1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Beware Of Lacehost.com (Webhosting)

Discussion in 'The Shit List' started by pyronaut, Aug 26, 2009.

Thread Status:
Not open for further replies.
  1. pyronaut

    pyronaut Executive VIP

    Joined:
    Dec 9, 2008
    Messages:
    1,229
    Likes Received:
    1,422
    I know some of you use lacehost so i thought i would write this up just so you know what your in for.

    Yesterday i awoke to find that one of my largest Whitehat sites was in a disarray. Alot of content was missing or atleast not where it should be. As it turned out, from what i could see, that somehow an old backup of my database had been pushed onto my account. However no files were touched. Just the database.

    I got in touch with the support desk immediately. And it took about 3 hours of back and forth of the technician doing nothing. Eventually Ishan (Owner of Lacehost), came online and started doing stuff immediately. Which tbh is typical of lacehost. I think the service desk guys are just there to waste your time until you can get ahold of the owner. Anyway Ishan advised me he was going to push the backup they had and then we should be sweet. Cool.

    Well not so cool. It turns out (Or this is what he told me), that my site got messed up the night before, and then AFTER it got messed BOTH the daily AND weekly backups got taken. So essentially the backups he had were of my messed site. Bugger.

    So anyway he flies off again and says he has to go, but the service desk guy will give me an update when he can. Well no shit, 10-11 hours after the original ticket Ishan came back online. And still nothing had been done. The service desk guy said he was waiting for the onsite technician to see if he had backups or something along those lines. But like i say, i think he was just wasting my time till Ishan came back online. Because 5 minutes before Ishan came online, the service desk guy said we were still waiting to head back from the onsite technician. Then as soon as Ishan comes online (5 Minutes later), he says the technician replied. Its just too much of a coincidence in my mind, that ive waited 11+ hours now for this onsite technician, and when the owner gets online suddently he has replied. (And no Ishan is not the onsite technician). Anyway, he told me on MSN to check the ticket as he had replied.

    His reply was :

    Now. This is where it gets really weird. There is no way this happened. I checked my raw logs for my site. Now they wont show the MYSQL logins etc, but they will show if that person even came onto the site (I would think so if they were going to delete shit, they want to see what they deleted etc).

    Also there is another problem. The script i am running is completely custom (more on that later), but when i had it developed. It was developed by a friend of mine. And he put an out of this world password on the admin panel for the CMS he made. Well anyway i had changed the password since then. But with the database changes reverted back, the password had been changed back to what it was originally. So you see there is no way that a "hacker" deleted rows, because he would have also had to known my old password, and just for the lulz hashed it and entered it into the database.

    Not only that, but content we had since taken OFF the site, was back on. So the hacker would have had to also ADD content. So yeah complete BS.

    So i replied to the ticket with this, and told Ishan to read it. Then he started to go on like a broken record, he said to me "Well you tell me how this happened". I mean i dont know how it happened but it happened, and it is a database import of an old database i was running at the end of may. There is NO other way this could have happened other then someone pushing an old backup.

    I certainly didnt do it, i was asleep. My developer didnt do it either, and i find it unlikely he had a backup of the database AFTER he made the site for me. I have had him busy on other projects.

    Here is the chatlog portion :

    Code:
    (11:17 p.m.) Lace Host: 
    & our php guy can check for any security loopholes
    in the script 
    (11:18 p.m.) Wade ~: 
    No there is no loopholes
    As far as i know
    Even with my limited php knowledge
    That there is no php loophole 
    (11:18 p.m.) Wade ~: 
    That a hacker can install a database backup from 2 months ago
    Correct me if i am wrong
    Could be here
    But at a stretch
    I would think thats impossible 
    (11:18 p.m.) Lace Host: 
    yes, there is no way he can do that 
    (11:18 p.m.) Lace Host: 
    unless he has a copy of the backup 
    (11:19 p.m.) Wade ~: 
    Haha man. I am seriously laughing at the stupidity of this whole thing
    Look man
    No hacker has a copy of my database 
    
    Anyway, this incident was only a long string of incidents. They have issues with DDoS attacks because they also host content that i guess people dont like all too much. So i told him enough was enough, and i was going to salvage what i could and move hosts because i couldnt live like this. And could if he could get back to me HOW this happened that would be awesome.

    No shit, he said to me, That he will NOT get back to me, unless i buy another months worth of hosting. I was like... what.. the...hell. I still have several days left on this months hosting. So i told him that that was bullshit as i pay a month in advance and something happened on HIS end. Just to clear some of this up, here is a chatlog portion :

    Code:
    (12:26 a.m.) Wade ~: And you are basically saying
    That if i stay with you
    You will look into it
    But if i cancel at the end of this month
    You wont 
    (12:27 a.m.) Lace Host: yes, that is correct, if you are going to help us investigate, then yes we will look into it, if you are just going to threaten with bad reviews & abuse us, then no, we are not 
    (12:27 a.m.) Wade ~: I will help you look into it 
    (12:27 a.m.) Wade ~: But i am not staying with you guys
    And thats it
    Ive got nothing to lose at the moment 
    (12:28 a.m.) Lace Host: then we cant really help you, 
    
    Anyway, what i THINK happened is this. The day BEFORE, i cancelled a request on another one of my hosting accounts there. Not this one. I suspected they had deleted this account by accident then tried to fix up their mess. I didnt say ANYTHING about this to him, but out of the blue he came out and said this.

    And actually. As i write this, i just thought of something. Around the time of this database being in action. I actually upgraded my plan with them. Which would make sense why he says he restored my "Old Account".

    When it was all said and done. He acted like a 12 year old kid. After i said i was leaving regardless. He said he was going to "ToS" me out anyway for swearing at support staff. Which i did use Sh** and F*** with them (With the stars), because i was so pissed at waiting a whole day for something so simple.

    And then AFTER that, he started saying giving me more offers about guranteed uptime. It was like talking to a mad man. One minute he is telling me he is going to boot me anyway, next he is like "No stay, i will gurantee you 99.9% uptime".

    Conclusion :

    Lacehost has had terrible uptime for me. Not so much in the frequency, but when it goes down you have to deal with absolute morons on the helpdesk that just bide their time. As you can see i waited almost 11+ hours for a response.

    Somehow an old version of my database got pushed onto my account, and he wont tell me why.

    They made up some story about a brazilian hacker deleting rows. Which is 100% false and made up.

    They refuse to tell me what happened to my database unless i sign up with them for another month.

    Any questions or queries ill be happy to provide screenshots of tickets etc until he terminates my account (He hasnt done this yet, i dunno whats going on, ive moved anyway).
     
  2. rexsky

    rexsky Newbie

    Joined:
    Oct 31, 2008
    Messages:
    23
    Likes Received:
    2
    yeah,Im now using lacehost,sometimes my subdomains cannt be accessed!!also had terrible uptime for me!!
     
  3. pyronaut

    pyronaut Executive VIP

    Joined:
    Dec 9, 2008
    Messages:
    1,229
    Likes Received:
    1,422
    Jesus. You have an account at BHW. Never expected that.

    Hey man, all ive done is present the facts. We will never know who did this because you refuse to look into it unless i pay for another months hosting. Even though i still have plenty of time left on all my accounts hosted with you.

    Look, lets be 100% honest here. No hacker has a god damn backup of my database from 2 months ago.

    1. How did he get ahold of it? Did he hack my site two months ago, only take a backup, just so he called import it later?

    2. Why would he bother? Most hackers are in it for the lulz and redirect you to meatspin or vandalize your front page. Your saying with mine they just installed a backup of my database? Cmon man...

    The ONLY way i see it coming from is in your direction. There is too much of a coincidence with me cancelling accounts. And this database being around the time that i upgraded this particular account. Im not sure how WHM works, and if when i upgrade my plan whether it keeps a copy of the old or whatever. So i dont know exactly, but it must have come from your end. Im not blaming you personally, but i am blaming lacehost.

    If you care to prove me wrong do so, like i say, i would love to know how it happened but you refuse to look into it. Im not paying you more money just to find out how the stuff up happened.
     
  4. Pofecker

    Pofecker Senior Member Premium Member

    Joined:
    Apr 4, 2007
    Messages:
    1,137
    Likes Received:
    7,093
    Location:
    In your attic
    I'm hearing conflicting info here.

    Have you guys come up with a solution with this?
     
  5. LaceHost-Ishan

    LaceHost-Ishan Newbie

    Joined:
    Aug 26, 2009
    Messages:
    15
    Likes Received:
    7
    Hello,
    I am Ishan, the guy being talked about. The OP is one of our top paying clients due to multiple accounts. Though higher payment would not be a reason to treat him better than other clients, me & my staff do try it, by providing support over IM, allowing some abuse etc.

    What happened is an issue, I do not disagree. The OP's problems are-
    1. We took a long time to reply. - Yes, we did. This is because we tried restoring 2 other backups & we manually looked for his backups on the secondary drive & other places we sometimes make offsite backups to. Then we had to go through logs to see what happened. According to our senior-most technician who is based in USA,(where the servers are located), he could see access from some Brazilian IP. He searched further & saw deletions of rows in mysql.

    We told the OP about this & that is when he said he is not staying with us anymore & he does not believe it to be true. Well, from his point of view, yes, even I cannot believe what happened, but it did happen. The other 2 possibilites of it happening are out of question, as he won't do anything to his account & as he was our big client, we surely wouldnt mess with any of his accounts.

    2. The options
    We gave him an option of a joint investigation of the problem & also helping him manually restore all lost data to his website, which he said would require a day. We also decided to provide him 2 months of free hosting to compensate for what had happened. He disagreed & threatened to post everywhere and told us that he would leave tomorrow.

    So, we decided the client had decided to leave for good & ended it at that. We have not removed any of his accounts, as they are paid for. We have also suggested a refund of the current payments, but he has declined.

    I do not understand what else can be done from our side. I will leave it for the BHW admins/moderators to decide whether we can really be placed in the Shit List.

    Thank you,
    Ishan
     
  6. Pofecker

    Pofecker Senior Member Premium Member

    Joined:
    Apr 4, 2007
    Messages:
    1,137
    Likes Received:
    7,093
    Location:
    In your attic
    The OP had a right to complain and state his opinion and he's done just that. Lacehost had the opportunity to share their side too.

    I think both of you represented your positions well.

    This seems like a incident that doesn't happen often and the OP was obviously happy with Lacehost at some point. (Since he was their biggest client).

    Business decision were made on both sides and unfortunately it didn't work out for either party.

    I thank the OP and Lacehost for sharing.

    Thread Closed.
     
Thread Status:
Not open for further replies.