Avid readers have probably noticed site being down heavily during the recent period of time and it all comes to the company I have been trusting the maintenance of my server - LogicSupport.
This review passes on my experience with them after everything settled as I did not want my initial emotion to affect it. It is also a good read for everyone having a company - this is the good example of how not to treat the clients.
LogicSupport services
What LogicSupport offers is server administration service. When you have a dedicated server you naturally want to keep everything in good shape, and not worry about security, patches and generally keeping it running so that's why you opt for one of these companies. I signed up to LogicSupport and went for their 'Titanium Server Administration' plan.
Little did I know what will come next.
How things went wrong
During first day of their service, they installed a security package to the server. One of the first things that I noticed was that their reports were very scarce. You would expect a full report of changes made to the server according to the plan you paid for.
The trouble begins when their admin installed Eaccelerator on my server although it was running SuPHP (for less technical folks these two do not work together). The result was that immediately PHP service was not working anymore, resulting in all sites on the server going down. Worse then that, everyone accessing the sites from that moment on, would now see the PHP source code of the page instead the compiled PHP output. So that means that anyone opening wp-config.php on my site could see my MySQL database host, user and password!
As soon as I notice the problem I send them a ticket. Notice that I noticed the problem, although a part of their service is monitoring your server and making sure everything works (this is a trend that continued with them). Seeing they have not done anything in next two hours I had to log in and find the problem, and disable Eaccelerator myself.
The bigger problem I am left now was that hackers had a window of about two hours during which all sites were fully exposed, and they could have get hold of all passwords. LogicSupport does not recognize this threat, so I manually turn off http, mysql and ftp and write them a ticket about it, explaining the severity of the new situation.
The first admin on the other side in the meantime disables SuPHP (he is probably still trying to get Eaccelerator to work), and restarts all services!
Now because SuPHP is disabled, caching plugins can not write anymore to the folders on disk, causing the resource usage to skyrocket (this is a pretty busy server with several huge sites on it and nearly million hits a day).
As soon as I notice that I write them a ticket. But instead reverting the changes they propose the following:
That being said, we will only suggest that suspending accounts as the final option.
I was shocked as although I have explained them what caused the problem, their only suggested reaction was to suspend the account (these are high traffic sites and any downtime causes big monetary damages). I insist that they don't touch anything and I proceed to manually turn on SuPHP so the sites can work again.
To my surprise while I was doing that, they completely remove the databases from two high traffic sites despite my firm instructions not to disable the accounts (technically they did not suspend it but removing the database has the same effect). So even when I restore SuPHP I now face 'Error establishing database connection' message when I try accessing the sites.
This is when it became clear to me that I am dealing with very inexperienced people (this was a second or third admin by that time who was working on the case).
I finally manage to speak with the manager over the phone after sending two or three tickets during the day instructing he should immediately call me (there is no direct way to contact anyone, no phone number or manager email on the site).
He finally calls and offers apologies. The sites start working again late in the night after 14 hours of downtime and security exposure.
I am exhausted and uneasy to wake up in the morning.
Unfolding of the case
The morning brings an email from the PRM on the server (one of the monitoring services), stating that one of the services was generating too many processes. It was a first sign of hacker intrusion so I immediately write a ticket to them (again I had to diagnose the problem).
Here is the reply of a new admin (I think the fourth now working on the server).
The message that you received is send from PRM. The Process resource monitor(PRM) is a programme that kills a process automatically if the process exceeded its resources usage and emails you when its killed. This is included in the phase three installation and now we have temporarily disabled PRM in the server.
To my utter surprise he does nothing to inspect the problem or check for intrusion. The solution he offers is simply to kill the notification service. No notification - no headache!
By this time I am already determined I want them out of my server, I just want to minimize the damages and have them undo everything. I am left with a whole day of downtime, possible security threat and a big headache.
Trying to settle
Finally one of the co-owners of the company writes offering an apologize and money back. That's $70 of money back, while the damages we are talking about are in the range of $2,000 (caused by downtime of major sites and whole day of my time). He offers explanation of what happened.
After going through the ticket number, and my meeting with Nycin yesterday, he is given notice of suspension. As we cannot fire a person without notice due to legal obligations in India, we have issued him a warning notice and moved him out of the team already. You wouldn't believe how frustrated I was by the reply he gave me during our interrogation. Well, he did not inform you about the possible outcome nor did he spend time studying the php environment on your server. He was also going through certain personal issues himself which is irrelevant to be detailed in this email. He stated that as a reason for hurrying through the installation. The fact that he was trying to be helpful does not take away anything from the mistake he committed.
I seek a sign showing they understand the severity of situation caused by them. I insist on writing the review of their service on a popular webmaster forum but their management is firm in belief that these kind of things just happen and point out that I have signed the TOS which basically strips them of any responsibility on the damages done on the server.
My last email to the owner was frowned upon, he calls me a blackmailer :) (I can now laugh to this whole case, God knows how stressed was I at the time)
Here is my email:
As a company manager you should know that it is disrespectful to offer something worth $70 to compensate for the damages worth almost $2000, especially when the guilt is entirely on your end.
You should be able to offer a full year of service. During that year I will be closely monitoring your service. I will be writing my review then instead. If another serious incident happens in the meantime then something is deeply wrong withing the structure of the company and the world deserves to know. If everything is ok then you will be getting another customer.
And here is the review. I have all the ticket correspondence in case anyone is curious for more details.
Conclusion
I admit a mistake on my part, trusting a valuable server to such a low-cost service (in my defense, I was blinded by favorable reviews I read about them beforehand and I did go for their most expensive plan hoping I would get the best service).
On the other hand I am now on a way to run a web startup company and as such this whole experience however bad it was, was a good lesson. Managing the company is much more then just counting the money.
Other reviews
- adroitCoders - web development
- Icreon - SEO services
Continue reading:
- adroitCoders Review – Development outsourcing that works
- Rankpay review – Pay per rank SEO is the way into the future
- Icreon review – Do yourself a favor and run
Posted in: Rants
TAGS:gamble php source, logicsupport review, logicsupport reviews, prm process resource monitor, where config php
Hi! My name is Vladimir Prelovac. I am a computer engineer by profession and an adventurer by state of mind.
5 Comments
For a person like you its easy to detect what caused the error, for a person like me.. the hosting companies just put the blame on me and escape with it. Cant really find a solution for it. Any inputs?
Sorry to hear of your troubles Vladimir. May I suggest looking into http://www.jaguarpc.com as a hosting and management system. I have used them for 3 plus year now very happily. The owner and top management are approachable and reasonable. First level support fails once in a while in all web hosting/support companies, it is how the next level deals with the problems that makes some companies shine above others. JaguarPC shines in that area. Level three support at JPC is unbeatable.
Just a reader sharing his opinion - nothing to gain by the words above.
Wow,
Nasty.
I have to admit, I have had problems similar with people who just don't care, or understand how important my biz uptime is, that the cheap prices I pay for hosting is nothing compared to the money lost due to slow servers/ or failures..
In the end I have split my websites amongst 3 different hosting companies -- hostgator, dreamhost, and now justhost.com.
good hosting in a bunch of different countries is the way to go.
I even avoided dumping in my affiliate links.
The customer is always right - thats what I believe in, being a customer myself in some situations and the service provider in others
Thanks for sharing. Glad you are already laughing.
The site looks great. I am looking forward to that SEO book!