But what's happening now is just the worst!
I've had 12 clients sites down for part of Sunday, all of Monday and now half of Monday! In the height of the xmas shopping season I have 3 retail clients with no website. Response from the JH support has been slow and mostly worthless. In one of their forum posts yesterday they said the issue had been resolved - but I still had 6 client sites down and no response from them. This morning they were up for a nano second and I rushed to go back up sites to move them and BAM down again and have not been back up since.
This morning they tell me that one of the sites database is GONE and they have no backup for it! OMG - what happened to their daily backups???
Jodohost has obviously oversold and is understaffed. Their India support team has poor English language skills for the most part which really makes communication difficult.
I'll be moving my sites as soon as I can ACCESS them!
There is a major DDOS attack on a server, that is the core issue here. I am unsure of the backup situation as I haven't heard about that, but I am quite sure we have backups unless something very old is being sought as we do not keep long term backups.
the DDOS attack is targeting one server, not all network, and it is hitting the shared IP, that many domains are on, so it is a worst case type scenario. Many of the domains on it also using 3rd party DNS, so several rapid DDOS mitigation solutions we have looked won't even do a bit of good to help.
We've been updating forums, twitter, and facebook as much as possible, and working basically non stop. I am not sure what more I can do right now to explain things because there is only so much that can be explained. Block sources, the shift, block attack profile, it shifts, its not hitting domains anymore, but the main shared IP. We are working on some customized filtering internally on it now, but its proving to be quite adaptive.
We are also working with helping clients move to another server if need be, but this takes a bit of time to do moving the files and the DNS.
I have 3 retail clients in the middle of Holiday shopping season with NO website!
It's nice that you post here, but why am I not getting response to my tickets for crying!
Is there another email address sI need to be submitting tickets to other than resellersupport at jodohost.com???
No that is the right place, in regard to the move we are making solutions for it now, as with the DDOS the moves were not working even if started, so it isn't something that's been offered for 2 days.
As for ticket response, we haven't had a lot to offer yet, which is not good, but there's been little to update on it outside of what we've given public as we've been updating. I will try to have them update soon to offer a move, as we get this rolling and content moving (not just settings which was all happening before,not a good thing)
This has been one of the worst situations I can remember, without a doubt, and add to it that there was a much different type of DDOS just recently that also hit a shared IP, we have been looking at options on the market to help mitigate these situations, as the manual ways of old are not working against the new styles of attacks. While this is very much a failure right now, we will learn from it and grow stronger from it and have more hardware and software solutions in place after evaluations can happen.
I've also been a long time JodoHost customer, and have always been impressed with the level of their service.
However, they seem to be the target of numerous DDoS attacks.
I understand that these problems are not directly related to their hosting and service...but they affect MY service. My sites, and my clients are really being hit hard by recent DDoS attacks.
One issue I have - lack of communication. Their Twitter feed only had one update in 10 hours, and their forums only had 3 updates over a 12 hour period. All of this while one server was COMPLETELY DOWN! Sadly, it was a "newer" server - as a customer, that meant for many of my newest clients were already seeing down time.
I'm not sure why they are the target of these recent attacks - maybe it's a result of the customer they are allowing / attracting, but it is REALLY starting to hurt the rest of us. And it seems to be happening more frequently. They've even admitted the attacks are becoming more aggressive and complex, harder to block and their previous methods are not effective.
Add to that several recent issues with mail servers getting blacklisted for spam...and all the bad apples are really starting to spoil a good host.
I know customers create many of their own problems - running vulnerable or out-of-date CMS, weak email passwords, lack of desktop antivirus - but these major attacks seem to indicate more than just vulnerable scripts.
I hope they do learn and grow - but I'm not sure how much longer I can put up with their pains!
I feel your pain! I've been with JH for about 8 years and I'm pretty much at my wits end. My clients are hurting and it's killing me and my business. I've got to find a reliable reseller web host. I've researched many, tried a few with poor results.
We've been thinking a LOT about how we are going to offer hosting services, how much to charge, what level of support to offer....it's tough to balance everything AND try to take care of your customers.
Because we take a hands-on approach we've lost a LOT of time (which is money) recently due to JodoHost. I can't begin to imagine how this will affect our reputation.
The thought of moving to a new host is equally as daunting - especially when it comes to moving client email accounts.
(Web 17 at JodoHost was up for awhile, but it's already down again! Argh.)
Guys, I understand communications are some fault, and I agree, but there isn't a lot I can add. Me adding per hour commentary of all steps down simply slows us all down. I have been at this for a long time now, and I feel very bad about how issues have taken this turn.
As for 'customers being accepted' well, the stuff being attacked we haven't actively marketed in years, it is what those in the reseller program are accepting, or automatically allowing without any test or legitimacy. We've given notice to resellers numerous times about any auto-accepting without moderation on signups, and several times even forced moderation on them(auto accept offenders that cause problems from time to time) to verify all signups.
However, DDOS alone cannot be pointed at an individual in most cases, there are some certain types of sites more prone to get them, and I'd say whats happened lately is not of those high risk type.
What's for sure that is DDOs for hire is getting cheaper, and people are more willing than ever to do dirty means to take out competitors. I don't believe anyone is attacking us just for the record (so no one here take that way), but there's a very real likelihood some of the recent DDOS was such a case against a hosted reseller end user. A 7gb/s DDOS(happened end of last month/early this month) doesn't just randomly target something that I've seen, nor does a smaller traffic, but crafty shifting attack like on web17 come by random chance. We've determined one of the target sites is actually on some external DNS pointing at us which is creating a majority of the traffic to the IP(shared IP of server with other shared domains).
I think you actually just validated my point - if JodoHost is accepting "bad" resellers ("numerous warnings numerous times")who are in turn activating bad accounts it's ultimately up to JodoHost to put some controls (on resellers) in place.
Require moderation - seems like a great solution! I cheered when you enabled it! If a reseller complains, what type of business are they selling? Are they spamming hosting emails, which results in bad clients AND blacklisting JodoHost email servers?
External DNS causing problems - don't allow it, or allow it with the clear expectation that changing JodoHost WILL change IPs to protect the rest and that WILL result in down time, use external DNS at your own risk!
Vulnerable scripts/CMS - notify/update/require updates (and make resellers RESPONSIBLE for their clients!) For the record, I AM GUILTY OF THIS! I was running a very vulnerable CMS on several sites (old sites that had not been updated in years)that were ultimately hacked, defaced, and possible used to spam others! However, I don't see a great deal of news on exploits and vulnerabilities - I guess I'm assuming my hosting company is the expert on this. Are automated server audits and notifications possible?
Is JodoHost afraid of losing customers?
I have over 150 accounts with Jodo, pay nearly $100 per month, use 25GB of disk space and 90GB of bandwidth per month. I've logged 60 trouble tickets in 7 years....now I'm forced to consider a move.
Which accounts are more valuable to JodoHost?
I'm afraid if JodoHost doesn't take a stand or make some very public announcements about how this will be handled going forward they will be choosing this "other business" over mine.
(FWIW - I'm forced to make those decisions in my business - keep the 'difficult' clients that cause hassles/headaches or 'fire' them and actively seek new, better clients to continue to grow.)
On the JodoHost forums there has been talk of a different style of plan with more controls in place - maybe that's not feasible, but that's EXACTLY what I will be shopping for!
I'll pay more, I'll put up with more stringent hosting/activation requirements, I'll agree to more through upgrades of CMS and other scripts (my responsibility, but notified by the hosting company of security issues)...all in exchange for a more stable host!
I use "reseller" hosting because 95% of my clients want to leave that decision up to me - "the expert" - and also are willing to pay a little more to let me handle it. Having all of my clients/accounts in one place makes billing easier, and management MUCH easier. "Reseller" plans allow me to more easily manage all of my clients without having 150+ different logins.
Maybe I'm not a "reseller" - or maybe that concept is being abused by others...either way, I don't think my situation is that unique.
I mentioned above that I'd like to rely on the hosting company to identify security risks - maybe I should be looking for something more like "managed reseller hosting"?
Everyone knows GoDaddy or DreamHost is cheap - but my clients will pay me a premium to not deal with it! I'm saying the same thing! I'll pay a premium to a Reseller hosting company to provide a stable environment that I don't have to worry about!
I have quite a few clients that brought their own hosting, and we manage it for them. Seven different hosts, zero problems this year. (But I hate dealing with all the different configurations, different hosting parameters, trouble ticket process, control panels, passwords, etc.) Three of those companies do offer reseller programs, the others do not.
According to IPLookup there are 500+ domains pointing to the server that was down yesterday. Those probably are NOT all unique accounts, but how many bad apples spoiled that server for the rest?
Ok, that's quite a rant - I really hope JodoHost comes up with some good, solid solutions! I've been with them for a long time and really think they've got good, quality people who try hard to help.
But I also hope they realize it's VERY hard for their customers to "wait and see" - especially in the dark!
Yes This seems to be a over utilization of resources if you are on a shared server. it better to limit the utilization of resources on server for each user to avoid any downtime. A DOS or DDOS can also cause problems. An attack usually block all other account to run their process. It's better to terminate those account causing DOS or DDOS.
A lot to cover there in some regards, but the issues here weren't with those resellers and haven't been an issue in a while. I was mostly stating that as an example. No we don't keep trouble resellers, in fact we've removed some that caused problems, some of them don't leave in a good mood about it either.
Another issue was a bit out of their and our controls as there was a bug in Hsphere allowing signups to bypass moderation, been patched for over a year now, but some of those were warned a few times weren't actually allowing, it was the bug allowing a bypass, again that was resolved thankfully!
External DNS, there really isn't a way to prevent external DNS, someone can point a domain to an IP if they wish, and there isn't a lot that can be done about it, yes you can filter the header/alias and drop it there, but it would need some analysis. In addition a number of resellers have plans at multiple providers and use one for master DNS controls, which is a decent plan IMO, so it allows to control one place, it doesn't work well with hsphere but they work hard to make it work.
Vulnerable scripts/apps/etc have been scanned we do send notices on these, dozens a week. We do even disable domains with outdated scripts that are being hit by scanning bots and such. Some anti virus engines are even starting to detect them as unwanted items, which is a good thing IMO. We added to the TOS I believe it is right at 2 years ago now that we will quarantine/remove from access and virus/malware/trojans etc even without notice (we do try to give notice)
And the best thing I can post right now is that on the web17 server, most all is working now. We are aware a few sites having DNS still pointing wrong and a cause my have their config files pointing to the wrong listener, but it is responding and working. The DDOS attack is filtered somewhat at the moment and not causing delays on server, but if it returns we can drop/null route that IP safely and not impact the vast majority of the users now.