Need professional advice to suspend a website

Portal Home > Knowledgebase > Articles Database > Need professional advice to suspend a website

Posted by host_tech, 05-26-2010, 10:19 PM
Hello , As far as i know , Most of the Administrators/Technicals/Data-centers/Hosting companies are posting here : ====================== i was wondering if you could explain me , what will you do if one of your users break your policy (the regular policy of hosting services ) and try to hack your server using shell/hack scripts ( C99 , Etc.. ) . And also using the services to send nobody emails . A ) will you notify the user and waiting for him to remove the harmful files ( in case the server is at risk because of those files ) B ) will you suspend the account and then request the user to remove the harmful files ? In fact , we suspended one of our clients for 223 Minutes because he definitely broke the regular policy of webhosting and share services(suspending was told and reported right away while chatting at the same time - in Google talk ). the account had been un-suspended when he wrote an official letter/Email and requested us to re-activate the account. Therefore we activated the account and requested him to remove the Shell and Virus files. In addition his employees downloaded all files/Backups of the website afterwards, but they did not remove those harmful viruses/Shell scripts. Subsequently we received another email which indicates that he wanted us to cancel and terminate the account since he has shifted the hosting service to other company. More information : A ) The customer has requested us to have a conferance with his team (Skype Voice chat) but we haven`t accepted since we don`t have microphone ! However , we tried to call him for several times but he didn`t pickup the phone . B ) The full amount returned to his banking account. because we don’t want him to have bad feedback and bad experience with us. C ) he`s our customer since 2006 and mostly used google talk to contact us ====================================================== We have received the mail mentioned Below : ====================================================== Dear Mr. ....... According to our recent communications regarding the unjustified suspension of the ................ Ltd. website hosted by you, we would like to your draw your attention to the following items: 1. By virtue of both Federal and Florida state codes pertaining IT and the Internet trade practices, which is the governing law, any online service suspension or discontinuation should be preceded by an official notice well in advance, not to mention the three notices that are common. Therefore, it would not be very acceptable to consider the online chat on the same day a firm reason to suspend a running website. 2. Although the unexpected suspension of the website had caused us many difficulties including disconnection of all email accounts, we tried to talk to you and therefore invited you to attend an online session with our legal and technical team members; however you rejected our invitation using an inappropriate language. This was a completely unprofessional and disappointing practice that we would not expect and tolerate under any circumstances knowing that we have been in business with you for almost four years. 3. The responsibility of protecting the main server from any external attack and providing invulnerable security for the hosted websites is on your side. Thus, if these security layers are not strong enough to prevent your server from any outside threat, we suggest you to implement more sophisticated strategies, which could eliminate any doubt for you. This also would prevent you from accusing your clients without any firm reason and only because of some “potential” threats that might endanger your server security as you mentioned in your email. Consequently, due to all these endeavors, which to us represent an unprofessional practice of mutual business and web hosting, we decided to relocate our sites since there is no guarantee for us that we will not face the same problems in the future. Cordially, ........................ Vice president and Director of legal affairs, ....................... Ltd. ====================================================== ====================================================== ====================================================== Thank you for reading this post ! We are looking for your advice ! Last edited by host_tech; 05-26-2010 at 10:30 PM.
Posted by Senator B, 05-27-2010, 06:38 AM
LOL @ "providing invulnerable security". Glad to see people have realistic expectations these days
Posted by host_tech, 05-27-2010, 06:50 AM
Since we requested , we are looking for your act if someone try to hack your server , Please chose A - Or - B
Posted by prashant1979, 05-27-2010, 07:11 AM
What do your TOS and AUP say? If something is creating problem to your server and subsequently to all the other websites on the server, then it is your right to immediately stop it. The TOS and AUP should be strong enough so that nobody threatens you after stopping their website after they have violated the AUP. There is not much he can do if you clearly mention it in your AUP or TOS. If the customer has not read it, then it is his fault.
Posted by host_tech, 05-27-2010, 08:24 AM
He signed and accepted our Terms and condition (on paper) 4 years ago : which WE mentioned that the customer should not do any illegal acts and they have to following the rules of our country and also international rules . ( However we have complete Terms and condition in our website ) Last edited by host_tech; 05-27-2010 at 08:30 AM.
Posted by madaboutlinux, 05-27-2010, 08:37 AM
It depends. In any case, suspend the account, email the client and investigate the server logs. If the clients account is hacked and the malicious files are uploaded by a 3rd party, the client is not fully responsible. Ask client to strengthen the password and scripts. Make proper security changes on your server. If you found, the client have purposely uploaded the scripts from his location then action needs to be carried our depending on how severe was the task carried out by the client. If it's a spamming issue, ask client to remove the files from his account and warn him to stay away from such activities. If he is carrying out any sort of attack from/on your server, take a backup of his account and the logs you found and terminate the account straight away. Time to say Goodbye to the client without a refund. You don't have to worry about the bad feedback and experience since you have the backup of his account and the server logs as proof.
Posted by host_tech, 05-27-2010, 08:58 AM
we informed him to remove the files at the same time when we suspended the account , he told us that 'we don`t have access to computer now' and he send me other message in google talk after 3 hours -and also suspension doesn`t damage the email accounts since all the emails will be received in the inbox , but they don`t have access to login - since the customer told , his files aren`t harmful and they haven`t done any illegal act - his technical send us a message and told us that they can do whatever in this space ,
Posted by madaboutlinux, 05-27-2010, 09:03 AM
In such a case, it's your responsibility to go and check what files are placed in his account and what they are doing. If you find anything malicious, inform the client with the logs, take proper action as stated earlier in order to keep the server stable and to make sure other websites are not affected. Don't rely on the clients information in such cases. It's your server and you should take proper action to make sure you provide proper service to all the other clients hosted on the server.
Posted by Host Our Web, 05-27-2010, 12:30 PM
You are to follow the rules and laws under the state which your business is registered / state your servers are located in. If the servers are NOT in FL then this does not apply (right?)
Posted by host_tech, 05-27-2010, 12:56 PM
1 )first ,i wanted to know about government rules , where they mentioned this low about hackers . 2 ) what will you do if one of you customer try to hack your server and break you policy ?
Posted by host_tech, 05-28-2010, 07:38 AM
We contacted our Server Provider(Datacenter) And they told us that: ====== Basically you are hosted with us and your server must abide by our AUP. Because of these clients scripts and inappropriate activity, if you didnt remove them, then you could have had yoru entire server suspended by us. You took the appropriate steps to resolve this and did what most every responsible legitimate hosting company would have done in this situation ======
Posted by techstar, 05-28-2010, 09:27 PM
Yeah, your DC is right. Every responsible legitimate hosting company would you what you did. When malicious scripts are found, they are disabled immediately. By the way, there should be 'Terms of Service' for your company in which such things would be mentioned?
Posted by host_tech, 05-29-2010, 06:57 PM
A ) He signed on a paper an he accepted that he will follow the regular rule B ) and also , We have TOS on the website which we explained everything clearly . even Shell scripts and all other acts like that .
Posted by n3r0x, 05-30-2010, 04:49 AM
First I want to say you did the right thing.. And since they agreed to your TOS and it´s clear that they have violated those they can´t take any legal action. Second I want to add that their tech seems to be a moron. Just be happy you don´t have to deal with morons like that anymore..
Posted by Keiran, 05-31-2010, 07:51 PM
If one of my clients attempted to cause harm to our network what I would do is Suspend them and notify them why they were suspended. They agree to a specific TOS about these things. If a further offence is committed or they have not taken care of their first offence I will take it as a liability to my network and terminate the user with no refunds.

Add to Favourites Print this Article