All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
What's your opinion on this policy?
I've recently faced an issue with a LET provider. I don't expect anyone to be perfect, so nothing wrong there. But discussing the issue in the support ticket, it came up that this provider suspends your service without sending any notice before or even after the suspension.
Quote: " We don't currently log tickets due to automated suspensions."
Since I'm biased on this because I'm on the customer side, I'd like your opinions on this:
Do you find the provider's policy of suspending a service without notice (before or after suspension) correct / acceptable ?
The suspension had to do with an alleged DoS attack, although they do offer DoS protection. It is interesting to note that the VPS is 99% idle but OK; I suppose a DoS attack could happen to an idle VPS as well, for unforeseen reasons.
I wouldn't like name the provider for now, unless of course I face more such issues.
Comments
Sending some sort of notice would be nice, yes. But not a deal breaker for me because we have gazillions of website uptime monitoring tools out there.
It all depends on how much I favor the provider. If it was a rather platonic relationship, I'd be pissed enough to warrant a move.
Nah, you should name them, cause it sounds like some clown group running tools they don't know how to maintain that have really low automatic thresholds which cause auto suspension of services. If they had even a clue about what they were doing they wouldn't be saying they can't send you an alert, instead they would have someone fix the tool to do so, which would probably take all of 15 minutes for a skilled system admin. But, again, I believe whoever you chose doesn't know what they are doing and probably paid someone to cobble stuff together for them, so of course they ,' can't send you notifications' cause they have no one skilled enough to make the needed changes to the hacked code they bought.
In short, sounds like a host I wouldn't be doing business with and reminds me off the top of my head of that Virtono group that advertises here. Tried to purchase a server from them a long time back and while I was just downloading files to the server they would suspend it and would claim some automatic tool did it and never tell you.
Anyhow, if they are employing tools they have no idea how to maintain, then I think it only fair to name and shame them so others don't get stuck using such an amateurish service.
my 2 cents.
Cheers!
O, name & shame them for sure.
LET needs drama. It's been stagnant as of late.
What would be the reason to not communicate something really important (like a service disruption) to the customer? Communication is key in business.
Please name the provider, so we can be alerted.
You say it's a policy, is it something you consiously agreed to in the providers terms?
Are they saying you recieved a DOS attack or that your server was participating?
It happens all the time... a client's server gets compromised and starts consuming tons of network and server resources causing issues for neighbors.
If you are sending a DOS attack, then a suspension is certainly warranted.
If you're receiving a DOS attack and you don't have protection included in your service, then likewise, suspension is generally still warranted.
Ideally a notice should be sent to the customer for any suspension, but if they have some sort of automatic DoS detection and null routing system in place, then it's conceivable they haven't integrated into their billing and so have no means of automatically informing you of said suspension. With that in mind, it's normally pretty easy to trigger an email to themselves informing THEM of the suspension, so they can update you a bit later. Not ideal but I would consider than an acceptable compromise..
Sounds like 99% of all hosts :-). Well... unless you have a different definition of 'maintain'. There's so much stuff these days, it's not easy to hook everything together and keep it all working well. I mean almost every host will use WHMCS as their billing system, but with each update something inevitably goes wrong and an old module stops working sooner or later. I've had to re-code the same module about 15 times over the last 10 years or so to make sure it kept working with each update. And just about every module that you get included with a domain registrar, software licensing or certificate provider also barely works.
Well maybe you would consider my team and I to be a 'clown group' who 'don't have a clue', but in my experience, it's not that easy to keep everything working well together.
Well it depends on the reason, assuming its a self managed service.
DDOS I cant see any reason not to inform you, I mean human error happens sure, but as a general rule I cant see why you would not inform the client.
However if a client has been banging resources at 100% for an age and go WELL beyond the AUP so it hits even the outer limits of the policy on the node monitoring by 4x the AUP then customers may not get explicit notice, they had that in advance of sign up and chose to make no effort themselves.
But even in that case it would be a pause or shutdown not a suspension.
I guess my point is, it depends on the specifics, in your case a DDOS, then yes you should have been told imo, even if just within the next available working hours at the very least.
You should answer if your server received or sent the attack. That matters more than anything.
Communication is indeed key.
And works both ways.
IMHO. One of the stupidest things in the world to do. If the provider does not communicate that there is a problem after suspending a VPS the client will not look for the source of the problem. The cycle continues, with the provider and the client both thinking the other is a dick.
Hey guys, thanks for your comments and sorry for my delayed reply. It's Easter time around here so my online time is kinda limited.
@randvegeta & @MikeA I was receiving a DoS attack, not taking part in one. Though I'm no longer sure that I was indeed under DoS (take a look at the graphs below).
Interesting point @AnthonySmith & @randvegeta about server being compromised and/or consuming resources. Let's look at some graphs to find out:
Load Average
https://ibb.co/c9ghWc
Memory Usage
https://ibb.co/ktGhWc
Bandwidth Usage
https://ibb.co/dBFLHH
NGINX Usage
https://ibb.co/fXSZcH
MySQL Usage
https://ibb.co/kZ9Qjx
It's obvious that the server is idling most of the time. Did you notice the spike in B/W usage? It has to do with the server being backed up to a remote storage server at that time and it's not related to the incident. The incident took place around 16:00 as you can see from the other screenshots.
To sum this up:
P.S. @dedicados cool pic
Are you running vesta control panel? Have you checked it wasn’t an outbound DDoS? Did the provider provide any logs?
Alex
Yep fair enough, I was talking generally, for DDOS in or out I would notify you every time.
Perhaps they like to avoid confrontations.
@AlexanderM unfortunately they provided no logs. They also seemed (to me) reluctant to answer my questions.
About the DoS, TBH I'm counting on what was said in the ticket. I didn't actually check any logs, apart from the graphs I posted. And yes, I've been using VESTA for quite some time now. Are you suspecting something wrong with that?
@AnthonySmith nice to know that in a similar case you'd send me a notice Cause I have 3 or maybe 4 services with you, with no issues up to now
Ramnode has nice policy. I got close to max bandwidth from a DDoS once and they sent me an email so I could deal with it - which I did. They could, of course, have said nothing and just cut me off when I hit the limit and I would have been unhappy and been less inclined to stay with them. Good hosts help make good customers.
Yes.
Ask them for logs, i’m sure they will provide, the 7th is when VestaCP started sending DDoS attacks, it seems likely.
Alex
@jiggawattz THANKS for the info. I hadn't noticed that
@AlexanderM I confirm that it was a DoS attack my server was taking part in. I was sent copies of the logs + the server was indeed hit from the 0-day @jiggawattz posted.
Fully patched the system, removed the malware code and investigating more for now.
@Elmo the thing is when you suspend a service and enter the reason, there is a tick box to email that reason to the customer, so it's not like it's any extra effort.
One good thing out of this, is that the provider said in the ticket that they'll consider adding notifications for automated suspensions