Latest Announcemnent
New thread

Hosting charging extra/suspend for site getting ddosed?

Status
Not open for further replies.
T

The90sKid

Active Member
305
2010
39
0
I know a few offshore hosting who are well known and popular. Some of these are on WJ who charge the site owner if they get ddosed. Some even have in their terms & conditions that they will get suspended if it happens more than twice and remaining money won't be refunded.

I think these terms & conditions are grossly unfair.

they make these terms like the site owner actually has a choice their website is getting ddosed.

I did own a forum in the past where a member who i banned for trying to post phishing links on the forum got mad and decided to ddos us for 3 days straight. I got hit up by a $90 fee. $90!!!! =P~ The thing that upset me the most was that i specifically requested to buy extra ddos protection service before this all happened but the hosting company said they don't provide that. I also originally wanted to buy a dedi but this particular offshore host which i wont name was very popular on WJ at the time and their dedi's were out of stock so i was basically forced to use VPS.

I understand getting ddosed is a huge load on their servers and can affect other sites on the same server but why penalize the site owner for something they can't control. the site owner can't go. hey guy who is ddosing. please stop. ddoser will say Ok i will stop. lol it doesn't work that way.

anyway iam partly venting because i guess i had my heart set on signing up to new great hosting company tonight.and i read the terms & conditions and their terms say the account will get suspended if it happens more than twice and person will not get their money back which worries me as i had planned on buying 12 months. :( So now i don't think i will sign up with them anymore.

do all hosts charge for getting ddosed if you are on shares or VPS? Has anyone ever been suspended because their site was getting ddosed?
 
11 comments
Hello,

That the webhosting provider suspends you for being ddosed is normall, because otherwise every client on that server will get offline and nobody wants that.
But i am sure that not every webhosting provider charges the customer for a ddos attack.
 
In these kind of case better ask for your backup's and without paying a penny move on . Use some DDoS techniques on your server , use cloudflare to hide your main ip so that if in case he start ddos then he shouldn't able to target server eventually . There are many offshore providers who can help you to sort the problem out . If you need a dedicated server then head over to the dedicated server marketplace and choose the best out of providers .

I feel it kinda waste to pay when its not in your hand , better to move on with the backup's and find some other valuable source who is professional enough to host your site with a ease .
 
Majority of decent companies have some kind of automatic nullroute if your IP address gets flooded to level it starts effecting other clients on certain network segment. Once nullrouted, responsible person in the company gets notified, check netflows to catch attack type / size and apply ACLs on the network level to combat the attack if possible. Keep in mind one must have a powerful infrastructure, proper datacenter with quality network equipment that can handle PPS and enough network pipes / bandwidth capacity. If the attack is bigger than their pipe, there is nothing they can do though.

Keep in mind you will have to move to a specialized DDoS protected provider(Like BlackLotus or Staminus) if the attacks are really too big.

Some companies may charge you for the damage towards other customers, bandwidth overuse etc, but it shouldn't happen if they have a proper setup in place to nullroute IPs right away to minimize the damage.
 
axl said:
you can install anti (D)dos here:
Code: 
http://deflate.medialayer.com/
Click to expand...

While this is a nice tool to block IPs with more than X connections to the server, I believe we are discussing about a bit bigger and complex attacks in this thread.

P.S CSF is widely used nowadays, it comes with CT option which basically does the same as deflate script you linked, no need for both.
 
- some privider do that just a trick for charger client but when you ask can their provided the ddos data to your vps or etc
they can't do that coz just trick
- some provider if good provider they will be provided the ddos data and what ip got ddos ..not only write "hey your site got ddos and must moved but charger xxx dollar lol"
- if provider has been say that.. final decision you moved to another provider more good then you pay charger 90 usd
 
-sky- said:
- some privider do that just a trick for charger client but when you ask can their provided the ddos data to your vps or etc
they can't do that coz just trick
- some provider if good provider they will be provided the ddos data and what ip got ddos ..not only write "hey your site got ddos and must moved but charger xxx dollar lol"
- if provider has been say that.. final decision you moved to another provider more good then you pay charger 90 usd
Click to expand...

Not likely. What would be the point? Companies invest a lot of money in marketing and sales to get clients, no point kicking them out just like that? All normal companies would always prefer a long-term client than charging a client one time fee before kicking him out.
 
The problem with unprotected hosting companies or offers is that when the ddos attacks comes to your server, there's also lots of traffic.
The hosting company gets charged by the upstream provider and then they charge the client for bandwidth use.

So hosting your server without ddos protection is a trap.
The best solution is not trying to get a 'free script' from somewhere and hope that the attack won't be custom and not TCP based.

The other problem is that due to constant attack volume growth, it's going to get quite nasty very soon, and hope you will be protected :)

Meanwhile some hosting companies offer free ddos protection as a complimentary feature with their servers.

It's up to you whether to pay $100 a day for the bandwidth or to have ddos protected server for a 30-40% extra to average price of unprotected server.
 
@cloudcom, You said truth. But think about offering free DDOS protection on cheap offshore plans. The truth is most of them just use Cloudflare or a H/W firewall and that is not a real DDOS protection at all. A real DDOS protection requires capability to handle heavy number of packets and higher B/W pipes; Obviously these things are not cheap.
 
A real company will not charge you for no reason.

Being that it was a vps it should have been null routed, but in cases of them allowing it to go on it was your choice to keep it up which they ended up charging for bandwidth overuse which they usually charge a base amount for what they purchase from the datacenter.

If you opted for ddos protection then they would of charged you for whatever the ddos protections bandwidth did not cover.
 
Status
Not open for further replies.
Back
Top