Fasthosts and UKreg: why you should look elsewhere

Posted by Tim Ireland at October 17, 2007

Category: The Political Weblog Movement

This entry was posted on
Wednesday, October 17th, 2007
at
10:14 am and is filed
under The Political Weblog Movement.

[Note – UKreg is part of the Fasthosts Internet group, which in turn is a subsidiary of United Internet AG.]

If Fasthosts were a human being, I would have them rushed to the nearest hospital for observation; they appear to be operating without a spine, and the lack of coordinative function between the left and right hand alone is a clear sign that there is something seriously wrong with the brain.

Late last Wednesday, the UK-based site BobBear was the victim of a dual attack involving a DoS attack and a joe job; a clumsy effort to damage the site’s operation and reputation which was almost certainly the work of one of the many scam artists the anti-fraud website targets.

Early on Thursday, the highly reputable IT security company Sophos reported the joe job, and BobBear site administrator Bob Harrison was in touch with his provider Fasthosts informing them that a joe job was in progress.

On Friday, Fasthosts removed the website from service – without warning – by suspending the domain.

Bob Harrison tried repeatedly to find out why, but received nothing beyond the initial domain suspension notification.

It wasn’t until late Monday afternoon that Fasthosts reactivated the domain name, and that was only after a round of (yet more) negative publicity for the company and the support of the police!

Fasthosts then responded by refusing to respond to related enquiries from the press:

vnunet.com – Spammers trash anti-money laundering site (with a little help from the hosting company): The British site, run by Bob Harrison, is frequently targeted by malware writers eager to take it down. Now, after a new attack, his domain host UKReg has done it for them. A dual-pronged assault launched this week consisted of a denial-of-service attack against the site, and a spam campaign which purported to come from the site and requested that money be sent to support the operation via an e-gold account… No-one at UKReg was available for comment at time of going to press.

The Register – Anti-fraud site turfed offline after joe job attack: Bobbear’s host Fasthosts responded to the bogus emails by suspending the Bobbear.co.uk domain, much to the annoyance of site administrator Bob Harrison. “They [Fasthosts] took the website down on Friday morning without any warning, despite the fact that I had notified them on Thursday that there was a massive ‘joe job’ in progress and that they would probably receive lots of unwarranted abuse reports,” Harrison explained. “Since Friday morning I have tried via email and telephone to get an answer from them as to what was going on but I never received anything apart from the initial domain suspension notification. The spam emails, which were badly worded and full of grammatical errors, were coming from zombie machines – none of which were on Fasthost’s domain.” … Bobbear enlisted the help of Sophos and its contact at Scotland Yard on its behalf, bearing fruit on Monday afternoon when the site was restored. “To have the domain go down so soon after a spam attack has hit the credibility of the domain,” said Harrison. “Without the publicity and help from the police I don’t think the service would have been restored.” … No one from Fasthosts was available for comment at the time of going to press.

All of this sounds strikingly familiar (and newcomers can see a timeline of my own personal experiences here), but Bob Harrison should count himself lucky that Fasthosts didn’t also respond to their foul-up by bad-mouthing him while they held all the cards.

Let me make the guts of this absolutely clear; it was the intention of an unknown money-laundering criminal scumbag to bring the BobBear site down and damage its reputation, and it only managed to do so with the (hopefully unwitting) cooperation of Fasthosts.

To paraphrase Craig Murray, I think I should make my views on Fasthosts quite plain to you…

If you are currently hosted by Fasthosts, and/or if your domain name is managed by them via UKreg, you should move to another service provider and you should do it TODAY. Otherwise, you risk the sudden removal of your website as a result of a nuisance complaint.

A false or baseless complaint could come from a political or business rival, someone with a personal beef, or even a mischief-maker simply out to cause trouble. There is no certainty about where it will come from or what form it will take; the only thing you can rely on is that you should not rely on Fasthosts when such problems arise.

They will leave you high and dry, they will shut you out, and when it finally becomes clear to them they that got it wrong, they will either refuse to admit it, or simply refuse to speak of it.

And if you doubt my word on that, check out what I did (and didn’t) manage to wrestle out of Fasthosts yesterday:

At midday yesterday, I called Richard Stevenson, who is in charge of PR for Fasthosts. He initially claimed to be rushing off to a meeting, but did take the time to express surprise at any suggestion that he was contacted by vnunet.com or The Register and subsequently “unavailable for comment”. He asked me to put my questions(s) in writing, so I did.

In my email, I put 7 questions to him, and informed him that I planned to publish a report on the BobBear.co.uk matter (and how it related to the Alisher Usmanov affair) that afternoon, and would therefore appreciate a timely response.

Richard Stevenson, who appears to earn a living from hiding under his desk most of the time, responded by taking it right down to the wire with an email response at – get this – 5:26pm!

Just before scuttling out the door for a well-earned pint? I’d ask, but wouldn’t expect a straight answer. My first and primary question related to him claiming over the phone that he had not been approached by vnunet.com or The Register for comment, and he skipped right over it.

Here’s that statement in full:

Concerns were brought to our attention regarding a website being hosted by Fasthosts. In this case, Fasthosts received in excess of 20 separate SPAM complaints regarding UCE spamvertising bobbear.co.uk. In line with Fasthosts’ set procedure, the company’s Abuse Team reacted to the complaints and in adhering to our Terms & Conditions, took the single domain off-line.

Once Fasthosts had received validations that the site was legitimate, the website was restored as soon as possible.

Fasthosts hosts hundreds of thousands of websites and manages over 1 million domain names. It is therefore not possible for the company to routinely monitor the content of these websites. Our anti-SPAM policies are an important aspect of our service and are in place for the protection of all Fasthosts customers.

I’ll get back to the questions that were ignored in a moment; first, I want to spell out what Fasthosts are saying here and how it reinforces my point:

Contrary to what this statement suggests, nobody asked Fasthosts to routinely monitor over 1 million websites; they were only asked to take certain circumstances into account for one single website in pretty extraordinary circumstances. This is called customer service. Bob Harrison informed them directly that this was a ‘joe job’ and he had the backing of Sophos at this time!

In this statement, Fasthosts deny that the circumstances were in any way extraordinary and send a message to their customers that – if put in the same situation in the future – they would act in exactly the same way…. i.e. favour a bunch of money-laundering gangsters ahead of their victim, just to be on the safe side, and not reinstate the website until Scotland Yard speaks up for the victim!

I’ve been threatened with false submissions to “distributed blacklists” and the like by the administrator of a certain high-profile right-wing website that shall remain nameless, but I can’t help but wonder if that person knew how easy it would be to shut me down as a then-customer of Fasthosts.

If you are hosted by Fasthosts and/or your domain name is controlled by them, all I have to do to have your site taken offline – manually or via a joe job – is generate roughly 20 false complaints that you have violated their terms of service.

Further, the Alisher Usmanov affair teaches us that – if you are persistent/convincing enough – there is a very good chance that Fasthosts will eventually decide that they’re better off out of it and terminate their relationship with you entirely.

The resulting downtime could stretch into days or weeks. Often, in this busy world, that marks the beginning and the end of a story, even if there is no conclusion.

Am I reaching you yet?

You do not have to run a political website or say anything contentious about a business rival to be a potential victim. You could lead a blameless life running an ethical business and eventually come to the attention of a rival not unlike this truffle-squishing moron.

He simply chooses a time when public confidence and awareness is key (say, the launch of a new product or a vital moment on the stock market) and engineers a series of false complaints about your website to coincide with this.

Result? Regardless of whether or not he gets caught, the damage is done. Your entire website is out of action just when you need to communicate with the public the most.

So allow me to repeat:

If you are currently hosted by Fasthosts, and/or if your domain name is managed by them via UKreg, you should move to another service provider and you should do it TODAY. Otherwise, you risk the sudden removal of your website as a result of a nuisance complaint.

To close, here are all of the questions that Richard Stevenson of Fasthosts ignored. I present them to you in the hope that you will gain some idea of what it feels like to be shut out after being shut down by this pisspoor excuse for a service provider:

From: Tim Ireland
Sent: Tue 10/16/2007 12:03 PM
To: Fasthosts Press Officer
Subject: Journalist / press enquiry (Fasthosts)

Dear Richard,

This should do for starters:

1. Did either of these parties attempt to make contact with you, your department, or your organisation seeking a comment about the suspension of the bobbear.co.uk domain name?

The Register:
http://www.theregister.co.uk/2007/10/15/bobbear_joe_job/
“No one from Fasthosts was available for comment at the time of going to press.”

VNUnet
http://www.vnunet.com/vnunet/news/2201110/spammers-money-laundering-site/
“No-one at UKReg was available for comment at time of going to press.”

2. Do you stand by this statement issued regarding the Alisher Usmanov matter?
http://media.guardian.co.uk/newmedia/story/0,,2174406,00.html

“In this case, we examined a website for potentially defamatory material and communicated to the customer that they had indeed breached the terms and conditions for Fasthosts Internet hosting. The customer was repeatedly advised of the breach and upon failing to permanently remove the content in question, their customer account was terminated, the unfortunate result being the possible downtime of other unrelated websites … of which we understand boris-johnson.com was one.”

3. Why has there so far been no response to any of the requests made in this post?
http://b-heads.blogspot.com/2007/09/requesting-response-from-fasthosts.html

4. Can we expect a response to any of the requests made in that post?

5. Why has your weblog been removed from service?
http://www.fasthosts.co.uk/blog/

6. Has your company been in contact with Schillings since Thursday 20 Sep 2007?

7. What comment do you have, if any, regarding this published assertion from Schillings?
http://www.timesonline.co.uk/tol/news/politics/article2508108.ece
“But Mr Usmanov’s spokesman blamed a technical glitch by the web host.”

I plan to publish a report on the Bobbear.co.uk matter and how it relates to the Alisher Usmanov affair this afternoon, and would appreciate a timely response.

UPDATE – It may interest you to know that neither Fasthosts nor UKreg appear on the list of members of the Internet Services Providers’ Association. All members of the ISPA are expected to follow the ISPA Code of Practice; Fasthosts and UKreg are not.

Move. Today.

Dump Fasthosts before they dump you.








19 Comments

  1. Crink says

    Hey, Tim. James Cranch here.I think you should at least link to this page from the Alisher Usmanov blog… keep everything together.So, you're all wrong. To explain why Fasthosts were acting perfectly reasonably, consider this analogy.It's like when you're in the pub, and you spill a small amount of beer on the table. You go to the bar, and ask the staff if you can borrow a cloth briefly. They're going to be fine with that. But then, when they see the small puddle on the table, you naturally expect them to throw you out and bar you: after all, they can't be expected to keep their eyes on all the tables all the time.

  2. Manic says

    I'm detecting a note of sarcasm here….(Please note: my sarcasm-detecting abilities have suffered temporary damage after many confusing emails from Arsenal Muse yesterday.)

  3. poons says

    I have several clients registered with fasthosts – who would you suggest moving them to? as reply by e-mail is fine if you prefer.Cheerspoons

  4. Manic says

    Done.

  5. Passenger says

    I totally agree with you. This company has lost all respect for the one thing that keeps them going, the customer.With the latest password fiasco, lets just hope people have the confidence to leave them in droves.Merry Christmas from Fasthosts? More like Goodbye Mr Fasthost, good bye and goodnight.

  6. kit kat says

    With the latest passwords fiasco: They have suspended all my FTP and Control Panel accounts pending sending out new passwords by post … all accounts were suspended Thursday … no new passwords received yet and it's Monday – I have sites to update that I can't access …. I have finally decided to move (although have a lot of domain names and hosted sites to move) ….Same question: Where would you suggest to move to? – email is fine for reply

  7. Manic says

    Done. Have also blogged about this latest debacle:https://www.bloggerheads.com/archives/2007/12/fest…Good luck, kit kat. And welcome to the not-quite-exclusive-as-it-should-be "I've been dumped in it by Fasthosts" club.

  8. kit kat says

    The clock ticks on with Farce-hosts…No passwords received in the post yet… and emails from Fasthosts saying they are going to "scramble" all email passwords in seven days.I still can't administer any of my sites, I can't change my email passwords as I don't have the password from Fasthosts yet…Things are not looking good!

  9. Swordfish says

    I also have been fined by Fasthosts when my credit card was lost and the renewal system tried to charge the old card which of course had to be cancelled. They insisted on a letter from my CC company, confirming the loss, which was eventually provided, but they still refused to refund the fine.How should I remove my sites from them and stop them taking money from my card regardless? Will I need to write to them or just give the business to someone else and then close my FH accounts online?

  10. joono says

    Fasthosts where have they goneI have been with Fasthosts for about ten years now and have never had a problem…….. till now and what a problem, my sites are down I can not contact them nothing..Fasthosts have been sending me emails saying they can not take a yearly account payment from my account saying bank rejecting card number, but they seem to able to take my monthly charge from the same acount and card number, what is going on?Now that they have changed all the passwords I can not log onto anything to make sure all is correct, the telephone lines are busy, and to top it all they have sent me to date nine new password details but failed to tell me which domains they are for.last now they have logged me out I can not move my domains, seems like a protection shutdown to me, slowly but surely I will get through just like everyone else and solve the problem but as far as I am concerned the damage is done I am off

  11. leavefasthosts says

    Leave FastHosts – they don't deserve your custom.I've closed my account with them today – they offered me 3 months FREE hosting if I stayed – I told them where to stick it.Use this number to get through to FastHosts with NO queues! 01452 5618581. FastHosts – not so fast at answering phone calls – I was waiting for over an hour to get through, with no apology when someone finally answered2. Unfair Admin Fee – if your credit/debit card expires or you lose your card and have to cancel it and FastHosts tries to take a payment and it declines, they will charge you an admin fee of $20Don't put up with this – there are many other providers who will appreciate your custom.This will show FastHosts that they have to start treating their customers right or they will have no business.

  12. London Web Design says

    I am a long term, long suffering, FastHosts reseller.Trapped by the time it would take to remove 100's of active sites.I wish I never joined.They periodically ruin sites with sudden unannounced changes, with idiotic support, and have set my business back years and my age forward the same, due to the stress.Each support ticket is received as it is the first, making it impossible to overcome the most basic of problems. They rarely read what has been tried already and keep passing the buck.They are always confused and fail to admit problems with their servers, however obvious, before finally it is fixed, there end.Server performance is periodically awful… much worst than should be accepted, even from a cheap shared server.And finally, they are great at marketing their growing list of services, including web design services, but really do not care for their reseller customers or their businesses. They aim to 'stack em high' and lose what they lose.What ever mistakes you make with your business, do not join FastHosts. It is the worst thing you could do.

  13. Fabregas_the_King says

    Thank God, I googled Fasthosts complaints before paying out for the domain registration.I am an ARSENAL fan, and I have written crtical articles concerning Alisher USMANOV.I am about to launch my own blog site, and was directed to FastHosts!!!I have not completed registration and urge everyone to follow this good advice!LOOK ELSEWHERE if you do want peace of mind and a fairness.

  14. small_change says

    I have most of my domains with UKREG and Telivo. At the moment I can't decide which one is worse.Well, Telivo doesnt have as many problems as UKREG, but they are such a small outfit that when something is going on they don't know what to do.I haven't been able to access my Control Panel since last week and they haven't reacted to any communication (e-mail forms, e-mails to support, phone, fax. Now I'm going to try registered snail mail!) for almost a week now.I'd be grateful if you could post or PM decent alternative domain registrars. I wanna move away from both those cowboy companies.

  15. davblog says

    Password Basics

    I've banged on before about the need for web sites to store passwords encrypted. This is a good example of why it's necessary. Fasthosts, "the UK's number 1 web host", has fired off emergency emails telling customers to change all…

  16. HL says

    Yes I had problems with this company – automatic rebilling without permission and they failed to refund.The one way to solve this is to write to their local Trading Standards, i.e. Gloucestershire County Council Trading Standards, :http://www.tradingstandards.gov.uk/glos/contactus…Fasthosts was investigated by Trading Standards in 2002 (http://software.silicon.com/webservices/0, 39024657, 11031397, 00.htm)If enough people notify Trading Standards of their experiences another investigation may follow.HL

  17. shitehosts says

    Just been through bucket loads of s–t with these muppets.domains set to lapse have been reset by fasthosts. Fraud has occured on 2 occasions recently and accounts moved to a professional outfit.Removal of card details is impossible.They do not close accounts after being told.I could go on forever with expletives about fasthosts but i will not waste my breath any longer on shit. the company is running due to the clients they allegedly serve. without clients they do not exist so why don't clients make an example of this cowboy outfit and move away to teach them an important lesson about how you should never betray the trust of your customer.I am currently taking legal action against them.be back soon

  18. Antonio says
  19. Stephen says

    The funny thing is that I found this post while searching for info on UKrreg, because I've been receiving a large volume of spam from their servers. So it looks like their "shoot first, ask questions never" to handling abuse reports isn't even particularly effective – which seems to be a common trend for hosting providers that are too poorly run, or simply too cheap to have competent support staff.

    I've similar experiences with Bluehost (under their "Hostmonster" brand). They completely suspended our account, after they received a single spam complaint. The spam didn't actually come from their network (it was backscatter from a Mailman install on a completely different host), but their support staff were evidently too lazy or incompetent to actually look at the headers of the offending message. It then took the better part of a day to even respond, at which point they lied and said that they had only shut down the account's ability to send EMail – a lie that they stuck by, even after I provided screenshots and other proof that they'd suspended the entire account.

    And what do you know, lately Bluehost is one of the biggest & most consistent sources of spam I see – to the point they've even surpassed notoriously spam-friendly hosts like OVH and MyVirpus.

  • NEW! You can now support Bloggerheads by buying handmade firelighters for camping and utility or deluxe firelighters for your home fireplace. Visit fireburngood.com to see my products.

    Fire Burn Good fire lighters

  • External Channels

  • Tim Ireland

  • Page 3 Politics

    Page 3: a short history

  • Main

  • Archives

  • Categories

  • The Cautionary Campfire Songbook

    The Cautionary Campfire Songbook

  • Badges + Buttons

    religion