I work for large host here is my take on this<p>1) They shut down my servers and suspended my account without notifying me.
If your server is doing 1Gbs outbound I would expect them to shut it down ASAP for many reasons. Likely a more senior person detected the issue and shut down the server, then passed it on to 1st line support to contact you.<p>2)After contacting them, they immediately accused me of "launching an attack from their platform".
You launched an attack vs a sever you are responsible for launched the attack, it's semantics but the support agent could certainly have worded it better, but not a big deal in my view.<p>3)After they performed their "investigation", they refused to give me any details and kept my account locked and servers offline.
The investigation probably wasn't any more than their networks team detecting very high outbound traffic originating from your VPS IP that was clearly malicious. In that case the only explanations are that you are deliberately breaking their terms or your server is compromised, there is nothing else to discuss. They should really have sent you some standard text helping realise the reality of the situation but it wouldn't have hanged anything.<p>4)They refused to give me a copy of my data which delayed getting it hosted elsewhere (had to get ssl certs reissued etc).
This is not great but if your server is compromised you have to accept that you will need to work from backups. First line support probably don't have a way of getting the data without starting the machine which they can't do in the circumstances. I'm sure one of their sysadmins could mount the virtual machine as a disk image to get the data for you, but that's not part of the service they offer or you're paying for. They can probably get your data given time and/or if you pay them but it's not reasonable for them to do this as a priority, especially as they are a budget host.
This post was really insightful, they shut down my servers and suspended my account too without notification. I thought that it only happened to me, but it looks like it's a communal problem. Thanks!
Sometimes I wonder if people act hostile to support staff from the get go in order to get a response so that they can build up an interesting communication history for a blog post.<p>Seriously though, why not be nice first, and ask for the things you need, before saying you are gonna post publicly about something. You have to consider that maybe the person communicating with you is just a support flunky that doesn't know how to grab the data you need off of your disk images.<p>Think of the amount of skilled labor they would need to expend to get your data off the disk images. Even if its just an hour, most engineers cost $80-100/hour. If you are paying $5/month for your basic Digital Ocean instance, that means more than a year worth of revenue on your account needs to be spent to make you whole, because you fucked something up and allowed a third party to exploit your server.<p>If you don't make backups and don't administer your websites correctly, I think Digital Ocean will probably be happy to see you go, since you are probably a negative revenue customer in the long run. They send you to Amazon or Google with their blessings.<p>edit: they should definitely have emailed you to let you know that they were suspending your account though.
This seems pretty much the same pattern as my issue with DO last month. Better to move your service to AWS or Linode.<p>In Case anyone wants to check.<p>The Blog Post : <a href="http://serdardogruyol.com/?p=122" rel="nofollow">http://serdardogruyol.com/?p=122</a>
The HN Thread : <a href="https://news.ycombinator.com/item?id=6438761" rel="nofollow">https://news.ycombinator.com/item?id=6438761</a>
I agree with "you get what you pay for" sentiment. With their margins, I can't see them having the support for any more than what they did. I think the takeaway here should be:<p>1. Backup your data offsite.<p>2. Monitor your servers or at the very least, your sites. If a site is important enough to pay for hosting, I would think it would be important enough to monitor for uptime. Bonus points for monitoring server resources as well.<p>3. Trust noone. Who's to save Linode, Amazon, or Google would act any differently if they detected a compromised server on their network.<p>These things should be done regardless of how much you are paying for your hosting.
As with so many other computer disaster stories, the moral of this one is, <i>always keep backups</i>. Even if your data lives in the cloud, you still need off-line backups.
Sundeep was almost immediately hostile to the support people. While DO clearly could do a better job communicating to him, he's not helping himself with his attitude. Support folks often do not have the privilege to go off-script and make a positive difference for a customer, but they can always stick closely to the script and "regret any inconvenience" while being unhelpful, which is what I see here.
Did they provided more info about this ? I'm still very worried, I posted a question about this situation including a link to your website and this post and I think it's not available in their website. So, not sure if I should trust them or not, I use it for personal use and been advising my company and we have lot's of projects running there, client work, etc... : X
Even if Sundeep were at fault, at the bare minimum, D.O could've informed him that they are shutting him down. Also allowed him to get his files back. Neither of this is hard to do, even for a $5 host.
I have been thinking about using Digital Ocean (moving from Linode) but I have heard a few stories like this that really make me second guess that decision.
They work on razor thin margins so they shoot first and ask questions later. They don't have the resources to provide top notch customer service or investigate in depth, or prices would be much higher.<p>So you get what you pay for, I wouldn't move my money making sites to a service like that.