Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


[RESOLVED] Unacceptably bad way of handling issues by Arubacloud... - Page 2
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

[RESOLVED] Unacceptably bad way of handling issues by Arubacloud...

2

Comments

  • AlwaysSkintAlwaysSkint Member
    edited October 2019

    ^ millennial

  • @AlwaysSkint said:
    ^ millennial

    Gen Z nice try

  • @jvnadr said:
    Before started, disclaimers on the beginning!

    • Yes, I had backups, I used them, I am not complaining on losing data
    • No, I did not lose millions from their extremely cheap service
    • No, I do not complain about the performance of an extremely cheap service. Instead, their servers are really good for the price
    • Yes, I did secure the server, as possible as this can be done.

    I did open this thread because IMO, this is not a good practice on dealing with an account when an issue occures.

    I have a couple of the old cheap 1 euro vps servers with arubacloud,

    Stopped here and went to order!

    :)

    On a more serious note: love the way you've written the post. In a matter of fact way, explaining everything nicely.

    Based on the info you provided, the 72 hour deadline is unacceptably short for me to consider such service. I mean: people have vacations, without Internet, don't they?

    Thanked by 1vimalware
  • @jvnadr please update this topic if there are any news, very curious to see how this turns out. I would not want to have my services shut down either, without any chance to have a look what the actual problem could/should be.

    so hopefully you got a quick response, more informations and your access back to actually deal with the problem?

  • defaultdefault Veteran
    edited October 2019

    @ArubaCloud shutting down servers - now this is some heavy popcorn drama in LET, and it deserves a bookmark.

    Thanked by 3vimalware uptime imok
  • AnthonySmithAnthonySmith Member, Patron Provider

    So what is the conclusion here then @jvnadr ?

  • DPDP Administrator, The Domain Guy
    edited October 2019

    @AnthonySmith he's probably busy at war with @ArubaCloud :lol:

  • AnthonySmithAnthonySmith Member, Patron Provider

    @thedp said:
    @AnthonySmith he's probably busy at war with @ArubaCloud :lol:

    Well to be fair, I understand that circumstances may exist that they would do what they have done, they may not be liked by the customer but for the greater good of the environment for everyone, it can happen with some acceptable reasons.

    However its been almost a whole working day since this happened so if he does not know why it has happened yet, no excuse is good enough.

    Thanked by 2jvnadr Falzo
  • I read the disclaimer, hence I have nothing to say.

  • jvnadrjvnadr Member
    edited October 2019

    AnthonySmith said: So what is the conclusion here then @jvnadr ?

    Sorry, I am not constantly in LET :)
    They responded and gave me details, enabling again the account and keeping disconnected from the internet the hacked server. It seem that the one of the two servers was compromised, according to their reply (TCP SYN Flood to certain ip addresses).
    I am trying to login to the client area now (a new issue has occur with resetting the password but it will be resolved) and after that, I will investigate the nature of the issue.

    The frustrating thing is that there is still the 72 hours time window to resolve the issue (why there is a time window for a paid for months to come server, when the server is disconnected, so, it is not a danger for the internet anymore?) and the fact that my other server with them, that is not compromised, is also disconnected from the net until I fix the issue on the first one...
    It seem that now the other server can be switched on. So, it's OK.

    Thanked by 1Falzo
  • Also, their ticket response was fast enough, about the same time I opened the thread (although it does not notify me that there is an answer via an email, when all other communications from aruba do have email alerts).

    Bottom line, their policy is extremely strict (this is not necessarily a bad thing, but rather good). My opinion is that they should consider notify their clients on the initial email update, not disabling all the services and the entire account because one server has been hacked and stop having this 72 hours rule for paid disconnected services.

    Thanked by 1Falzo
  • DPDP Administrator, The Domain Guy

    @jvnadr said:

    The frustrating thing is that there is still the 72 hours time window to resolve the issue (why there is a time window for a paid for months to come server, when the server is disconnected, so, it is not a danger for the internet anymore?) and the fact that my other server with them, that is not compromised, is also disconnected from the net until I fix the issue on the first one...

    Ok the resolution time frame is acceptable, but not the treatment on the innocent server.

  • Maybe I was a little over reacting, because it won't took long for them to reply with the actual issue. If so, my apologies to Aruba (here you are, apologies as LTniger asked!)
    I just still think that there has to be a headline with the reason of suspension on the initial email, not disabling all the servers and the account (except if the client is doing this constantly) and get rid of this 72 hours rule.

    @FAT32 I think is fair to alter the thread title with something like "resolved issue" to reflect it, if you can.

    Thanked by 2FAT32 ArubaCloud
  • @thedp said:
    Ok the resolution time frame is acceptable, but not the treatment on the innocent server.

    Yes, affected server should be shutdown and asked to be looked into. The 72 hour is good enough IF they had a system to let the end user access the system. If they disable the server and user has to open a ticket and then they'll manually enable it, and then only the user can look into the issue with the server, then 72 hours may not be enough.

    I agree that affected server should not be disabled.

    That aside, WordPress blogs gets hacked easily through compromised plugins in their official plugin store.

  • somik said: That aside, WordPress blogs gets hacked easily through compromised plugins in their official plugin store.

    Wp is a plain installation with ninjaforms only on it, maybe it is not the case here. I am investigating the root of the issue, I hope I find some evidence.

  • angstromangstrom Moderator
    edited October 2019

    @jvnadr said: Maybe I was a little over reacting, because it won't took long for them to reply with the actual issue. If so, my apologies to Aruba (here you are, apologies as LTniger asked!)
    I just still think that there has to be a headline with the reason of suspension on the initial email, not disabling all the servers and the account (except if the client is doing this constantly) and get rid of this 72 hours rule.

    As someone pointed out above, the initial email was automatic and not personalized -- it was their quick reaction to a perceived problem. The ball was then in your court.

    Since they replied quickly to your ticket, it seems to me that they were good on this point.

    I agree that their locking your account wasn't so great, but it's a low-budget service after all, and given the amount of (potential) abuse that (I imagine that) they have to deal with, a policy of overreacting is probably better than a policy of underreacting. They don't have the resources to quickly differentiate between good clients (e.g., you) and bad clients. A more nuanced and personalized differentiation between clients wouldn't fall into the low-budget category.

    Thanked by 4ITLabs deank imok poisson
  • The aruba's automated way handling things is not the best, the time window of 72h is not good, the switching off the whole account is not a nice practice.
    Beside those points, I have to admit that their support is fast enough, they act like professionals do and, as I said to my initial post, their service is much more than good especially for the price.
    So, apologies for over reacting, but I lost millions there :) .

    /thread for me

  • jvnadr said: I have to admit that their support is fast enough

    that's the most important info from this whole thing. would be bad, if they shut everything down and then take ages to answer. other than that...

    there could be a lot of entry points if the system was 'set and forget' maybe some missing update for whatever piece of software was the entry. any control panel? exim? any service that could be abused for an amplification attack?

    regardless if you manage to find the root cause, reinstall and after that tell them that you took care of the problem.

  • AnthonySmithAnthonySmith Member, Patron Provider

    Given the situation while I can certainly agree they could have done better the response was indeed reasonable.

  • Still, deactivating all the services if only one is compromised is not proper way i think.

  • @jvnadr said: the time window of 72h is not good,

    Well, in practice, this means that they give you three full days to open a ticket about the server. If one runs a server/VPS, it's not unreasonable to be expected to react (open a ticket) within such a time frame in the case of abuse.

    Again, this is all in the context of a low-budget service. If one is paying a premium price, one might be justified in expecting a more personalized treatment.

    Thanked by 1uptime
  • deankdeank Member, Troll

    Overall, it was a good euro for Arubacloud. The free advertising they got from this is worth more than 1 euro.

  • @deank said:
    Overall, it was a good euro for Arubacloud. The free advertising they got from this is worth more than 1 euro.

    Bad adversting you mean. Im not buying it after threads like this.

    Thanked by 1AlwaysSkint
  • deankdeank Member, Troll
    edited October 2019

    Alpharacks ran their game on bad publicity.

  • Well it is WordPress; Can't rule it out completely.
    It only takes one slip-up in the overall config.

    Let us know how the resolution goes.

    Thanked by 2Falzo angstrom
  • @angstrom said:

    @jvnadr said: the time window of 72h is not good,

    Well, in practice, this means that they give you three full days to open a ticket about the server. If one runs a server/VPS, it's not unreasonable to be expected to react (open a ticket) within such a time frame in the case of abuse.

    Again, this is all in the context of a low-budget service. If one is paying a premium price, one might be justified in expecting a more personalized treatment.

    From the way I see it (could be wrong), three days means you can't go on a holiday without the Internet. It's perfectly understandable to block the server, but to cancel the service if you don't react - when you've paid for? It doesn't make sense to me.

  • @bikegremlin said:

    @angstrom said:

    @jvnadr said: the time window of 72h is not good,

    Well, in practice, this means that they give you three full days to open a ticket about the server. If one runs a server/VPS, it's not unreasonable to be expected to react (open a ticket) within such a time frame in the case of abuse.

    Again, this is all in the context of a low-budget service. If one is paying a premium price, one might be justified in expecting a more personalized treatment.

    From the way I see it (could be wrong), three days means you can't go on a holiday without the Internet. It's perfectly understandable to block the server, but to cancel the service if you don't react - when you've paid for? It doesn't make sense to me.

    Hmm, I understand the initial outrage, but if you run servers/VPSes, shouldn't you be on stand-by (reachable) in the case of an incident? What this means is: you check your relevant email address at least once every few days, just in case. (Alternatively, shut down your servers for your internet-free vacation.)

    (I suspect that Aruba would have sent a second warning message in this case before outright canceling the service, but this is just a guess.)

  • angstrom said: shouldn't you be on stand-by (reachable) in the case of an incident?

    I guess it would depend. If you assume the vendor is going to protect themselves by suspending your VPS and if that server staying suspended for a few days wasn't a big deal, I could see being offline.

  • @skorous said:

    angstrom said: shouldn't you be on stand-by (reachable) in the case of an incident?

    I guess it would depend. If you assume the vendor is going to protect themselves by suspending your VPS and if that server staying suspended for a few days wasn't a big deal, I could see being offline.

    You can definitely assume that the vendor is going to protect themselves by suspending your VPS, but should you also assume that the vendor won't care whether you react relatively quickly in the case of an incident?

    Aruba must have many thousands of 1€/m clients. I can understand that they don't want to have countless suspended compromised VPSes in limbo because their owners don't react quickly enough. (Yes, it's kind of tough, I admit, but we're talking about 1€/m servers.)

    Thanked by 1uptime
  • @angstrom said:

    @bikegremlin said:

    @angstrom said:

    @jvnadr said: the time window of 72h is not good,

    Well, in practice, this means that they give you three full days to open a ticket about the server. If one runs a server/VPS, it's not unreasonable to be expected to react (open a ticket) within such a time frame in the case of abuse.

    Again, this is all in the context of a low-budget service. If one is paying a premium price, one might be justified in expecting a more personalized treatment.

    From the way I see it (could be wrong), three days means you can't go on a holiday without the Internet. It's perfectly understandable to block the server, but to cancel the service if you don't react - when you've paid for? It doesn't make sense to me.

    Hmm, I understand the initial outrage, but if you run servers/VPSes, shouldn't you be on stand-by (reachable) in the case of an incident? What this means is: you check your relevant email address at least once every few days, just in case. (Alternatively, shut down your servers for your internet-free vacation.)

    (I suspect that Aruba would have sent a second warning message in this case before outright canceling the service, but this is just a guess.)

    So, having a hobby, or even a business website on a VPS would mean you have to have someone at it practically daily? In case of planned things like a holiday, or unplanned, like ending up in a hospital for any reason - you run the risk of having it, not just taken down, but the service cancelled too?

    That's the scenario i really don't like.

    Is that a standard procedure when it comes to VPS-s?

    Thanked by 1uptime
Sign In or Register to comment.