Page 2 of 2 FirstFirst 12
Results 26 to 44 of 44
  1. #26
    Oh, I see. The clients bear no responsibility whatsoever for anything they install, so if one of your clients has an insecure script that gets exploited for spamming, and lands whatever server you lease in a blacklist somewhere (or worse yet, gets the entire server shut off, at some providers), you won't have any problem with that. After all, you should have found it for them and upgraded it, right? That's good to know.
    Certainly the clients bear some responsibility, but, at the same time, clients are generally not overly savy about this sort of thing - which is why they are paying their provider.

    There is nothing wrong with what hostgator has done. This is the way they operate their business and it makes total sense -

    Another option would be to find the insecure script and remove only the portion with the problem and notify your client of the issue, what you needed to disable to maintain service and what needs to be done to resolve. Additionally, you can track down the exploit and it usually is not overly difficult to write a mod_security rule to block it (and in this case, that oscommerce vulnerability is really easy to block via mod_security)

    So, there are 2 sides to this argument - and again, for their business model, hostgator handled this as 1 would have expected. They are working with the client to resolve and once the client resolves, they will re-activate - as per their TOS and as per their business model.

    From the clients perspective, if you expect actual script support beyound a simple script installer, there are costs associated with that and not all providers are able to accomodate that. The problem is, and the reason why its not appropriate to attack a customer over this, is because a client has a reasonable expectation that a provided script via a script installer will come with a certain amount of script specific support - and honestly, both parties are to blame for this - as the consumer should be better educated - and the providers marketing pages usually arent overly clear on these types of things....

  2. #27
    Join Date
    Jun 2004
    Location
    Tampa Florida
    Posts
    428
    I can understand where this would be frustrating.. But if you want a higher level of service, such as being contacted via phone when something like this happens, or being kept in the loop on when scripts go out of date, you will generaly want a small host or one you pay a good deal more to for the support.
    HostGator is a large host. It would take a huge amount of staff to notify everyone personaly whenever there was any type of issue.
    Rock solid hosting and dedicated servers since 1998!
    StabilityHosting Where stability and uptime are king!

  3. #28
    or one you pay a good deal more to for the support.
    I would say this is pretty accurate...

    It would take a huge amount of staff to notify everyone personaly whenever there was any type of issue.
    Not at all. It would take a well defined process - This is just communication - and if the process exists for admins to identify/resolve issues rather then suspending accounts, it is not difficult to implement and it certainly is scalable - having said this, there are certainly costs associated with this level of support.

  4. #29
    Join Date
    Jun 2004
    Location
    Tampa Florida
    Posts
    428
    To fire off an email... That would be easy. Process could handle that. But more than that would be difficult for a large host unless they are brimming with staff. It does sound like the OP should have been informed of the issue via email at the time he was suspended. This would have been easily done. (And may have been done for all we know.)

    The talk about a host informing people when a script package needs to be updated... Thats a forum post at best.. Even that may be hard to maintain if we are talking about more than a few scripts.
    So may hosts are opperating on the edge as far as staff is concerned.. It gets hard for them to keep up communications. In generaly, smaller hosts that focus on support are much better at this sort of thing.
    Rock solid hosting and dedicated servers since 1998!
    StabilityHosting Where stability and uptime are king!

  5. #30
    Hi vantage,

    I certainly understand what you are saying and you definately make some valid points. However, from an admin perspective, once you have isolated the domain causing the issue, half of the work is done - and writing a mod_security ruleset when appropriate just reduces work load over time and may stop more exploits before they happen (and I am not suggesting that HG has or has not done this, I am certain their security is top notch)

    Having said this, I do agree with you in principle - I just believe this is cost related rather then a scalability issue (as we have had no issue maintaining this over a growing fleet of servers and I simply cannot see how 5x or 10x or 100x the number of servers would change this - however, we certainy do charge more for this level of script support). Its not really worth going back and forth on this one - as we definately agree on the primary points here - and heck, even in the most thorough and inclusive support, sometimes you still need to suspend accounts and not much can be done about that.

  6. #31
    Join Date
    Dec 2002
    Location
    texas
    Posts
    1,333
    I spoke to our system admin who suspended the site. I found in this particular case we are to blame for how the spamming incident was handled. The Admin who handled this said while he was sending out the notification email one of our servers had a huge spike that needed to be investigated. He told me that he intended to come back to the issue and contact the customer / disable the problem script, but that he must have forgotten while investigating the server.
    We handle thousands of tickets a day, and it seems every mistake we make ends up on wht. Nobody is perfect so even at a 1% ticket mistake rate that's adds up being a lot of mistakes.

    Please accept my apology on how this incident was handled.

  7. #32
    Join Date
    Oct 2002
    Location
    EU - east side
    Posts
    21,920
    At least we know someone's watching, is willing to accept responsibility for the eventual imperfections, and can take corrective and coercive measures, as required.

  8. #33
    Join Date
    Jun 2006
    Location
    Birmingham
    Posts
    31
    Quote Originally Posted by ldcdc
    At least we know someone's watching, is willing to accept responsibility for the eventual imperfections, and can take corrective and coercive measures, as required.
    agreed - i'm quite impressed with the outcome of this case and i'm now more confident than before at going with hostgator. it's a shame it had to come to a seriously critical thread in the most popular web hosting forum on the web to sort it though. at least as long as i know i can get satisfactory responses from the hostgator staff by posting in this forum then i will personally feel safer with their hosting - i feel sorry for the victims that don't have such a loud voice though.

  9. #34
    Join Date
    Oct 2006
    Location
    Tipton, IN
    Posts
    417
    Quote Originally Posted by Birmingham
    agreed - i'm quite impressed with the outcome of this case and i'm now more confident than before at going with hostgator. it's a shame it had to come to a seriously critical thread in the most popular web hosting forum on the web to sort it though. at least as long as i know i can get satisfactory responses from the hostgator staff by posting in this forum then i will personally feel safer with their hosting - i feel sorry for the victims that don't have such a loud voice though.
    There, in and of itself, is the problem.

    You shouldn't have to come to WHT (While it's not the most important popular webhosting forum, it's definantly a GREAT resource) to get satisfactory responses from Host Gator. They should be able to provide you these satisfactory responses through their own support methods, or through email..

    It is a shame when you have to come here and GET those satisfactory responses though, as it means they still have some staff members that need either retrained or replaced. AS they cannot provide satisfactory answers to what they're doing to their clients as they're doing it.

    Does anyone else see this as strange to have a response like that, or is it just the heavy methane after the meatlovers pizza possessing me?

  10. #35
    Join Date
    Dec 2006
    Posts
    599
    CEngine, could you name or PM me other Webhosting forums ?

  11. #36
    Join Date
    Jun 2006
    Location
    Birmingham
    Posts
    31
    Quote Originally Posted by PigFat
    CEngine, could you name or PM me other Webhosting forums ?
    me too please.

    WHT is one of the few pr8 forums on the web and it's tops in google.com for web hosting forum (http://www.google.com/search?q=web+hosting+forum)

    anyway, not to sway from the topic, i think the hostgator representative rightly said that there are bound to be some bad incidents.

    on the down side it happened in the first place
    but
    on the plus side it was swiftly corrected

    i'm prepared to forgive if i don't see too many similar incidents in the near future

  12. #37
    Join Date
    Oct 2006
    Location
    Tipton, IN
    Posts
    417
    Quote Originally Posted by PigFat
    CEngine, could you name or PM me other Webhosting forums ?
    Not that it has anything to do with the topic at hand, or even the point of my post.

    The most important popular forum (this should be clear and understandable to anyone for a good reason), should be that of your host. I believe, their forums, should remain the most important (and popular to check out) than any external forum.

    Such as, well, for instance.. http://forums.hostgator.com/

    If your host doesn't have a forum, then the next best thing. WHT.

    But, the whole point of my post was.

    THIS FORUM SHOULD NOT HAVE TO BE USED TO GET DECENT OR SATISFACTORY RESPONSES FROM YOUR HOST! IF IT HAS TO BE THAT WAY, THEN THERE'S SOMETHING DEATHFULLY WRONG! IF THEY COULDN'T GIVE THAT ANSWER IN PRIVATE, OR EVEN CARE ENOUGH TO INVESTIGATE WHAT WENT WRONG BEFORE YOU WENT TO WHT TO GET AN ANSWER, THEN THERE IS SOMETHING WRONG WITH THAT PICTURE.

    Hopefully that's a little clearer.

  13. #38
    Join Date
    Dec 2006
    Posts
    599
    Quote Originally Posted by CEngine
    Not that it has anything to do with the topic at hand, or even the point of my post.
    Could ya PM me just a few from the top of ya head?
    *If you want*


    Quote Originally Posted by CEngine

    THIS FORUM SHOULD NOT HAVE TO BE USED TO GET DECENT OR SATISFACTORY RESPONSES FROM YOUR HOST! IF IT HAS TO BE THAT WAY, THEN THERE'S SOMETHING DEATHFULLY WRONG! IF THEY COULDN'T GIVE THAT ANSWER IN PRIVATE, OR EVEN CARE ENOUGH TO INVESTIGATE WHAT WENT WRONG BEFORE YOU WENT TO WHT TO GET AN ANSWER, THEN THERE IS SOMETHING WRONG WITH THAT PICTURE.

    Hopefully that's a little clearer.
    Totally agree with you mate.

  14. #39
    Quote Originally Posted by SoloColo
    Our contact us pages are php using mail() hardcoded directly to our own mailbox that also writes a log file entry of all mail communications.
    Was this the culprit?

  15. #40
    Quote Originally Posted by hostgator.com
    I spoke to our system admin who suspended the site. I found in this particular case we are to blame for how the spamming incident was handled. The Admin who handled this said while he was sending out the notification email one of our servers had a huge spike that needed to be investigated. He told me that he intended to come back to the issue and contact the customer / disable the problem script, but that he must have forgotten while investigating the server.
    We handle thousands of tickets a day, and it seems every mistake we make ends up on wht. Nobody is perfect so even at a 1% ticket mistake rate that's adds up being a lot of mistakes.

    Please accept my apology on how this incident was handled.
    Thanks for being so candid Hostgator. I have a Hostgator account that has been running for several months now and have to say that after a problematic start where Hostgator deleted all my content, it has been trouble free.

    I like a company that can say when it's wrong and say sorry.

    Now when will my account be upgraded to the new specs

  16. #41
    It's odd, I just posted yesterday, just to compliment HostGator on my experience.

    Personally, I think that HostGator (or any other host) should not suspend an account without taking due measures to contact the client. The previous (awful) host I had did that to me twice - they just put up a home page that said "Temporarily suspended - if you are the host of this site, please contact us". That's awful in itself. (And my site wasn't the problem, it had run smoothly for months and nothing had changed; they found some other site hogging the processor).

    It doesn't matter if it's a large-scale webhost. Actually, it's even more important in that case. The larger you get, the more focus there should be on the customer satisfaction aspect.

    Suspending accounts in good standing is unconscionable, unless a client is exhibiting that behavior from day 1. Four hours of down time is way too long. I totally agree with an earlier comment here:

    find the insecure script and remove only the portion with the problem and notify your client of the issue, what you needed to disable to maintain service and what needs to be done to resolve
    I also think the first response by hostgator.com on this thread is inappropriate. Just because a client posted on a webhosting forum doesn't mean you have to try to explain it in a way that makes the client look bad.

    I just sent you the email with all the proof of your account spamming 1000's of people. Please work with us in the ticket to track down your vulnerable script we so can get you turned back on. Thanks!
    Even if it's possibly an uncouth client, and is at fault, as a business you shouldn't try to post a defense making the client look like the culprit, instead of spending time to work with the client directly, once you asked the client to contact you with the ticket number.

    You had to recant afterwards that the client wasn't at fault. I think that makes you look even worse than suspending the account.

    It would be much better if the first response after posting to the client to contact with the ticket number was the one after the resolution:

    I spoke to our system admin who suspended the site. I found in this particular case we are to blame for how the spamming incident was handled. The Admin who handled this said while he was sending out the notification email one of our servers had a huge spike that needed to be investigated. He told me that he intended to come back to the issue and contact the customer / disable the problem script, but that he must have forgotten while investigating the server.
    We handle thousands of tickets a day, and it seems every mistake we make ends up on wht. Nobody is perfect so even at a 1% ticket mistake rate that's adds up being a lot of mistakes.

    Please accept my apology on how this incident was handled.
    My positive opinion of HostGator hasn't changed. I'm glad to know that they monitor this forum and address concerns. I hope you do the same on your own HostGator forum. There are some complaint posts sitting there with no response.
    Last edited by sam642000; 12-31-2006 at 11:38 AM.

  17. #42
    Hi Sam,

    In all due fairness, Brent came on the forum and apologized for the error. Mistakes happen, I think we should let this go.

    You have got to admit that on the whole hostgator has a great reputation - so, lets not make a big deal of a single mistake, especially one that was admitted to and apologized for - what else would you want a host to do when a mistake happens??

    Please accept my apology on how this incident was handled.

  18. #43
    Quote Originally Posted by sam642000
    It's odd, I just posted yesterday, just to compliment HostGator on my experience.

    Personally, I think that HostGator (or any other host) should not suspend an account without taking due measures to contact the client. The previous (awful) host I had did that to me twice - they just put up a home page that said "Temporarily suspended - if you are the host of this site, please contact us". That's awful in itself. (And my site wasn't the problem, it had run smoothly for months and nothing had changed; they found some other site hogging the processor).

    It doesn't matter if it's a large-scale webhost. Actually, it's even more important in that case. The larger you get, the more focus there should be on the customer satisfaction aspect.

    Suspending accounts in good standing is unconscionable, unless a client is exhibiting that behavior from day 1. Four hours of down time is way too long. I totally agree with an earlier comment here:


    I also think the first response by hostgator.com on this thread is inappropriate. Just because a client posted on a webhosting forum doesn't mean you have to try to explain it in a way that makes the client look bad.


    Even if it's possibly an uncouth client, and is at fault, as a business you shouldn't try to post a defense making the client look like the culprit, instead of spending time to work with the client directly, once you asked the client to contact you with the ticket number.

    You had to recant afterwards that the client wasn't at fault. I think that makes you look even worse than suspending the account.

    It would be much better if the first response after posting to the client to contact with the ticket number was the one after the resolution:


    My positive opinion of HostGator hasn't changed. I'm glad to know that they monitor this forum and address concerns. I hope you do the same on your own HostGator forum. There are some complaint posts sitting there with no response.

    Hostgator were right to take action. They should suspend the script if they can quickly identify it or the account whilst things are investigated.

    The hosting client is not the bad person, the spammer is. The hosting client is responsible for their scripts though.

    Hostgator have admitted an error and explained what they should have done which sounds fair to me.

  19. #44
    I was speaking with tech support today and they brought up a VERY valid point as to why they would suspend an account without warning.

    Bill D.: If you're site is bogging down the server, we will not email you -- wait 4 hours to receive a response -- THEN work to resolve the issue, while there could be 100 other users on that server also suffering...
    If your site is crippling the server and there are others on the server as well, that isn't very fair.

    If, however, you are on a dedicated server, that is a completely different question.

Page 2 of 2 FirstFirst 12

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •