This is really getting old.
I don’t know the issues my web host has. In fact, I know nothing about web hosting. The only thing I know is that I pay a yearly fee for a certain amount of space and bandwidth.
In return, I expect good service. Seems easy enough, right?
I realize when dealing with the Internet that things aren’t always going to be perfect. There will be down times. Usually, however, the down times are quite minimal. A minute or two tops.
Occasionally, they are longer. In that case, something major is probably happening.
In the past several weeks, my sites have been hit with downtime a few times. One of those times was more than 20 minutes and the host said they had no issues.
It must have been connectivity.
Today, it happened again. This time, the note I got back was they were having issues. OK, fine. I can deal with that. Right around the same time, I got an e-mail that contained this goodness:
Unfortunately we had to suspend your account ‘XXXXX’ on ‘server name’ for phishing page hosting. You must unconditionally agree to remove the page and all related content from your webspace in order to get your account unsuspended. Also we strongly recommend you to investigate your content for possible security issues, particularly to upgrade site software to latest available versions. Looking forward to hearing from you.
Herein lies the issue — they don’t allow you to fix it. You are suspended with no warning and no possible way to fix the issue. I can’t access my sites. I can’t access anything to be able to fix this issue.
In response, I send a reply via e-mail figuring they’d get back to me quickly. After all, it’s a suspended account. I figure they’d want to fix it, too, right?
The original e-mail I received was at 11:59 a.m. (EST). I responded at 12:05. I sent a second e-mail at 12:44 p.m.
I then logged into support to see the tickets and note that they have it listed as “low” for priority.
That’s some great customer service right there.
I switched it to “urgent” and then logged in to live support and had this conversation:
P.J.: Hello. My account has been suspended for apparent phishing. I got the e-mail about 50 minutes ago. I responded quickly and nothing happened. I just responded again and am hoping something can happen quickly. I can’t have my sites down for this long
P.J.: I have authorized them to delete the file and then when I can access everything, I will see what I can do to make sure this doesn’t happen again.
Support: Please provide me with your ticket ID
P.J.: [ID Number]
Support: I’ve notified the technical department about your ticket, they will get back to you as soon as possible
P.J.: OK, do you think it will be somewhat quickly. The sites have been down for more than an hour (the first was the slowdown issue) and I need to have them up soon or I can’t fix etc.
I then never received a response to my last question on how long it would take to get a response.
Of course, during this time, I thought it would be a good time to write this blog post.
This hack, apparently, is on my “professional” site — my name site. I don’t do much work on it and really need to blow it up and start from scratch. This is a good wake up call to do so.
But, when that site gets suspended, so too does HooHaaBlog.com and my newest site — rattlingchains.com, which has become a strong disc golf site with daily updates, stories and more. We’ve had quite a good readership so far, so to be down for more than an hour in the middle of the day is not a good thing.
On any site.
Especially with that “Account Suspended” blaring at the top of the page. To say I am dissatisfied would be an understatement.
This has happened before — this phishing crap. And I’ve been suspended before. They don’t ever really tell how to avoid it. Some things (such as WordPress themes) can become vulnerable. And hackers can get through. I keep things up to date as much as I can. But sometimes things can slip through.
Wouldn’t you think the hosts would try and work with long-standing customers before blasting out “suspended” messages?
I would. It’s good business.
Instead, it’s a quick shutdown and then a slow answer. It’s not good for business to do that. And it makes me think it might be time to start looking for a new host. One who actually cares about the customer.
I realize these things need to be nipped. And I’m sure people use these phishing things to do harm to other sites/hosts etc.
But I don’t even know what a phishing thing is on this server. I have no idea what it is, where it came from or anything like that. It would seem like they could quarantine something like that and contact the site owner and give a 2- or 3-hour window to have them fix it or the account is suspended.
For the record, I kept the live chat open and the support person has not responded to my last question. So I added it again:
P.J.: I take it that means you don’t know if it can be somewhat quickly? I’m sorry to hamper or ask the same question I did before, but I’m in panic mode here.
After several minutes, I got this:
Support: Sorry for keeping you waiting, I have notified our technicians about your ticket once again
And the time ticks away with no real response from the people who can get my site online, however. It’s been almost an hour and a half at this point.
With nothing but an online chat person telling me they have notified the techs.
A couple more exchanges with the live support person made me hope something would be done soon. The person explained there were many walls they had to go through with my site. Soon after the last comment, the site appeared, and, after more than two hours, my sites were back up.
I also got an e-mail detailing what had to be done. There were quite a few things.
The e-mail also said this:
A website defacement is an attack on a website that changes the visual appearance of the site. These are typically the work of system crackers, who break into a web server and replace the hosted website with one of their own. Most times, the defacement is harmless, however, it can sometimes be used as a distraction to cover up more sinister actions such as uploading malware.
There were numerous phishing files that they had to delete from my site. Many. I’d like to know how this all happened and if there’s any way to protect from it.
The e-mail detailed several ways of hopefully stopping this in the future. I will sit down and go through each one and try to do as they say so to work at making sure this doesn’t happen again.
I’m thankful things were fixed. I really am. And, if it took two hours to do — fine. But post an update on the support ticket. Tell me it could take a couple of hours as there were many instances of things that needed to be fixed. Because, when all said and done, I was left in the cold for two hours not knowing what was going on.
I will start research on a new host. Will I change? Maybe. I’d say it’s 50-50 that I might. Not because of the time it took to fix this situation, but because it happened, how it happened and the lack of communication. I have never been 50-50 in wanting to change before, so this is a big step.
Are there ways to stop these attacks? Can I avoid having these phishing things attack my account? These are things I will be asking many hosts as I do my research to see if and where I want to move my sites.
I’ve been with my current host for many years. For the most part, I’ve enjoyed the relationship I’ve had with them. But one bad experience can really ruffle some feathers. So now I need to do some thinking and see where I might want to go or take things in the future.
For now, I’m just happy this situation is over.
Fundraiser: I am, again, trying to raise money for the Relay For Life. If you donate to me — even a small amount — you will be entered to win a super-sweet quilted scarf. Click here for all the information!
Feel free to leave a comment, or e-mail P.J. at hoohaablog [at] gmail.com. Also, please “Like” HooHaa Blog on Facebook!