I know some of you use lacehost so i thought i would write this up just so you know what your in for. Yesterday i awoke to find that one of my largest Whitehat sites was in a disarray. Alot of content was missing or atleast not where it should be. As it turned out, from what i could see, that somehow an old backup of my database had been pushed onto my account. However no files were touched. Just the database. I got in touch with the support desk immediately. And it took about 3 hours of back and forth of the technician doing nothing. Eventually Ishan (Owner of Lacehost), came online and started doing stuff immediately. Which tbh is typical of lacehost. I think the service desk guys are just there to waste your time until you can get ahold of the owner. Anyway Ishan advised me he was going to push the backup they had and then we should be sweet. Cool. Well not so cool. It turns out (Or this is what he told me), that my site got messed up the night before, and then AFTER it got messed BOTH the daily AND weekly backups got taken. So essentially the backups he had were of my messed site. Bugger. So anyway he flies off again and says he has to go, but the service desk guy will give me an update when he can. Well no shit, 10-11 hours after the original ticket Ishan came back online. And still nothing had been done. The service desk guy said he was waiting for the onsite technician to see if he had backups or something along those lines. But like i say, i think he was just wasting my time till Ishan came back online. Because 5 minutes before Ishan came online, the service desk guy said we were still waiting to head back from the onsite technician. Then as soon as Ishan comes online (5 Minutes later), he says the technician replied. Its just too much of a coincidence in my mind, that ive waited 11+ hours now for this onsite technician, and when the owner gets online suddently he has replied. (And no Ishan is not the onsite technician). Anyway, he told me on MSN to check the ticket as he had replied. His reply was : Now. This is where it gets really weird. There is no way this happened. I checked my raw logs for my site. Now they wont show the MYSQL logins etc, but they will show if that person even came onto the site (I would think so if they were going to delete shit, they want to see what they deleted etc). Also there is another problem. The script i am running is completely custom (more on that later), but when i had it developed. It was developed by a friend of mine. And he put an out of this world password on the admin panel for the CMS he made. Well anyway i had changed the password since then. But with the database changes reverted back, the password had been changed back to what it was originally. So you see there is no way that a "hacker" deleted rows, because he would have also had to known my old password, and just for the lulz hashed it and entered it into the database. Not only that, but content we had since taken OFF the site, was back on. So the hacker would have had to also ADD content. So yeah complete BS. So i replied to the ticket with this, and told Ishan to read it. Then he started to go on like a broken record, he said to me "Well you tell me how this happened". I mean i dont know how it happened but it happened, and it is a database import of an old database i was running at the end of may. There is NO other way this could have happened other then someone pushing an old backup. I certainly didnt do it, i was asleep. My developer didnt do it either, and i find it unlikely he had a backup of the database AFTER he made the site for me. I have had him busy on other projects. Here is the chatlog portion : Code: (11:17 p.m.) Lace Host: & our php guy can check for any security loopholes in the script (11:18 p.m.) Wade ~: No there is no loopholes As far as i know Even with my limited php knowledge That there is no php loophole (11:18 p.m.) Wade ~: That a hacker can install a database backup from 2 months ago Correct me if i am wrong Could be here But at a stretch I would think thats impossible (11:18 p.m.) Lace Host: yes, there is no way he can do that (11:18 p.m.) Lace Host: unless he has a copy of the backup (11:19 p.m.) Wade ~: Haha man. I am seriously laughing at the stupidity of this whole thing Look man No hacker has a copy of my database Anyway, this incident was only a long string of incidents. They have issues with DDoS attacks because they also host content that i guess people dont like all too much. So i told him enough was enough, and i was going to salvage what i could and move hosts because i couldnt live like this. And could if he could get back to me HOW this happened that would be awesome. No shit, he said to me, That he will NOT get back to me, unless i buy another months worth of hosting. I was like... what.. the...hell. I still have several days left on this months hosting. So i told him that that was bullshit as i pay a month in advance and something happened on HIS end. Just to clear some of this up, here is a chatlog portion : Code: (12:26 a.m.) Wade ~: And you are basically saying That if i stay with you You will look into it But if i cancel at the end of this month You wont (12:27 a.m.) Lace Host: yes, that is correct, if you are going to help us investigate, then yes we will look into it, if you are just going to threaten with bad reviews & abuse us, then no, we are not (12:27 a.m.) Wade ~: I will help you look into it (12:27 a.m.) Wade ~: But i am not staying with you guys And thats it Ive got nothing to lose at the moment (12:28 a.m.) Lace Host: then we cant really help you, Anyway, what i THINK happened is this. The day BEFORE, i cancelled a request on another one of my hosting accounts there. Not this one. I suspected they had deleted this account by accident then tried to fix up their mess. I didnt say ANYTHING about this to him, but out of the blue he came out and said this. And actually. As i write this, i just thought of something. Around the time of this database being in action. I actually upgraded my plan with them. Which would make sense why he says he restored my "Old Account". When it was all said and done. He acted like a 12 year old kid. After i said i was leaving regardless. He said he was going to "ToS" me out anyway for swearing at support staff. Which i did use Sh** and F*** with them (With the stars), because i was so pissed at waiting a whole day for something so simple. And then AFTER that, he started saying giving me more offers about guranteed uptime. It was like talking to a mad man. One minute he is telling me he is going to boot me anyway, next he is like "No stay, i will gurantee you 99.9% uptime". Conclusion : Lacehost has had terrible uptime for me. Not so much in the frequency, but when it goes down you have to deal with absolute morons on the helpdesk that just bide their time. As you can see i waited almost 11+ hours for a response. Somehow an old version of my database got pushed onto my account, and he wont tell me why. They made up some story about a brazilian hacker deleting rows. Which is 100% false and made up. They refuse to tell me what happened to my database unless i sign up with them for another month. Any questions or queries ill be happy to provide screenshots of tickets etc until he terminates my account (He hasnt done this yet, i dunno whats going on, ive moved anyway).