Monday, November 23, 2015

Why I Love Hostgator, Redux

I'm sure I've mentioned this before -- if not, I certainly should have -- but I love Hostgator. No, that's not an affiliate link. But I do recommend them.

I didn't love them this morning, but that was a temporary thing that was, as always, resolved by their excellent customer service once the matter got to a live person. And that's been the case over and over in the eleven years or so that I've been a customer.

It started with a clearly automated email this morning, right after I put out the day's edition of Rational Review News Digest. An excerpted/redacted digest of the email:

Unfortunately, we have been forced to temporarily restrict access to MySQL for knapp on [nameserver redacted]. Please take a moment to review this email in full as it contains important information and resources to assist you in resolving this issue. ... Why did this happen? Per our terms of service (http://www.hostgator.com/tos) a single hosting account may use no more than 25% of the entire server's resources. Accounts are typically not actively restricted until they exceed those resource limitations exceptionally. Unfortunately, in this instance, we were forced to place a temporary restriction on your user to prevent service issues with the server's over-all system performance.

Accompanying the message were some logs, which told the story: One of my sites (RRND, actually) was under attack, with bazillions of MySQL queries coming in, many of them for stuff that didn't actually exist (the small number of valid ones were presumably real visitors). The message didn't include any IP information on where these queries were coming from, and as part of the lockdown, when I went to "raw logs" in my cPanel dashboard there was no information there, either.

So I was under attack, Hostgator had shut me down through automation rather than human examination, and I had no way of just blocking the attackers by IP (assuming there were limited IPs they were coming from -- if it was a botnet, I was screwed on that anyway).

I got real hot under the collar, real quick, not just at the attackers but at Hostgator. Let's just say that I was looking at other web hosts while I waited for my a response to my multiple nastygrams in reply to what became multiple instances of the above.

But then the sun peeked out from behind the clouds ... as soon as a human being at Hostgator got my nastygrams, I got this response:

This does appear to be a directed attack against your site. Unfortunately this was caught by they automated system which is simply unable to make that distinction. I have lifted the restrictions on your site and [redacted -- he did some stuff that I won't reveal because why give the bad guys information that might help them next time?] to prevent these from being a continuous issue ...

That's customer service, folks. Yes, it took a few hours, but then again the whole thing started at oh-dark-thirty and I'm sure there were plenty of other customers with similar things going on. They got to me pretty quickly, and resolved the issue perfectly as soon as they did.

It's also a wake-up call in one respect. I try to run clean sites in terms of not being a resource hog (e.g. W3 Total Cache), but RRND isn't on CloudFlare yet. I tried Cloudflare a few years ago when it was brand new and had some problems. Since then, I've successfully implemented it with a different site, but hadn't gotten round to trying with RRND again. I'll be doing that over the long weekend. Cloudflare will be yet another layer of caching and security to minimize my load on the server and help stop attacks before they really get going.

No comments: