TPFC down for the whole of yesterday

[webfork]

We cannot risk having a third party label our network as a source of malicious content as that would adversely affect our other VPSLink customers.

I run a user-maintained database/forum of portable freeware.

Exactly. Since MOST websites have some user-generated content, this is an awful, borderline absurd policy. If none of their other customers have a web forum, I'd be shocked.

As Joby said:

Very dangerous attitude from VPSLink! It is that easy for a third party to have TPFC taken down?

As a site that's almost entirely user-generated content, we don't need to get hacked, we just need one of our users to post ANY link and later point it to a piece of even suspected malware.

If there was some kind of method of remediation (lets say 30 minutes) then action could be taken. Myself or Andrew could potentially get to a computer and unlink the offending content. That they took 24 hours to even give the opportunity to fix the violation just shows they're not serious about their customers. Its like having your car towed and then they'll call you tomorrow when they figure out where it got towed to. Maybe in city government you expect delays, but from web hosting providers? Just a few hours of downtime can seriously damage a startup as emails bounce, search engines drop their rankings, and customers go elsewhere.

So any personal recommendations for new hosts?

If possible, Amazon or Rackspace have a good reputation and are extremely robust, but they tend to be expensive. I'll do some digging.

[Emka]

Since the site is totally in German, I was wondering if someone conversant with German could help us fire off a question to them about their targeting of TPFC?

I could offer my help if you still want to contact clean-mx.de. (However, I would not know much of what I would be talking about...)

[Maxom]

So any personal recommendations for new hosts?

- Must be <$20/month.

- Must have solid uptime. Dreamhost still has frequent network outages, so I am glad I left them. VPSLink has been solid in this regard.

- Must have timely and competent support.

I have just registered with your great site but I am a long-time user. So, let me drop one BIG Thank-you for all the work and passion you put here! I can recommend an amazing hosting service with one possible major disadvantage for you: It's a German site and service. I am pretty sure the team is up to speaking/writing proper English but the whole website is German only. The concept is convincing: You are asked to pay as much as you can and/or wish to afford, starting with a minimum of € 1,--/month and € 0,50 for each domain. Still, since the guys deliver a fabulous (really!) service, very quick, very friendly, very competent, I'd advice anyone to give significantly more (which could still be less than your announced $ 20,--). If you consider giving it a try, check their website (which includes a contact form on every page): https://uberspace.de
Best,
Max

[Andrew Lee]

If there was some kind of method of remediation (lets say 30 minutes) then action could be taken. Myself or Andrew could potentially get to a computer and unlink the offending content. That they took 24 hours to even give the opportunity to fix the violation just shows they're not serious about their customers. Its like having your car towed and then they'll call you tomorrow when they figure out where it got towed to. Maybe in city government you expect delays, but from web hosting providers? Just a few hours of downtime can seriously damage a startup as emails bounce, search engines drop their rankings, and customers go elsewhere.

Couldn't have said it better. And the point was, if it were truly malicious, I would have removed it in the blink of an eye. But I have explained to them that the content is NOT @*#&$ malicious, and how to verify it. They very obviously have not done even a TEENY WEENY LITTLE homework of their own. This is irresponsible to the EXTREME!

Still fuming...

[Andrew Lee]

Let me add two new requirements:

- Must be VPS instead of shared hosting. From experience, shared hosting won't cut it for TPFC. Sooner or later the admin will complain about the load.

- Must be <$20/month and accept payment in PayPal in US$.

- Must have solid uptime. Dreamhost still has frequent network outages, so I am glad I left them. VPSLink has been solid in this regard.

- Must have timely and competent support.

Keep the recommendations coming in please.

It will take awhile to choose and switch to a new host. The choice must be made carefully since it's a lot of work to configure the new VPS (1-2 full days of work, kinda of painting a new house ).

[Andrew Lee]

WRT uberspace, being all German makes it difficult for me to evaluate anything, so I will skip.

But I did stumble across another German-based provider:

http://fanaticalvps.com/

which seems to have pretty good reviews. Their servers are based in Germany though, so I am not sure how much impact that will have on their latency for non-European users.

Only $10/mth for the basic package, and accepts PayPal.

[I am Baas]

@Andrew
If you were happy with vpslink (that is untill this incident) why not write to management and tell what happened? It's possible that their CS did not handle it properly, is it not?

[guinness]

It seems VPSLink doesn't handle complaints, well that's the impression I've got from the emails Andrew has posted.

[carbonize]

I had a similar experience with my host, TotalChoiceHosting, after being with them for years. Admittedly the file was on my server but it was in a temporary folder and their malware scanner had detected it before my own script could do anything about it. They shut down my account and gave me the usual BS. I kept telling the rather ineffective, quite possibly foreign, support people that whilst the file may of been malicious it had a tmp extension so couldn't even be run anyway. In I put a post in the forum saying how disgusted I was and I wanted to complain before I left them. In the end the guy who owns the company actually apologised and disabled malware scanning of my webspace.

To be honest TotalChoice have been pretty good to me over the years and the tech staff really know their stuff. Not sure if they take PayPal but might be worth looking at.

[m^(2)]

Just last week my friend had his Yahoo site brought down because he hosted Upacked files on it.
Seriously, the AV companies are a big WTF, but those who rely on them to punish their customers are even worse.

[guinness]

How about this >> http://vpsnoc.com/Unmanaged_VPS.html

Definetely! You need your VPS to be available 24x7. If your monthly uptime is below 99.9% we will credit your account to the tune of your monthly fee. (This does not include scheduled maintenance to maintain and improve your service, or downtime that is out of our control.)

PayPal, Credit Cards & Debit Cards Accepted.

I found this from the wiki page about VPS hosting as it linked to their page about the benefits of VPS hosting.

[webfork]

You are asked to pay as much as you can and/or wish to afford, starting with a minimum of € 1,--/month and € 0,50 for each domain. Still, since the guys deliver a fabulous (really!) service, very quick, very friendly, very competent, I'd advice anyone to give significantly more (which could still be less than your announced $ 20,--).

That's really cool uberspace has that.

As the site is about freeware, I'd like to think that someone would be willing to host it as a charity gig and point all our banners and other stuff to other charity sites. It might not be the same as running a soup kitchen, but its something that I think helps popularize the philanthropy of developers who give away their work for nothing, as well as give an alternative to people who can't afford commercial software.

However, I wouldn't know where to begin looking for an arrangement like that.

[Andrew Lee]

http://vpsnoc.com/blog/vpsnoc-company-o ... ification/

Sounds like VPSLink when they were bought over last year.

[guinness]

I failed to check the Blog, sorry about that. Apart from that hiccup is it on the right lines to what you're looking for?

[Midas]

Just got word of this (ugly) affair. VPSLink actions are totally unacceptable, as their loyalty should be with their paying customers, not with some foggy -- and reportedly incompetent -- overseas malware checker. Let me repeat it: that is no way to treat a customer. Period!

Have no suggestions for hosting, but will keep a vigilant eye about. Totally agree that mirroring should be considered, if only as a backup strategy. Thanks for all the generous contributions. Thank you, Andrew. Keep up your great work.