Results 1 to 25 of 25
  1. #1
    Join Date
    Sep 2012
    Posts
    41

    Seflow review: Stealing my money

    I want to post a dispute I have with Seflow here, to warn people for their service. Seflow is an Italian host provider specialized in anti-ddos solutions based in Milan.

    Since we host game servers we get a lot of ddos attacks from banned players so that's why we needed anti-ddos.

    We went with Seflow, ordered a dedicated server with 3 gbps protection with a 1 hour peak to 6 gbps. This wasn't enough and our IP got constantly blackholed so we upgraded our protection and payed for it, to 6gbps with one hour peak capability to 10 gbps. Now everything was fine and the blackholes were gone.

    The month went on with no issues at all and then I got an invoice for the next month which was € 274,50. I payed the invoice with Paypal and then things got bad really fast.

    One day after I payed the invoice Seflow emailed me and told me they had canceled my service because it had received 10 - 20 gpbs ddos traffic over the last 20 days and that they filtered it for me and that I needed to pay for that.

    So they canceled my service and refunded me only € 123,- of my new payment and told me they would take 151,50 for the overusage.

    They never informed me I was over using, or sent me an invoice for overused traffic and since my server was running fine that really surprised me.

    In fact I can still login to my control panel and I can see that I only used 211 GB of my 20.000 GB, so there is no overusage at all from what I know (see screenshot attached).

    They however, refused to refund me and I filed a Paypal claim. A few messages were exchanged where I was trying to explain to them it was unfair they took € 151,50 from me.

    Then they responded:

    This is my last message, are two days that i try to explain to you. We NOT TALK ABOUT BANDWIDTH USAGE, BUT BY ATTACK SIZE. As you posted you paid for 6Ge attack with 10ge peak for 1hours a day. Attack exceeded that limit, every day, so upgrade protection is needed.

    Here yesterday graph (and all day is the same). Blank space is when you went other 15ge (graph limit):

    https://dl.dropboxusercontent.com/u/68668465/furbo.gif

    And now please stop trying to scam us, we're a reputable provider. I know your joke, is well know in the internet market.
    Mirror of graph in case they delete it: http://s29.postimg.org/gdse6kyrr/furbo.gif

    Now they're saying I'm trying to scam them??? lol? He even posted a screenshot that doesn't even proof I'm going over 15 gbps. All I can see is 8 for a short perioid of time and he's filling in the blank spaces himself. I don't even have access to that graph nor he ever told me I was taking so much traffic.

    So watch out if you're planning to host with them. Everything looked fine from the start but as soon as you payed your second term they're reviewing your first month and just take your money and kick you out if you get attacked too much.

    Right now the Paypal dispute will probably escalate to a claim.

    I'll let you know how this goes but you have been warned.
    Attached Thumbnails Attached Thumbnails seflow.png  
    Last edited by martijnk; 12-11-2013 at 10:13 AM.

  2. #2
    Join Date
    Apr 2010
    Location
    Italy
    Posts
    334
    Dear Martijnk,
    i'm sorry to hear that review because is not the full story.

    You activate server with us with 3gbps peak 6gbps protection. In first week we received a full 24/24 8Ge ddos attack . We asked you upgrade to 6Ge peak 10Ge protection and all was done.

    In Last 10days you received 147 hours DDoS attack other 15Ge limit and only 7 hours without incoming ddos.

    This is your case and everybody can understand that nobody can protect 10-15ge ddos 24/24, 7 days to 7 at 280€/monthly.

    Now i give you time to take all data, find an alternative server and move it.

    I did you a big discount giving you a refund minus protection for last big attacks.

    Be honest with you, who in the world can protect range 10-15ge continous attack for 280€/month? Please, really, watch inside you and be honest.

    Have good day
    Last edited by MatteoB; 12-11-2013 at 10:35 AM.
    SeFlow.Net - Custom Dedicated Servers now with NVMe Disks
    SeFlow Secure Network 20+ IXP connected with Default DDoS Protection. Stay Up And Running. No Matter What.

  3. #3
    Join Date
    Sep 2012
    Posts
    41
    Quote Originally Posted by MatteoB View Post
    Dear Martijnk,
    i'm sorry to hear that review because is not the full story.

    You activate server with us with 3gbps peak 6gbps protection. In first week we received a full 24/24 8Ge ddos attack . We asked you upgrade to 6Ge peak 10Ge protection and all was done.

    In Last 10days you received 147 hours DDoS attack other 15Ge limit and only 7 hours without incoming ddos.

    This is your case and everybody can understand that nobody can protect 10-15ge ddos 24/24, 7 days to 7 with a 280€/monthly.

    Now i give you time to take all data, find an alternative server and move it.

    I did you a big discount giveing you a refund minus an package upgrade for the time we received so big attack.

    Be honest with you, who in the world can protect range 10-15ge continous attack for 280€/month? Please, really, watch inside you and be honest.

    Have good day
    Me of all people understand that you can't protect a continious 10 - 15 gbps attack for € 280 a month, of course.

    The problem is that Seflow never informed me that was even happening, so how can I know? I didn't know until Seflow presented me with the bill and canceled my service. I even payed for the new month already which starts tomorrow but my service was already canceled yesterday.

    I understand that I get kicked, but what I don't understand is that I don't get a refund.

  4. #4
    Join Date
    Apr 2010
    Location
    Italy
    Posts
    334
    hi,
    when attack go other the limit we blackhole service to avoid extra charges.

    You send me email to remove blackhole. Sorry but what you expect? That i start protecting you for free?

    You received email that ip was blackholed due to high attack, if you ask me to remove blackhole for me is clear that you accept extra charges.

    For the "partial refund", this is what i write you:

    For easy management i take that money from refund. If you not want it, please pay 151,50 invoice for extra protection and i will refund you 151,50 of next month payment


    But for me that make not sense, why pay paypal fees two time? But if you need it not a problem, please pay 151,50euro of unpaid invoice and i will refund 151,50 euro of next month payment.
    Last edited by MatteoB; 12-11-2013 at 10:46 AM.
    SeFlow.Net - Custom Dedicated Servers now with NVMe Disks
    SeFlow Secure Network 20+ IXP connected with Default DDoS Protection. Stay Up And Running. No Matter What.

  5. #5
    Join Date
    Sep 2012
    Posts
    41
    Quote Originally Posted by MatteoB View Post
    hi,
    when attack go other the limit we blackhole service to avoid extra charges.

    You send me email to remove blackhole. Sorry but what you expect? That i start protecting you for free?

    You received email that ip was blackholed due to high attack, if you ask me to remove blackhole for me is clear that you accept extra charges.

    For the "partial refund", this is what i write you:

    For easy management i take that money from refund. If you not want it, please pay 151,50 invoice from extra protection and i will refund you 151,50 of next month payment


    But for me that make not sense, why pay paypal fees two time? But if you need it not a problem, please pay 151,50euro of unpaid invoice and i will refund 151,50 euro of next month payment.
    Nah not true, the blackhole was active for a lot of hours so I asked for a removal if the attack was over, not for extra protection for extra money. If I wanted that I would have told you so.

    Besides you didn't mention extra charges, any reasonable company would at least say hey, I can remove it but it's gonna cost you. You just assume I want to be charged extra which is bad, very bad.

    But hey if you want to fight over this in public and get bad publicity over € 151,50 then it's fine by me. I will win the Paypal claim anyway.

    Or, we can solve this in private and find a middle way to settle this, but clearly you're not interested in that.

  6. #6
    Join Date
    Apr 2010
    Location
    Italy
    Posts
    334
    this is the email:

    Matteo can u plz remove blackhole on 95.141.37.197

    Thx
    Where is the part where you ask us to remove blackhole only if attack is over?

    Sorry but i'm a honest person, i prefer that other people think "that's sound unprofessional" even they think "is a scammer". I'm ALWAYS honest, ALWAYS.

    Have a good day martijnk
    SeFlow.Net - Custom Dedicated Servers now with NVMe Disks
    SeFlow Secure Network 20+ IXP connected with Default DDoS Protection. Stay Up And Running. No Matter What.

  7. #7
    Join Date
    Sep 2012
    Posts
    41
    Quote Originally Posted by MatteoB View Post
    this is the email:



    Where is the part where you ask us to remove blackhole only if attack is over?

    Sorry but i'm a honest person, i prefer that other people think "that's sound unprofessional" even they think "is a scammer". I'm ALWAYS honest, ALWAYS.

    Have a good day martijnk
    Lol so if I ask can you please remove the blackhole you assume I say:

    "Matteo, please remove the blackhole on my IP and please increase my monthly fee. I don't care how big the attack is just filter it and I will pay any amount you charge."

    And then you went ahead and just did that without confirming with me first? lol

    Sory to say this Matteo but you're a complete joke. Might be the language barrier I don't know.

  8. #8
    Join Date
    Sep 2012
    Posts
    41
    Ok so now you escalated the dispute to a claim. Good for you Matteo. You know I don't even care about the money or winning or losing the claim.

    This topic alone already costs you more business then the 151,50 you're gonna win from me. I would probably settle for 100 but you're not willing to do ANYTHING. Not even make me an offer.

    Good luck Matteo.

  9. #9
    Join Date
    Dec 2011
    Location
    Germany
    Posts
    1,180
    That's indeed a somewhat weird business practice - deducting a fee for protection overusage from next month's payment without confirmation from the client. However, it's true that a continuous 15Gbps attack generates a lot of costs (although the only screenshot we have shows just a few hours with a short peek to 8Gbps+) and it would be impossible to protect that for just 280€/mo. Yet I thought it would be common to contact the client first, discuss the situation with him and ask him if he wants to upgrade the protection plan. If he wants to upgrade, he pays the invoice for the upgrade and then he gets the level of protection he pays for. And well, if he doesn't want to upgrade, the only option would be to nullroute the IP of course. Did you read the Seflow TOS? Maybe they got such a situation covered - at least we have.
    Inbound Marketing & real SEO for web hosting providers
    ✎ Get in touch with me: co<at>infinitnet.de

  10. #10
    Join Date
    Apr 2010
    Location
    Italy
    Posts
    334
    Quote Originally Posted by infinitnet View Post
    That's indeed a somewhat weird business practice - deducting a fee for protection overusage from next month's payment without confirmation from the client. However, it's true that a continuous 15Gbps attack generates a lot of costs (although the only screenshot we have shows just a few hours with a short peek to 8Gbps+) and it would be impossible to protect that for just 280€/mo. Yet I thought it would be common to contact the client first, discuss the situation with him and ask him if he wants to upgrade the protection plan. If he wants to upgrade, he pays the invoice for the upgrade and then he gets the level of protection he pays for. And well, if he doesn't want to upgrade, the only option would be to nullroute the IP of course. Did you read the Seflow TOS? Maybe they got such a situation covered - at least we have.
    Hi,
    i deduced it because he already did it just 20 days earlier. He found blackhole and ask to remove it for upgrading it. I deduced was the same situation.
    SeFlow.Net - Custom Dedicated Servers now with NVMe Disks
    SeFlow Secure Network 20+ IXP connected with Default DDoS Protection. Stay Up And Running. No Matter What.

  11. #11
    Join Date
    Dec 2011
    Location
    Germany
    Posts
    1,180
    Quote Originally Posted by MatteoB View Post
    Hi,
    i deduced it because he already did it just 20 days earlier. He found blackhole and ask to remove it for upgrading it. I deduced was the same situation.
    Well, if he really asked you to upgrade, then I don't see any issue here. Although it might have been better to generate a separate invoice for the upgrade rather than to deduct it from next month's payment, but business practices are different I guess.
    Inbound Marketing & real SEO for web hosting providers
    ✎ Get in touch with me: co<at>infinitnet.de

  12. #12
    Join Date
    Apr 2010
    Location
    Italy
    Posts
    334
    Quote Originally Posted by infinitnet View Post
    Well, if he really asked you to upgrade, then I don't see any issue here. Although it might have been better to generate a separate invoice for the upgrade rather than to deduct it from next month's payment, but business practices are different I guess.
    but there is a separate invoice. I just use next month payment to cover due invoices. Just to be clear:

    151,50€ upgrade (due invoice)
    280.00€ next month fee

    i refunded to customer about 128€ . You really think that if i refund 280€ then customer pay me due invoice looking at the mess he's doing here?
    SeFlow.Net - Custom Dedicated Servers now with NVMe Disks
    SeFlow Secure Network 20+ IXP connected with Default DDoS Protection. Stay Up And Running. No Matter What.

  13. #13
    Join Date
    Dec 2011
    Location
    Germany
    Posts
    1,180
    I didn't know there was a separate invoice for the upgrade that the customer agreed to. If that was the case and he didn't pay the upgrade invoice within a week or so, then I would have done the same I guess.
    Inbound Marketing & real SEO for web hosting providers
    ✎ Get in touch with me: co<at>infinitnet.de

  14. #14
    Join Date
    Sep 2012
    Posts
    41
    Nope there was no seperate invoice at all. Perhaps in Seflow's administration but not in mine and not even in the control panel where I could logon to. I didn't get an email of such an invoice or anything.

    I was only made aware that it existed after they canceled my service and that was still only by email where Matteo said it existed, no invoice on paper, not a PDF, not anything at all. The first time Matteo told me about the overused traffic was again when they canceled my service. I didn't know anything until then.

    Anyway, when I told Seflow to remove the blackhole from my IP, I asked them to...remove the blackhole from my IP. I assumed the attack was already over because from my experience most providers blackhole for up to 8 hours even if the attack only lasts 10 minutes.

    I upgraded my protection before with seflow, and guess what I instructed them to do when I did that? I asked them to upgrade my protection. Seflow send me an invoice and I payed it, after that it was upgraded. Why would a question to remove a blackholed IP suddenly become the same? I'm not talking Chinese am I? I clearly asked Seflow what to do.

    Matteo, we've both made an assumption. I think yours was bigger than mine but still we assumed so let's meet in the middle and cut the invoice in half so refund me € 75 and we're done with it. You can even keep the € 1.50.

    I think that's a real generous offer after you were calling a paying customer a fraud, or a scam or whatever which was really offending.

  15. #15
    Join Date
    May 2012
    Posts
    839
    Well, Seflow are a good company but DDOS protection costs a lot & only OVH do it for free.So, if you're looking to do it at a budget switch to OVH to avoid all these hastles.Something here worth to noting for al the OVH haters

  16. #16
    Join Date
    Sep 2012
    Posts
    41
    Quote Originally Posted by Sledger View Post
    Well, Seflow are a good company but DDOS protection costs a lot & only OVH do it for free.So, if you're looking to do it at a budget switch to OVH to avoid all these hastles.Something here worth to noting for al the OVH haters
    Well, you're right I already had a server with OVH and it never gets attacked? I was wondering why but reading your reply it does get attacked only OVH is filtering it?

    If that's the case then I'll move everything to OVH instantly.

  17. #17
    Join Date
    May 2012
    Posts
    78
    Quote Originally Posted by martijnk View Post
    Well, you're right I already had a server with OVH and it never gets attacked? I was wondering why but reading your reply it does get attacked only OVH is filtering it?

    If that's the case then I'll move everything to OVH instantly.
    lol at these threads. Move to OVH, don't come back here and blame "OVH FAILED DDOS PROTECTION AND DONT WANT TO GIVE ME MONEY".

    I honestly think they're ddos protection would fail in the event of multi small-medium scale attacks.

  18. #18
    Join Date
    Sep 2012
    Posts
    41
    Quote Originally Posted by LeetGN View Post
    lol at these threads. Move to OVH, don't come back here and blame "OVH FAILED DDOS PROTECTION AND DONT WANT TO GIVE ME MONEY".

    I honestly think they're ddos protection would fail in the event of multi small-medium scale attacks.
    That's one thing I read about OVH all the time, one person thinks they are the worst ever, the other one says they are the best. I never had an opinion about OVH that said they were mediocre

    I don't know what a multi small-medium scale attack is like. Is that 10 gbps or 100 gbs?

  19. #19
    Join Date
    Jul 2012
    Posts
    188
    Quote Originally Posted by martijnk View Post
    Well, you're right I already had a server with OVH and it never gets attacked? I was wondering why but reading your reply it does get attacked only OVH is filtering it?

    If that's the case then I'll move everything to OVH instantly.
    OVH offers DDoS filtering with no limits, there is mixed reviews out there. I'd be careful who you believe, both sides here are fighting really hard to have people believe them, the people who say it does nothing, and the people who say it is some silver bullet.

    This is kind of confusing with the blackholing and all but most hosts use a timer and won't remove the nullroute before that expires. For example if I exceed my 10gbps protection at black lotus they nullroute me for x hours and then it is removed. If the attack comes back above the 10gbps then they would readd it I'm sure. Charging an upgrade is interesting in this case... Don't think I've ever seen that before...

  20. #20
    Join Date
    Aug 2010
    Location
    Belgium
    Posts
    657
    Quote Originally Posted by martijnk View Post
    That's one thing I read about OVH all the time, one person thinks they are the worst ever, the other one says they are the best. I never had an opinion about OVH that said they were mediocre

    I don't know what a multi small-medium scale attack is like. Is that 10 gbps or 100 gbs?
    You may be impacted negatively by running game servers on OVH. For example there is no layer 7 portection.
    AssetGateway
    █ Skype da_arco

  21. #21
    Join Date
    Sep 2012
    Posts
    41
    Quote Originally Posted by YDomer View Post
    OVH offers DDoS filtering with no limits, there is mixed reviews out there. I'd be careful who you believe, both sides here are fighting really hard to have people believe them, the people who say it does nothing, and the people who say it is some silver bullet.

    This is kind of confusing with the blackholing and all but most hosts use a timer and won't remove the nullroute before that expires. For example if I exceed my 10gbps protection at black lotus they nullroute me for x hours and then it is removed. If the attack comes back above the 10gbps then they would readd it I'm sure. Charging an upgrade is interesting in this case... Don't think I've ever seen that before...
    Problem is that anybody can do 10 gbps these days. With DNS amp attacks you only need 1/50th of 10 gbps to reach that amount, which is 200 mbps so any machine with a gigabit uplink will do. If you need open resolvers to amplify your attack just go to hackforums.net, they are posting them at no charge.

    This means the protection most companies offer is already outdated. I have a server with Sharktech they offer 10 gbps as well but the attacker just sends 11 and my machine gets blackholed for at least 12 hours. Once the attacker is aware of this he only needs to sent 11 gbps for 5 seconds and you are out of production for 12 hours which is unacceptable.

    Intreppid (Staminus) is a liitle bit better they remove the blackhole usually 10 minutes after the 10 gbit+ attack is over but then the attacker just attacks you all day long, so that's no solution either. They charge $299 for a dedicated server + 10 gbps protection, if you want 30 gbps the price goes up to $3000 a month and that's not even a guarantee because the attacker will probably just sent 31 gbps just as easy.

    All these solutions are overpriced and I've been struggling with ddos attacks for 2 years now until I went to OVH. Since I'm at OVH nobody bothered me with ddos attacks since, so whatever people are saying about OVH it's the first host in 2 years that eliminates the ddos problems for me, and I've had a lot of host providers during that time who either blackhole you, or kick you out if the attack gets too big. (Or first kick you out and then charge you for overuse like Seflow).

    So yeah I believe in OVH's solution, breaking down the attack and let it hit multiple data centers instead of one. Cloudflare does the same with anycast and it just works, my website is always online no matter how big the ddos attack is thanks to Cloudflare and now OVH is doing the same.

    So I'm really happy with OVH so far, the idea alone that my attackers are probably giving everything they got as we speak right now with no result at all makes me really happy

    Oh and by the way my OVH server costs me € 110,- a month! Seflow charged me € 275,- and for that amount I got a slower server with only 6 gbps protection!
    Last edited by martijnk; 12-13-2013 at 03:22 PM.

  22. #22
    Quote Originally Posted by martijnk View Post
    This means the protection most companies offer is already outdated. I have a server with Sharktech they offer 10 gbps as well but the attacker just sends 11 and my machine gets blackholed for at least 12 hours. Once the attacker is aware of this he only needs to sent 11 gbps for 5 seconds and you are out of production for 12 hours which is unacceptable.
    That is NOT entirely accurate. We had these problems and have put in place steps to avoid this. I really can't discuss them in public as it may jeopardize our systems success, but I can tell you with certainty that is not the case not when your IPs are being attacked. We will soon be reporting this kind of information to our customers and will give you a better idea of what is going on.

    Just like us Martijn, you will not find many willing to discuss their systems, filtering techniques and their DDOS policies in public, the information you are disclosing about their filtering techniques is just not helpful.

  23. #23
    Join Date
    Sep 2012
    Posts
    41
    Quote Originally Posted by Jigy View Post
    That is NOT entirely accurate. We had these problems and have put in place steps to avoid this. I really can't discuss them in public as it may jeopardize our systems success, but I can tell you with certainty that is not the case not when your IPs are being attacked. We will soon be reporting this kind of information to our customers and will give you a better idea of what is going on.

    Just like us Martijn, you will not find many willing to discuss their systems, filtering techniques and their DDOS policies in public, the information you are disclosing about their filtering techniques is just not helpful.
    Fact of the matter remains, if you host servers as a hobby / for non-profit like me and you have one annoying kid with too much time on his hands that's out there to get you you're pretty much screwed. I can't pay thousands of dollars for protection like the big enterprise companies can.

    It probably only takes one 12 year old kid with a Paypal account with $5 on it to sent a major multi-gbps attack to your datacenter which is almost impossible to protect from except for blackholing the IP upstream. 20-30 gbps is nothing these days.

    This will only get worse btw, it's not a matter if you're going to be attacked but when because everybody can do it. I've been on attack almost every day of the week for 2 years now so it's hard to find a decent host provider at a reasonable price. At least you guys didn't kick me out yet

    It's more and more in the news though, data centers getting outage because of extreme high bandwidth ddos attacks and I just have the idea that instead of innovating to do something about it (like OVH just did which actually works, at least for now!) all providers do is either constantly blackhole you or they just pull the plug and let you go.

    And yes I understand you can't discuss your systems / filtering techniques but it's VERY easy to find out for an attacker when your system works and at what level it will fail. They just start with 10 gbps and slowly move it up to 40 until you have no choice but blackhole.

    Btw I'm curious what you mean with 'reporting it to our customers'. Does that mean we'll get an insight in the attacks?

    Thanks.
    Last edited by martijnk; 12-17-2013 at 10:07 AM.

  24. #24
    Martijn,

    We are well aware of the predicament that many of the attacks these days are reaching over 10ge (not all of your attacks even reach that much), and although we advertise 10g DDoS protection before you reach our limit 90% of the time that's not the case and the attack you are receiving is exceeding 20gbps before the target ip is black holed.

    10g DDoS protection is simply the minimum commit we can claim due to many variables, but like I said above many times that's not the case.

    You will be receiving news emails soon about some new service and features in the pipeline.

  25. #25
    I think the main point has been lost here. As I understand it you were billed by SeFlow without agreeing to the charge? They simply upgraded you to the next protection level because you asked for a null route to be removed?

    I think before removing the null route they should have discussed your protection needs further and explained any charges they were going to levy.

Similar Threads

  1. Seflow review
    By powergo in forum Dedicated Server
    Replies: 1
    Last Post: 10-11-2013, 07:12 AM
  2. Seflow.it review - slow speed
    By Seflow-Scam in forum Dedicated Server
    Replies: 21
    Last Post: 03-01-2013, 09:33 AM
  3. Replies: 4
    Last Post: 02-19-2013, 07:18 PM
  4. IPowerWeb.com Stealing My Money!!
    By karimata in forum Web Hosting
    Replies: 7
    Last Post: 07-04-2007, 01:50 PM
  5. AITcom is stealing my money
    By Shan in forum Web Hosting
    Replies: 26
    Last Post: 12-25-2001, 08:26 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •