Results 26 to 44 of 44
-
12-21-2006, 05:29 PM #26Location = SoapBox
- Join Date
- Oct 2003
- Posts
- 6,564
Oh, I see. The clients bear no responsibility whatsoever for anything they install, so if one of your clients has an insecure script that gets exploited for spamming, and lands whatever server you lease in a blacklist somewhere (or worse yet, gets the entire server shut off, at some providers), you won't have any problem with that. After all, you should have found it for them and upgraded it, right? That's good to know.
There is nothing wrong with what hostgator has done. This is the way they operate their business and it makes total sense -
Another option would be to find the insecure script and remove only the portion with the problem and notify your client of the issue, what you needed to disable to maintain service and what needs to be done to resolve. Additionally, you can track down the exploit and it usually is not overly difficult to write a mod_security rule to block it (and in this case, that oscommerce vulnerability is really easy to block via mod_security)
So, there are 2 sides to this argument - and again, for their business model, hostgator handled this as 1 would have expected. They are working with the client to resolve and once the client resolves, they will re-activate - as per their TOS and as per their business model.
From the clients perspective, if you expect actual script support beyound a simple script installer, there are costs associated with that and not all providers are able to accomodate that. The problem is, and the reason why its not appropriate to attack a customer over this, is because a client has a reasonable expectation that a provided script via a script installer will come with a certain amount of script specific support - and honestly, both parties are to blame for this - as the consumer should be better educated - and the providers marketing pages usually arent overly clear on these types of things....
-
12-21-2006, 05:56 PM #27Aspiring Evangelist
- Join Date
- Jun 2004
- Location
- Tampa Florida
- Posts
- 428
I can understand where this would be frustrating.. But if you want a higher level of service, such as being contacted via phone when something like this happens, or being kept in the loop on when scripts go out of date, you will generaly want a small host or one you pay a good deal more to for the support.
HostGator is a large host. It would take a huge amount of staff to notify everyone personaly whenever there was any type of issue.Rock solid hosting and dedicated servers since 1998!
StabilityHosting Where stability and uptime are king!
-
12-21-2006, 06:04 PM #28Location = SoapBox
- Join Date
- Oct 2003
- Posts
- 6,564
or one you pay a good deal more to for the support.
It would take a huge amount of staff to notify everyone personaly whenever there was any type of issue.
-
12-21-2006, 06:35 PM #29Aspiring Evangelist
- Join Date
- Jun 2004
- Location
- Tampa Florida
- Posts
- 428
To fire off an email... That would be easy. Process could handle that. But more than that would be difficult for a large host unless they are brimming with staff. It does sound like the OP should have been informed of the issue via email at the time he was suspended. This would have been easily done. (And may have been done for all we know.)
The talk about a host informing people when a script package needs to be updated... Thats a forum post at best.. Even that may be hard to maintain if we are talking about more than a few scripts.
So may hosts are opperating on the edge as far as staff is concerned.. It gets hard for them to keep up communications. In generaly, smaller hosts that focus on support are much better at this sort of thing.Rock solid hosting and dedicated servers since 1998!
StabilityHosting Where stability and uptime are king!
-
12-21-2006, 06:50 PM #30Location = SoapBox
- Join Date
- Oct 2003
- Posts
- 6,564
Hi vantage,
I certainly understand what you are saying and you definately make some valid points. However, from an admin perspective, once you have isolated the domain causing the issue, half of the work is done - and writing a mod_security ruleset when appropriate just reduces work load over time and may stop more exploits before they happen (and I am not suggesting that HG has or has not done this, I am certain their security is top notch)
Having said this, I do agree with you in principle - I just believe this is cost related rather then a scalability issue (as we have had no issue maintaining this over a growing fleet of servers and I simply cannot see how 5x or 10x or 100x the number of servers would change this - however, we certainy do charge more for this level of script support). Its not really worth going back and forth on this one - as we definately agree on the primary points here - and heck, even in the most thorough and inclusive support, sometimes you still need to suspend accounts and not much can be done about that.
-
12-21-2006, 07:10 PM #31Temporarily Out of Service
- Join Date
- Dec 2002
- Location
- texas
- Posts
- 1,333
I spoke to our system admin who suspended the site. I found in this particular case we are to blame for how the spamming incident was handled. The Admin who handled this said while he was sending out the notification email one of our servers had a huge spike that needed to be investigated. He told me that he intended to come back to the issue and contact the customer / disable the problem script, but that he must have forgotten while investigating the server.
We handle thousands of tickets a day, and it seems every mistake we make ends up on wht. Nobody is perfect so even at a 1% ticket mistake rate that's adds up being a lot of mistakes.
Please accept my apology on how this incident was handled.
-
12-22-2006, 02:19 AM #32Retired Moderator
- Join Date
- Oct 2002
- Location
- EU - east side
- Posts
- 21,920
At least we know someone's watching, is willing to accept responsibility for the eventual imperfections, and can take corrective and coercive measures, as required.
-
12-22-2006, 05:59 AM #33Junior Guru Wannabe
- Join Date
- Jun 2006
- Location
- Birmingham
- Posts
- 31
Originally Posted by ldcdc
-
12-22-2006, 06:17 AM #34Aspiring Evangelist
- Join Date
- Oct 2006
- Location
- Tipton, IN
- Posts
- 417
Originally Posted by Birmingham
You shouldn't have to come to WHT (While it's not the most important popular webhosting forum, it's definantly a GREAT resource) to get satisfactory responses from Host Gator. They should be able to provide you these satisfactory responses through their own support methods, or through email..
It is a shame when you have to come here and GET those satisfactory responses though, as it means they still have some staff members that need either retrained or replaced. AS they cannot provide satisfactory answers to what they're doing to their clients as they're doing it.
Does anyone else see this as strange to have a response like that, or is it just the heavy methane after the meatlovers pizza possessing me?
-
12-22-2006, 06:43 AM #35Web Hosting Master
- Join Date
- Dec 2006
- Posts
- 599
CEngine, could you name or PM me other Webhosting forums ?
-
12-22-2006, 07:48 AM #36Junior Guru Wannabe
- Join Date
- Jun 2006
- Location
- Birmingham
- Posts
- 31
Originally Posted by PigFat
WHT is one of the few pr8 forums on the web and it's tops in google.com for web hosting forum (http://www.google.com/search?q=web+hosting+forum)
anyway, not to sway from the topic, i think the hostgator representative rightly said that there are bound to be some bad incidents.
on the down side it happened in the first place
but
on the plus side it was swiftly corrected
i'm prepared to forgive if i don't see too many similar incidents in the near future
-
12-22-2006, 08:58 AM #37Aspiring Evangelist
- Join Date
- Oct 2006
- Location
- Tipton, IN
- Posts
- 417
Originally Posted by PigFat
The most important popular forum (this should be clear and understandable to anyone for a good reason), should be that of your host. I believe, their forums, should remain the most important (and popular to check out) than any external forum.
Such as, well, for instance.. http://forums.hostgator.com/
If your host doesn't have a forum, then the next best thing. WHT.
But, the whole point of my post was.
THIS FORUM SHOULD NOT HAVE TO BE USED TO GET DECENT OR SATISFACTORY RESPONSES FROM YOUR HOST! IF IT HAS TO BE THAT WAY, THEN THERE'S SOMETHING DEATHFULLY WRONG! IF THEY COULDN'T GIVE THAT ANSWER IN PRIVATE, OR EVEN CARE ENOUGH TO INVESTIGATE WHAT WENT WRONG BEFORE YOU WENT TO WHT TO GET AN ANSWER, THEN THERE IS SOMETHING WRONG WITH THAT PICTURE.
Hopefully that's a little clearer.
-
12-22-2006, 09:01 AM #38Web Hosting Master
- Join Date
- Dec 2006
- Posts
- 599
Originally Posted by CEngine
*If you want*
Originally Posted by CEngine
-
12-28-2006, 01:15 AM #39New Member
- Join Date
- Dec 2006
- Posts
- 1
Originally Posted by SoloColo
-
12-30-2006, 07:41 PM #40Newbie
- Join Date
- Oct 2005
- Posts
- 13
Originally Posted by hostgator.com
I like a company that can say when it's wrong and say sorry.
Now when will my account be upgraded to the new specs
-
12-31-2006, 11:27 AM #41Newbie
- Join Date
- Apr 2006
- Posts
- 10
It's odd, I just posted yesterday, just to compliment HostGator on my experience.
Personally, I think that HostGator (or any other host) should not suspend an account without taking due measures to contact the client. The previous (awful) host I had did that to me twice - they just put up a home page that said "Temporarily suspended - if you are the host of this site, please contact us". That's awful in itself. (And my site wasn't the problem, it had run smoothly for months and nothing had changed; they found some other site hogging the processor).
It doesn't matter if it's a large-scale webhost. Actually, it's even more important in that case. The larger you get, the more focus there should be on the customer satisfaction aspect.
Suspending accounts in good standing is unconscionable, unless a client is exhibiting that behavior from day 1. Four hours of down time is way too long. I totally agree with an earlier comment here:
find the insecure script and remove only the portion with the problem and notify your client of the issue, what you needed to disable to maintain service and what needs to be done to resolve
I just sent you the email with all the proof of your account spamming 1000's of people. Please work with us in the ticket to track down your vulnerable script we so can get you turned back on. Thanks!
You had to recant afterwards that the client wasn't at fault. I think that makes you look even worse than suspending the account.
It would be much better if the first response after posting to the client to contact with the ticket number was the one after the resolution:
I spoke to our system admin who suspended the site. I found in this particular case we are to blame for how the spamming incident was handled. The Admin who handled this said while he was sending out the notification email one of our servers had a huge spike that needed to be investigated. He told me that he intended to come back to the issue and contact the customer / disable the problem script, but that he must have forgotten while investigating the server.
We handle thousands of tickets a day, and it seems every mistake we make ends up on wht. Nobody is perfect so even at a 1% ticket mistake rate that's adds up being a lot of mistakes.
Please accept my apology on how this incident was handled.Last edited by sam642000; 12-31-2006 at 11:38 AM.
-
12-31-2006, 02:20 PM #42Location = SoapBox
- Join Date
- Oct 2003
- Posts
- 6,564
Hi Sam,
In all due fairness, Brent came on the forum and apologized for the error. Mistakes happen, I think we should let this go.
You have got to admit that on the whole hostgator has a great reputation - so, lets not make a big deal of a single mistake, especially one that was admitted to and apologized for - what else would you want a host to do when a mistake happens??
Please accept my apology on how this incident was handled.
-
12-31-2006, 04:27 PM #43Newbie
- Join Date
- Oct 2005
- Posts
- 13
Originally Posted by sam642000
Hostgator were right to take action. They should suspend the script if they can quickly identify it or the account whilst things are investigated.
The hosting client is not the bad person, the spammer is. The hosting client is responsible for their scripts though.
Hostgator have admitted an error and explained what they should have done which sounds fair to me.
-
01-06-2007, 05:57 PM #44New Member
- Join Date
- Jan 2007
- Posts
- 3
I was speaking with tech support today and they brought up a VERY valid point as to why they would suspend an account without warning.
Bill D.: If you're site is bogging down the server, we will not email you -- wait 4 hours to receive a response -- THEN work to resolve the issue, while there could be 100 other users on that server also suffering...
If, however, you are on a dedicated server, that is a completely different question.