Account Suspensions and how to deal with them

[Dave A]

I have no problem with the hosting company suspending the account until the problem is resolved.

Where things get tricky (and you've said this before, Rudi) - often the client doesn't have the skills to identify what is causing the problem, or to resolve the problem, and at times doesn't have access to the tools needed either.

Just how far do you go as the hosting company to help resolve the problem?

Well, if the client is on "supported hosting", I think you need to do what it takes to secure the site. Not patch the code, perhaps, but identify the user profile that's been hacked / shut down email sending / change insecure folder write and execute permissions...

I had a redundant sub-account hacked earlier this year on an overseas server. The hosting company identified the hacked profile, disabled the user, and sent me an email telling me what they had done. In this case I simply deleted the user profile as the site had been moved elsewhere.

Obviously there are a number of potential scenarios. I suggest as a bare minimum, the host should bundle the site into a backup that is made available to the client to download. Just deleting the whole account (even if the onus is on the client to maintain their own backups) simply isn't on i.m.o.

[SilverNodashi]

I have no problem with the hosting company suspending the account until the problem is resolved.

Where things get tricky (and you've said this before, Rudi) - often the client doesn't have the skills to identify what is causing the problem, or to resolve the problem, and at times doesn't have access to the tools needed either.

So, how would you suggest we rather approach this problem? i.e. what would you rather expect your host do for you, or try and do for you if you're in this situation?

And I'm seriously looking for some useful input in this regard. let's help make life easier together.

Just how far do you go as the hosting company to help resolve the problem?

I was up till 2am this morning helping a client with exactly this kind of situation. She notified me yesterday morning that one of her sites got hacked. I got to bed after 2am - my family got about zero time with me. supper was behind the laptop. And this is not an isolated case, this is how it goes.

But, are (hosts) responsible for client's hacked websites, due to their lack of knowledge in this field?


the hosts who don't help their clients are labeled as bad hosts - the internet is scattered with stories about hosts who shutdown clients sites with no help at all.



On a different note, just like you I run a business and I need to pay someone to support the clients. Support, especially in our industry doesn't make any money at all. It costs money to have the techs, office furniture, PC's, phones, etc. And while one can argue that if there was no support, the equipment will fail and the clients will move on, one can also argue that if the client knew how to operate the equipment properly support would be less of a burden. Surely if everyone who wanted to have a website actually spend some time to learn how the internet works, how websites work, how email works, etc their own work would have been more productive?
There's a reason why internet in our country is so expensive - clients think that the ISP should be their general IT support department as well, all for R15/pm.

Well, if the client is on "supported hosting", I think you need to do what it takes to secure the site. Not patch the code, perhaps, but identify the user profile that's been hacked / shut down email sending / change insecure folder write and execute permissions...

But where do you draw the line? Would you pay more for a "full support hosting account", than a no "support hosting account"? Be honest. Would you rather pay R20/pm, or R200pm for a hosting account?


How many people do you think would really add a monitory value to support?

I had a redundant sub-account hacked earlier this year on an overseas server. The hosting company identified the hacked profile, disabled the user, and sent me an email telling me what they had done. In this case I simply deleted the user profile as the site had been moved elsewhere.

We do this as well, but in your case you're probably on a VPS or dedicated server and could take action yourself. Most websites on the internet is on a shared server and the client doesn't have direct access to disable, or delete a user account like this.

their account is either active ( and causing havoc on the internet) or disabled.

Obviously there are a number of potential scenarios. I suggest as a bare minimum, the host should bundle the site into a backup that is made available to the client to download. Just deleting the whole account (even if the onus is on the client to maintain their own backups) simply isn't on i.m.o.

We give the clients the option to download a backup of the website. But how do you download a 8GB account?



I'm very open for suggestions, and discussion on this one. But I sometimes also think that clients need to remember that the supplier is also just another person, not a robot.

[Dave A]

But where do you draw the line? Would you pay more for a "full support hosting account", than a no "support hosting account"? Be honest. Would you rather pay R20/pm, or R200pm for a hosting account?

I've always paid the extra for a "supported hosting" package. Generally the cost isn't that much extra - at least once we get past the oversellers which should be avoided anyway the moment you realise you've got a site with some traction.

Let's talk minimum standards for a moment.

I suggest, even if you are an overseller doing $5 per month hosting, the very least you can do instead of just deleting an account is backup the account for transfer and store the file before shutting the account down. Better still, add a db and file backup as options for the client to download.

The next thing is at least take a look at the log files for anything obvious. Most shared hosting web site owners haven't got a clue what they're seeing when they look at a log file - if they've even got access to them. If it's a high volume exploit, the script call should stand out and you know where to start looking. From there you can at least point the client in the right direction.