Cristian Livadaru's blog

... think again ...

You Get What You Pay For

Some time ago I got an hosting account at a cheap company (I won’t mention any names). All was good and fine until the trouble started.

1. No detailed access logs

There is no way to see who logged in when over ftp. The only thing that is logged is the access over the web interface. This is not enough! I just found out that several index.html and index.php files where modified between april and may. They all where “infected” with some extra javascript code. Funny enough, somewhen during this time there was a modification to the FTP server of that provider. All passwords where modified and you had to change the password over the webinterface for all accounts. Strange isn’t it. There was no official statement about anything getting hacked. 

2. Useless webstats

One of my sites hosted there had in a day about 200Gig traffic. Although they promise you about 5000 Gig traffic per month, all my sites where locked down due to bandwidth exceeding. Support told me this:

All ***|** accounts are allowed to use 167 GB of transfer per day. If you site goes over this limit it will be taken offline until the next day. 

 I tried to find anything about this on their website and find no trace about this limitation. Anyway, the reason for the huge traffic amount was of course someone with bad intentions. It is weird since there is no real website on that account. It was used for exchanging larger files (legal content, no piracy) and nothing that would really be of interest to someone. I couldn’t find out what was downloaded and from where to cause such huge traffic, the support was of no help and ALL MY SITES WHERE OFFLINE for one day. Really all of them! Not just the one causing the traffic. 

There where some other minor issues why I don’t like this provider, but they I can’t remember now and anyway, like I mentioned, they where minor issues. The two big issues I mentioned above is the reason why I will cancel my account. 

 

oh yes … one of the minor issues is they don’t support sFTP or FTP with SSL, just plain unencrypted FTP. Not very nice.