Page 1 of 2 12 LastLast
Results 1 to 25 of 47
  1. #1

    Need help please. I think I am being taken advantage of.

    I apologize in advance if this is really remedial, but I don't host for other people nor claim to be any kind of internet guru.

    I own a business and our website is hosted by a third party host. I have felt for a long time that I have been charged a great deal more than I should be. Since I do not understand enough about the world of coding and hosting, I may be wrong. In fact, I may be the customer from hell. Hopefully some of you can tell me if I am right or wrong. Thank you in advance for your time.

    My dedicated server:

    Processor #1 Vendor: GenuineIntel
    Processor #1 Name: Intel(R) Xeon(TM) CPU 3.20GHz
    Processor #1 speed: 3192.111 MHz
    Processor #1 cache size: 1024 KB

    Processor #2 Vendor: GenuineIntel
    Processor #2 Name: Intel(R) Xeon(TM) CPU 3.20GHz
    Processor #2 speed: 3192.111 MHz
    Processor #2 cache size: 1024 KB

    Processor #3 Vendor: GenuineIntel
    Processor #3 Name: Intel(R) Xeon(TM) CPU 3.20GHz
    Processor #3 speed: 3192.111 MHz
    Processor #3 cache size: 1024 KB

    Processor #4 Vendor: GenuineIntel
    Processor #4 Name: Intel(R) Xeon(TM) CPU 3.20GHz
    Processor #4 speed: 3192.111 MHz
    Processor #4 cache size: 1024 KB


    Memory Information

    Memory: 2050464k/2096896k available (1731k kernel code, 41824k reserved,
    1304k data, 228k init, 1179392k highmem)


    Physical Disks

    hda: LITE-ON CD-ROM LTN-489S, ATAPI CD/DVD-ROM drive
    hdc: VIRTUALFLOPPY DRIVE Floppy, ATAPI FLOPPY drive
    hdd: VIRTUALCDROM DRIVE, ATAPI CD/DVD-ROM drive
    hdc: set_drive_speed_status: status=0x40 { DriveReady }
    hdd: set_drive_speed_status: status=0x40 { DriveReady }
    hdc: attached ide-floppy driver.
    SCSI device sda: 143374650 512-byte hdwr sectors (73408 MB)
    SCSI device sdb: 143374650 512-byte hdwr sectors (73408 MB)
    Filesystem Size Used Avail Use% Mounted on
    /dev/sda3 66G 12G 51G 19% /
    /dev/sda1 99M 26M 69M 28% /boot
    none 1004M 0 1004M 0% /dev/shm
    /usr/tmpDSK 485M 11M 449M 3% /tmp
    /tmp 485M 11M 449M 3% /var/tmp
    /dev/sdb1 68G 45G 20G 71% /backup
    -------------------------------------------

    I have been with the same host for about 4 years and pay $579 per month. I have felt for a while that this might be on the expensive side, but the host built our site and to his credit has kept us up and running without many problems.

    Now, a few days ago, our site crashed out of the blue. Our forum, shopping cart, email...everyhting was down. We contacted the host immediately and he was available to us. The site was down for 12 hours which is very costly for our business as we also run an educational forum. Finally, after some prodding for a time when we would be up, he restored us to the day before's backup. While we did loose a days worth of data, emails, and forum posts...at least we were back online.

    He claims the outage was an attack on a vulnerable PHP script. Says he can't say which one for sure because many of the logs were destroyed or inaccessible. Once we were finally back in business I was presented a bill for the following:

    Subtotal: 1,025.50
    Total: $1,025.50 USD

    6.9 hours at $145 per hour Time billed is after two hours admin. The amount here is at our cost and have paid
    the contractor. The time includes Michaels admin time built in.

    The server from the notes follow as pasted:

    --------

    The server dropped and started to have kernel issues from a exploit style attack
    trying to gain access through a MySQL injection as that would be the only logical
    explanation.


    I started feeling like something was not quite right and started investigating data centers and their charges for backup restoration. While I understand that I am dealing with people trying to sell me hosting, their charges were significantly less than $1000 and time frame was significantly less than 12 hours.

    I pressed my host to get a detailed breakdown of what was done that required 7 hours of work and he won't really specify. He keeps maintaining that:

    "I gave you the breakdown best, I could and did you mention to them that you
    needed a full OS RELOAD, that including Linux, CPanel, Imagemagick, GD LIB,
    Curl, rebuild RPMıs and then need to recompile your PHP and apache and
    modify to your needs (including php.ini files and advanced conf files. Basic
    security to help lock down before full security.

    This was a full restore and all your IPıs restored etc... A restore for
    your account ONLY via tarball is about 1 hour. You had your entire server

    On a side but related note - If you are thinking for any second I am taking
    advantage of you and donıt TRUST me then I invite you to take your business
    elsewhere and with someone one that would not care if your server went down
    even for a week or have the brains to fix it, I take insult."



    I appreciate anyone who has even taken the time to read all of this and would be forever in debt to anyone that can offer some advice. Does this sound reasonable? Should I pay him or contact my attorney? If you say attorney, do I can I go directly to my datacenter (theplanet) and get to the bottom of things?
    Last edited by photo4u2; 01-10-2008 at 12:01 AM.

  2. #2
    Join Date
    Mar 2007
    Location
    /home/Boston
    Posts
    174
    Hello,

    I feel your pain. But, from the other side. I have a few large sites that have purchased servers from me. They do not pay me for managed servers as I expect that they will do most o their own setting up and configuring.

    One of my larger customers totally broke his server. Not sure what he did, but I couldn't get into it for the life of me. Rebooted it, power cycled it. Nada. KVM proved that it was kernel panic'ing.

    ReOS'ed the server (free) and restored his backup and redid all of his configuration (again for free). Since he spends a good amount of money with me and I helped him configure his server in the first place so I knew the ins and outs, therefore I was able to be of help to him.

    I guess because I am a small hosting company right now I can take the time to know my clients and help them out on a personal level. I would say that he had taken advantage of you.

    It is really unfortunate when something goes wrong like that, for both parties. Me, I had to scrable around and get it going again, and for him since he was probably getting yelled at by his boss for it being down.

    I'd rather spend a few hours of my time and keep a customer happy than charge 1000 dollars for my trouble. In the end, I'll make more if he stays with me for a few years. But, I'm my own boss. If he was doing what he was told you can't fault him for that.

    Maybe it's time too look for a new server provider.

    Jesse

  3. #3
    Join Date
    Mar 2004
    Location
    Singapore/Melbourne
    Posts
    6,893
    I think 4 years ago the pricing for such hardware warrants the price you are paying. What you can do is to ask him either to upgrade you to the latest hardware or ask for a discount. But I don't think you have been taken advantage as what you were paying for was fair at that time.

    Just that maybe now is a good time to renegotiate some of the pricing.

    For the restore price, depending on the extend of damage 7 hours is reasonable, the per hour price seems a bit high though. But since he claim this is what he paid the contractor, just ask for the bill to verify if this is possible. But server restoration can be easy or tough, very difficult for an outsider to judge just from the post.

  4. #4
    I wouldn't say you are the client from hell, but it sounds like your host is being paid to do what he pleases - which can be the "long road" to a fix and get that extra cash for it.

    I would suggest finding perhaps a smaller host, like Jesse above. I like to maintain that local host and impact, although we do have clients from all over the nation - I strive hard to make sure my small team keeps that personal touch.

  5. #5
    Thank you for your input Jesse. It is really helpful for me to get some other perspectives on this...both large and small hosting companies.

    I am not necessarily looking for anyone to agree with me. As a business owner, I am aware that there are probably things that I simply don't understand about this issue and my host may well be in the right. If so, I will gladly pay him. I just don't want to be a dope and pay for something that is all fantasy.

    That said, I do not mess around in the back end of the server. I use cpanel for basic stuff and pay my host to do anything difficult. I know enough to know that I don't possess the skills to be changing things that I am unfamiliar with.

  6. #6
    Join Date
    Mar 2007
    Location
    /home/Boston
    Posts
    174
    You're more than welcome.

    Companies take different approaches. I consider myself a friendly and approachable person (though, I can't spell or type for a damn, so pardon any typos. lol), I will help where I can, and refer you someplace else when I can't. But, a happy customer will refer friends and possibly buy more servers. I know I am a small company, so I have to do everything I can to make my customers feel welcomed and important. If that means reOSing a server @ 4AM, well such is life.

    I don't charge for such things, but, people often send me a little extra here and there, and it is much appreciated. Makes getting out of bed next time to fix something a little easier. heh

    I would also agree that the price you were paying back then was pretty reasonable. I might have missed your port speed and bandwidth quota while skimming your post. That often has a big impact on server pricing as well.

    -Jesse

  7. #7
    Join Date
    Nov 2001
    Location
    Ann Arbor, MI
    Posts
    2,978
    The price you mention isn't bad for managed hosting. However, I would expect managed hosting to include recovering from a disaster such as the supposed one that you had. If you're not getting managed hosting, that price may be high depending on what else is in the package besides the hardware specs you posted. It's hard to tell.

    Either way, just the fact that he said that if you're not happy to leave, would make me leave. That's not good customer service. Additionally, a price should have been agreed upon before hand.
    -Mark Adams
    www.bitserve.com - Secure Michigan web hosting for your business.
    Only host still offering a full money back uptime guarantee and prorated refunds.
    Offering advanced server management and security incident response!

  8. #8
    Quote Originally Posted by boonchuan View Post
    I think 4 years ago the pricing for such hardware warrants the price you are paying. What you can do is to ask him either to upgrade you to the latest hardware or ask for a discount. But I don't think you have been taken advantage as what you were paying for was fair at that time.

    Just that maybe now is a good time to renegotiate some of the pricing.

    For the restore price, depending on the extend of damage 7 hours is reasonable, the per hour price seems a bit high though. But since he claim this is what he paid the contractor, just ask for the bill to verify if this is possible. But server restoration can be easy or tough, very difficult for an outsider to judge just from the post.
    Great stuff here! I can't believe I didn't think of it. Asking him for his bill from the contractor is an excellent idea.

    This is a very small host. I am reasonable certain that I am one of a handful of clients he has. My main issue is that this is standard operation. He tells me that work had to be done and he paid it and I owe him XXX. I have suspected that it was being heavily padded, but this one just took my breath away.

    You pegged it. It is hard to judge this from the outside. I am not familiar enough with the jargon to tell if I am being sold a story or the facts. I do enough work on computers to know that the most simple tasks can spiral out of control.

    Would an OS reset and restore to backup fix most any problems? Or would there often times be lots of time need to be hours of PHP recompiling?

    What would be an appropriate amount to spend per month given the server I have and am not even coming close to taxing. I need am hoping to find a host that can handle upgrading patches on my vbulletin and shopping cart...just the things needed to keep up on security threats.

  9. #9
    Join Date
    Mar 2007
    Location
    /home/Boston
    Posts
    174
    All my OS installs are automated. I give it the stuff it needs and it does that for me. Depending on your linux flavor, it can be time consuming. But, if he is as skilled as he says he is. It shouldn't take *that* long to restore a server. Especially if it is backed up daily.

  10. #10
    Quote Originally Posted by bitserve View Post
    The price you mention isn't bad for managed hosting. However, I would expect managed hosting to include recovering from a disaster such as the supposed one that you had. If you're not getting managed hosting, that price may be high depending on what else is in the package besides the hardware specs you posted. It's hard to tell.

    Either way, just the fact that he said that if you're not happy to leave, would make me leave. That's not good customer service. Additionally, a price should have been agreed upon before hand.
    O.K. This is pretty much where I am coming from. I thought I the price I pay might be on the high side, but I figured it was "managed" hosting...so, at least I had the reassurance that if something went wrong, I had someone in my corner. Again, I may be in the dark about what is involved in managed hosting. I did kind of assume if I screwed something up, I would get charged. If the website went down from an outside issue, it would be fixed at no cost to me.

    Other than the price, this host has been pretty good to me. He may complain about having to fix something or how it interrupted his plans, but he has been easy to reach and mostly punctual about issues involving the site.

    On the flip side, I am a fairly no maintenance hostee. I have not contacted him in at least 6 months for anything. If the site is working....I am happy as a lark.

  11. #11
    P.S. When you say depending on what else might be included in the package besides hardware, what else might that be?

    Sorry. I have people like me on my forum. I have to fight to keep from telling them they are in way over their head. I understand how difficult it is to talk to people who aren't even equipped to ask the right questions. That would be ME right now.

  12. #12
    Join Date
    Nov 2001
    Location
    Ann Arbor, MI
    Posts
    2,978
    The fact now that you confirmed it is managed hosting makes it sound like you're getting screwed on the work done, but not necessarily on the monthly cost.

    They were his disaster recovery plans. He can't expect you to pay for his poor planning that resulted in 12 hours of downtime and 7 hours of labor. Look at your contract, and see what your options are and what you agreed to pay.
    -Mark Adams
    www.bitserve.com - Secure Michigan web hosting for your business.
    Only host still offering a full money back uptime guarantee and prorated refunds.
    Offering advanced server management and security incident response!

  13. #13
    Contract. Yeah. I am wishing I had one of those. I have one from him for the construction of the site, but I have read through it and it doesn't deal with the monthly hosting. We started working with him when we were very small and on a shared server. Once we outgrew that, we just discussed pricing and said "go" to the dedicated server. What I am dealing with now is probably the pitfalls of not having a contract. When verbal agreements are struck, it leaves too much room for misunderstanding.

    You guys are great. Thank you so much for your advise.

    Anyone else is welcome to chime in. All perspectives welcome.

  14. #14
    "If you say attorney, do I can I go directly to my datacenter (theplanet) and get to the bottom of things?"

    The Planet probably will not be able to provide you much information unless you have your hosts account number and password. Without that, all they should be able to provide to you is information that is publicly available such as whois output of a domain you asked them about or such.

    The hourly fee sounds fairly standard, but the time involved to me sounds a bit much, and I think its a bit sketchy that they seem to be refusing to provide you a breakdown of the time involved.

    "I gave you the breakdown best, I could and did you mention to them that you
    needed a full OS RELOAD, that including Linux, CPanel, Imagemagick, GD LIB,
    Curl, "

    That part would likely have been performed by your datacenter itself, rather than your host for a nominal fee that your host would have paid. The rest, the php.ini customizations, sercurity related work, etc would have been performed by your host or it seems they mentioned a contractor. Overall, personally I would say its probably a bit steep, but depending on the state of things when they started, and how extensive any customizations they performed are, its not exactly out of line either.

    Personally, I would pay the bill and start looking for another host altogether and stay with the current one only long enough to finish any contracts you are bound to and time to make a smooth migration to another host. This would be my choice strictly on the attitude when questioned about the time breakdown. Then again...we surely didn't see the entire conversation either

    Just my .02 cents. Hope it helps.

    -Mike

  15. #15
    Join Date
    Aug 2007
    Location
    L.A., CA
    Posts
    3,650
    It sounds like the server required a lot of work to restore all the configs, settings, software you had previously. $145/hour isn't all that bad, that goes along the lines of what level-3 system admins would charge.
    I don't believe your monthly price is taking advantage of you. Just because host A sells cheaper than Host B, it doesn't mean that the other is ripping you off.
    EasyDCIM.com - DataCenter Infrastructure Management - HELLO DEDICATED SERVER & COLO PROVIDERS! - Reach Me: chris@easydcim.com
    Bandwidth Billing | Inventory & Asset Management | Server Control
    Order Forms | Reboots | IPMI Control | IP Management | Reverse&Forward DNS | Rack Management

  16. #16
    Mike,

    Your .02 cents is much appreciated. I agree with you about the attitude. It is stressful when your site is down and then to be taking attitude from the host too is hard on the nerves.

    Quote Originally Posted by AFerrier View Post
    It sounds like the server required a lot of work to restore all the configs, settings, software you had previously. $145/hour isn't all that bad, that goes along the lines of what level-3 system admins would charge.
    I don't believe your monthly price is taking advantage of you. Just because host A sells cheaper than Host B, it doesn't mean that the other is ripping you off.
    Now that you mention it, I do remember level 3 being floated around in one of the conversations. If that is fair pricing, I feel at least better. Other coding work I have had done by the host has been at $75 per hour. Double that had me scratching my head.

    One other thing? for these kind of prices, should he have had a firewall on my server? Would it have prevented the attack? A firewall was installed after the outage, at no additional charge, but it made me wonder if it was a good gesture or something that should have been in place on an ecommerce site to begin with.

    Also, would the Level 3 systems admin be an employee of the data center or an independent contractor?

  17. #17
    Join Date
    Jan 2005
    Location
    Scotland, UK
    Posts
    2,541
    The fee itself for recovery is perfectly fine however the point of you being charged that fee is not. If you had managed hosting, why were you rooted in the first place (Which from what he appears to have told you, that's what happened - hence the reinstall).

    I think your monthly fee is perfectly fine providing you get a managed service however if they have to hire contractors just to restore data and the fact you got rooted in the first place, I struggle to believe you are actually receving a managed service and would jump ship.
    Server Management - AdminGeekZ.com
    Infrastructure Management, Web Application Performance, mySQL DBA. System Automation.
    WordPress/Magento Performance, Apache to Nginx Conversion, Varnish Implimentation, DDoS Protection, Custom Nginx Modules
    Check our wordpress varnish plugin. Contact us for quote: sales@admingeekz.com

  18. #18
    Join Date
    Aug 2007
    Location
    L.A., CA
    Posts
    3,650
    It depends what the management service includes. As we here on WHT know there are many different meanings to "management".

    Secondly, no a firewall would not have prevented your hack. You were exploited from one of your scripts which has a security hole in it. Either way, nothing can prevent a hack. You can always be hacked, the only thing you can do is make it harder for yourself to be hacked. Though your issue is a script exploit.

    A Level-3 admin can be anyone from anywhere. Level-3 just references to their qualifications, knowledge and experience.
    $145/hour is very fair, especially since this is not what they get as an 8 hour, 5 day a week job but just one-time "on-call" situations like this so to speak.

    All in all, I'd say yes, its expensive so it'll sting but no, they are not taking advantage of you.
    In regards to your server monthly fee, all I have to say is that yes you can find cheaper but you can say that about anything in the world.
    There is always "something cheaper" to be had.
    EasyDCIM.com - DataCenter Infrastructure Management - HELLO DEDICATED SERVER & COLO PROVIDERS! - Reach Me: chris@easydcim.com
    Bandwidth Billing | Inventory & Asset Management | Server Control
    Order Forms | Reboots | IPMI Control | IP Management | Reverse&Forward DNS | Rack Management

  19. #19
    Join Date
    Aug 2007
    Location
    L.A., CA
    Posts
    3,650
    You could ask for "refreshed" hardware specs though and get some newer hardware but if your site is running fine as-is, I wouldnt really "mess with a good thing".
    You always introduce new variables such as increased probability of hardware failure in the new machine due to unknown history or production, etc.
    EasyDCIM.com - DataCenter Infrastructure Management - HELLO DEDICATED SERVER & COLO PROVIDERS! - Reach Me: chris@easydcim.com
    Bandwidth Billing | Inventory & Asset Management | Server Control
    Order Forms | Reboots | IPMI Control | IP Management | Reverse&Forward DNS | Rack Management

  20. #20
    Join Date
    Nov 2001
    Location
    Ann Arbor, MI
    Posts
    2,978
    If you don't have a contract, the whole cost is defnitely negotiable. If you decide to stay, make sure and see if you two can't work out an SLA. I wouldn't pay or stay based on you're side of the story so far.
    -Mark Adams
    www.bitserve.com - Secure Michigan web hosting for your business.
    Only host still offering a full money back uptime guarantee and prorated refunds.
    Offering advanced server management and security incident response!

  21. #21
    Join Date
    Jul 2006
    Location
    Detroit, MI
    Posts
    1,955
    Quote Originally Posted by photo4u2 View Post
    Thank you for your input Jesse. It is really helpful for me to get some other perspectives on this...both large and small hosting companies.

    I am not necessarily looking for anyone to agree with me. As a business owner, I am aware that there are probably things that I simply don't understand about this issue and my host may well be in the right. If so, I will gladly pay him. I just don't want to be a dope and pay for something that is all fantasy.

    That said, I do not mess around in the back end of the server. I use cpanel for basic stuff and pay my host to do anything difficult. I know enough to know that I don't possess the skills to be changing things that I am unfamiliar with.
    For that server if you are getting management services with that price you are not being taken advantage of at all. The raw costs for that hardware should be ~200$, but the time to keep a server up month-over-month is easily more than that.



    Best Regards,

  22. #22
    Join Date
    Jul 2006
    Location
    Detroit, MI
    Posts
    1,955
    Quote Originally Posted by Scott.Mc View Post
    The fee itself for recovery is perfectly fine however the point of you being charged that fee is not. If you had managed hosting, why were you rooted in the first place (Which from what he appears to have told you, that's what happened - hence the reinstall).

    I think your monthly fee is perfectly fine providing you get a managed service however if they have to hire contractors just to restore data and the fact you got rooted in the first place, I struggle to believe you are actually receving a managed service and would jump ship.

    Managed hosting should never include auditing individual pieces of software, nothing beyond keeping the software patched and even then it is tenuous because patches for one piece of software can break something else.



    Regards,

  23. #23
    Join Date
    Nov 2003
    Location
    Lynnwood, WA
    Posts
    438
    Since I don't see what you actually sent to him to get the response that you did, I may be totally off-base here -- but the single largest problem I see with your host based on what you've posted here is his attitude at your questioning of the bill amount.

    People that immediately jump to "how dare you, you don't trust me?" style responses to polite questioning are, generally speaking, untrustworthy.

  24. #24
    This thing is killing me. I can't seem to pin him down on specifically what required the 7 hours work. I have asked for a copy of the contractors bill or a detailed breakdown of the work that would be done and the most he is willing to send me is a summary of the hours that were spent. Not that anything he tells me is going to mean anything to me anyway, but at least it would be something I can run by someone with the technical know how to say whether or not it sounded reasonable.

    So, what I am getting here is that the monthly price would be fair based on a managed server. That being said, would it be fair to assume that managed services would include recovery from a crash of this nature or is it standard procedure to fix, then bill on top of monthly management fees? Granted - should have been spelled out in a contract, but standard practices? Surely there is some sort of industry standard.

  25. #25
    NexSeven - This was what was sent to him to elicit that response:

    About the invoice. I'm afraid I am going to need to see a detailed breakdown of what caused the attack and what was done in those 7 hours. I have floated it past a few people I trust and none of them can figure out why it would take 7 hours to restore to a backup.

    If you can get that information for me and give me some time to confirm it, I will be happy to take care of the invoice.

    Thanks. Have a great night.


    I know that if I pay $600 per month for a car it is typically under warranty. I know that if I have to take it to a mechanic, he will at least tell me what was broken or show me what justified $1000 worth of repairs.

    Is this a backward way of thinking?

Page 1 of 2 12 LastLast

Related Posts from theWHIR.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •