metacard.com hosting service fiasco redux

Scott Raney raney at metacard.com
Wed Apr 3 23:33:01 EST 2002


Looks like the new WWW/FTP servers are humming along fine and we've
officially terminated our relationship with our former hosting
service, so it's time for the promised recap of what happened to
www.metacard.com and ftp.metacard.com a few weeks ago.  We had been
using Jumpline.com to host these servers for many years and had been
relatively satisfied with them.  We would have been completely
satisfied except that their tech support was slow, meaning it usually
took days to get a response, and that we often ran over their free
bandwidth limits.  But we were completely caught off guard by their
recent "upgrade" and the terrible disruption it caused to us and to
many of our customers.

To be fair, they did send out a note a few weeks before the "upgrade",
but it was extremely vague about what was actually going to change and
leaving me at least with the impression that it would just be a
management console change and maybe an OS upgrade.  Unfortunately the
changes they had planned was far more extensive than that, and
basically involved shutting down their old servers and restoring old
backups to completely different servers.

After the "upgrade", the only thing left working was basic HTTP
service.  Email was no longer redirected to our local servers, none of
the CGI programs worked, and there was no anonymous FTP service at
all.  The problem with the email was that they didn't update the DNS
records on the new server.  The problem with the CGI was that the new
OS was a hacked up "virtual host" product (called Sphera) that lacked
key libraries the Linux MetaCard engine requires and there was no way
to install them.  Similarly anonymous FTP support was totally lacking
from this new platform.  They even botched the file transfer, putting
up an old version of our WWW site and (apparently) losing all of the
files in our FTP directory.

But the worst part was that Jumpline tech support responsiveness
dropped off a cliff because a large number of other Jumpline customers
were having the same problems.  To be fair, part of the problem was
that they were forced to transfer all their customers to the new
servers all at once when their previous provider (Alabanza) cut them
off.  Their part of the story can be seen at
http://upgrade.jumpline.com/upgrade_information.phtml, but what that
page conveniently neglects to mention is that there is no way that
anonymous FTP and CGI was going to work on the new servers and they
*had* to know about this, yet specifically avoided warning any of
their customers about it.  This rises above the level of mere
incompetence and should probably considered outright fraudulent
business practices.  It could also have been a company-destroying
mistake, because now all the buzz on the review sites (some of which
was contributed by yours truly) is to avoid jumpline.com at all costs,
and I've received several spam emails from alternate hosting services
recently specifically comparing their services with Jumpline, which I
take to be a sign that the sharks are circling...

We're very satisfied so far with our new hosting service, aletia.com,
but have taken several precautions to make sure we don't get caught
out like this again.  The most significant of these is to move DNS
hosting back to our local servers.  We had done this for most of the
time since we first registered the domain, but transfered the domain
records to Jumpline when we became the target of various DNS-based
attacks on our local servers and decided that we couldn't be trusted
to keep up with the patches required to maintain a secure network.
But the "bind" name server is finally getting stable enough that you
don't have to patch it every month, and now that we've seen what the
alternative is, we can justify the effort to keep up with the security
bulletins.  And if something happens to the new hosting service, we
can run everything from our local servers.  Actually we could run
everything from here most of the time anyway, it's just that our SDSL
line is not up to the demands imposed by large numbers of people
downloading new beta and final releases.  And if the local link goes
down (any anyone familiar with the history and current financial state
of the companies in the DSL business should be expecting this),
everything (including DNS) is mirrored up at the new hosting service,
just in case.

So, the take home messages are:
1) Avoid Jumpline.com
2) Avoid any company using Sphera or Alabanza software or services
3) Never trust a single company with responsibility for your domain
4) Whether you have good or bad experience with a company, take the
   time to post about it on some review site(s).  In most areas there
   are just way too many choices out there and the only way to have
   any confidence that you're not going to choose wrong is to get some
   independent information about them.  I think of it as the
   cyber-equivalent of the right to vote, and it's your cyber-civic
   duty to exercise this right.

Hope some of you can benefit from this war story.
  Regards,
    Scott

********************************************************
Scott Raney  raney at metacard.com  http://www.metacard.com
MetaCard: You know, there's an easier way to do that...




More information about the metacard mailing list