LowEndBox - Cheap VPS, Hosting and Dedicated Server Deals

How Do You Tell a Provider is Dodgy?

Date/Time: November 23, 2009 @ 5:00 am, by LowEndAdmin

First of all, for all the non-brits/aussie/kiwis out there, here is the definition of “dodgy”:

Adjective

  1. evasive and shifty
  2. unsound and unreliable
  3. dishonest
  4. risky
  5. deviant
  6. weird

Sounds like a good descriptive word for many past low end providers featured on this blog. I have seen many hosts open their business and advertise their cheap low end packages on WebHostingTalk, only to close their door 2 months afterwards. In most cases they’ll just do a runner and leave their customers panicking trying to recover files. I have also trying to do some background check on the providers and make caveat emptor warnings if I suspect the provider is a little bit dodgy.

I have to say that a lot of investigation is based on “gut feelings”. Some just smells plain dodgy, but with some you need to do quite a bit of digging to reveal their shady past. After all you do not want to sign up a low end VPS package (and possibly pay a whole year of fee in full) and later on loss everything on it. What sort of investigation do you use to determine whether a provider is dodgy?

Some checks I use:

  • Running both DNS on the same box. Only incompetent sysadmins do that.
  • Domain WHOIS privacy turned on. Why, as a registered business, don’t you want your customers/prospects to know who you are? I don’t buy the “prevent email address harvested” excuse either, as a competent hosting provider would know how to do spam filtering.
  • Lack of proper SSL certificate on their WHMCS and control panel pages. That usually spells “rush job” to me. SSL certificates can be had for $15/year & gives your customers a lot more “trust”.
  • Other posts on WHT — either those about this provider, or early posts made by the owner of the provider.

Any other sanity checks you use to evaluate a low end provider?

The original owner of LowEndBox known as "LowEndAdmin" or "LEA" for short founded LowEndBox in 2008 and created the concept of hosting applications on low resource "Low End Boxes". After creating the roots of the community that we know today, "LEA" stepped aside and allowed others to carry the torch forward.

18 Comments

  1. David:

    Check when their domain was registered, and for how long. I know that the age of a domain would make new providers look bad, but at the end of the day it’d be better to go with a more established host, especially if they were offering low-end prices as it means that they’re still able to generate a sufficient profit from it (but hopefully from not overselling :P) to remain in business. As for the registration length, my logic is that a provider who intends on building a proper business will register a domain for an extended length of time, not just 1 year.

    November 23, 2009 @ 6:05 am | Reply
  2. Mojo:

    Where can you get certs that will not warn against major browsers out of the box for $15? Thanks.

    November 23, 2009 @ 1:55 pm | Reply
  3. To good to be true is almost always correct.

    Im with lowendbox admin on DNS servers are a must. Any provider not hosting their own site seriously will more then likely host yours in the same manner.

    Check to see if their website text is out-dated. If they cant take the time to update their site(makes their bread and butter), yours will probably be in the same boat.

    I agree with David, the length of domain registration(or creation date). Can show you alot.

    Support, Just like anything, test their support/livechat before buying. Unless your in a hurry to buy, take the time to test them. If they are not going to take the time to help you sign-up imagine after you sign up.

    November 23, 2009 @ 5:17 pm | Reply
  4. David:

    >>Support, Just like anything, test their support/livechat before buying.

    That as well. Had a bad experience with BurstNet regarding pre-sales help.

    November 23, 2009 @ 5:25 pm | Reply
  5. @Mojo — you should be able to find a RapidSSL reseller that can do that. I use RapidSSLOnline.com — if you prepay for 3 years it comes down to 15/year. Browser compatibility is good.

    November 23, 2009 @ 9:04 pm | Reply
  6. Hasanul:

    I’ve got cheap SSL from namecheap.com, below USD 10 :D

    November 24, 2009 @ 1:37 am | Reply
  7. Thanks for the SSL pricing information. Even though I buy in bulk, it still doesn’t come down to that price. Pity they don’t do it for that price with wildcard SSLs.

    Gotta admit that I just google for the name of the provider followed by the word ‘sucks’ just to see what comes up. Like “Godaddy sucks” and the like. Amazes me how many stories I can find.

    November 24, 2009 @ 1:53 am | Reply
  8. @Hasanul — Cool. I did not know NameCheap is having a sale.

    @drmike — Yes I sometimes use the googling “[provider name] sucks” method, except it works only for big providers. In some sense if you are big, you ought to have some “you sucks” comments on the net.

    November 24, 2009 @ 2:36 am | Reply
  9. David:

    The problem with doing a GS for “[host] sucks” is that it’s often very biased.

    1 – Any host will have disgruntled clients – people are people and you can’t please everyone. These ones are normally the loudest, as clients will only bitch if something is wrong.

    2 – Competitors will badmouth each other by pretending to be clients with bad experiences.

    3 – Thirdly, there’s this assumption that if someone sings a host’s praises, they secretly marketing for the host, but if they’re bitching about it, whatever they said happened must be true. However, clients with bad experiences will often completely warp things so that they look innocent.

    All the companies I’ve worked have had this problem, #3 especially, and the ratios between happy/sad clients always lay far to the happy side despite what a GS would suggest.

    November 24, 2009 @ 7:03 am | Reply
  10. @David – this is too correct.

    How do you guys have icons next to your names :)

    November 24, 2009 @ 2:19 pm | Reply
  11. @Justin, we’re signed up with gravatar. I’d post a link but I don’t link to hatesites. (It’s owned by Automattic.)

    I agree with the bias of searching for sucks which is why I read though the stories. I’ve seen ones where the hosting company has bent over backwards to help the client and it;s the client who’s the problem. Usually they’re wanting something over and beyond what can be normally provided. Also you’ll see conversation over the story. But hey, it’s a starting point.

    November 24, 2009 @ 2:50 pm | Reply
  12. Yeah. Quite a few valid points — kepp them coming :)

    The reason I asked is — it must be possible to automate some of the checks so you can just throw a name at it, and it will give you a “dodgy score”. May get back to do some coding around it :)

    November 25, 2009 @ 3:50 am | Reply
  13. df:

    Namecheap gives you a free year of SSL (doesn’t trigger browser warnings, etc) with each domain/transfer/renew
    Not even $15, not even $9 :P

    November 26, 2009 @ 4:48 am | Reply
  14. Wolf:

    One of my checks is just to proofread their site. I know it sounds trivial at first… but I look at it like this: Whether or not a provider has the best grammar or spelling in the world does not indicate whether they are a competent sysadmin. However, if they can’t even be bothered to run spell-check (or to get someone else to proof it for them) then how can I possibly believe they care about their business?

    Another one of my tests when evaluating a provider from LowEndBox or WHT is to go to their main website, NOT their “purchase now” page (which is almost always what they put in their post). I’m absolutely FLOORED by how many of these fly-by-night operators have sites that are obviously template-based, and they haven’t even bothered to replace the generic “Lorem ipsum” filler text… or to list their products and prices accurately… or even to make sure that the links work. Seriously, how hard is it to publish a web site these days, with templates, WYSIWYG editors, and so forth? So again, if they’re in such a rush to grab my money that they start advertising on WHT and such, before they even have a functional web site — that’s a dead-on clue to a scam, to me.

    Is there a contact phone number? Address? Anything? I hate to go to a web site, and the only means of contact is a web form. (What are they hiding?) Sure, there are plenty of legit providers who only offer email support, because they want to keep costs down. But it DOES raise a red flag, at least to the point of making me slow down and check them out more carefully.

    If they DO have a phone listed, do a reverse lookup on it. Does it come up as a cell phone or home phone? Use caution. Though with the prevalence of inexpensive VoIP now, it’s harder to do a reliable reverse on a phone number, so this is less useful than it used to be.

    Beyond that, I definitely check registration length, and I also Google the name(s) of the people involved, and try to use that to cross-check for previous scam-and-run episodes. If the domain HAS been registered a while, I use the Internet Wayback Machine at http://web.archive.org. It will let you see snapshots of any web page that has existed on that domain name going back for several years.

    I guess the bottom line in determining how careful I am, is how much I have to lose. If I’m looking for a serious production-grade VPS, I don’t even consider the new guys. Period. But if I’m OK with testing the waters on a development / “playing around” box, and they aren’t requiring a huge up-front payment, then I’m likely to be OK with taking a little more risk.

    One final suggestion I would offer… I absolutely NEVER give my real credit/debit card or bank info to ANYONE except a well-established business. I prefer using a 3rd-party system like PayPal, 2CO, Google Checkout, or similar. If the provider ONLY takes credit cards on their own and does not offer PayPal or similar (which is unlikely, as it actually costs them more to get a merchant account of their own) — then I use a “disposable” debit card number. If your bank doesn’t offer disposable numbers, most PayPal accounts have a feature that will let you generate a virtual debit card number (either single-use, or multi-use)… and you can cancel the number and cut your losses with a few clicks, if the provider does prove to be dodgy.

    November 26, 2009 @ 8:36 am | Reply
  15. Re #13, the problem though df is that Namecheap is a dodgy provider. They advertise 24/7 support but it’s only Sales (And not even Sales Support. They can only repeat what’s on the site. Anything else requires someone to get back to you) that’s 24/7. Tech Support is 8 to 5 Monday to Friday.

    I tried to register a domain through them a few years back on a Friday afternoon and it was Monday before they got back to me since, to reasons still unknown to me, billed the credit card but would not register the domain. (For reference since I’m sure at least one person is thinking it, this was a normal business debit Visa that gets used dozen of times a month without issue.) I canceled the purchase and tried to purchase the domain with another provider but NameCheap themselves registered the domain and would not release it.

    November 26, 2009 @ 2:05 pm | Reply
  16. cling[y]:

    On an unrelated note, all of the VPS’s i’ve tried throttle my upload speed, for example on bust.net I can only download a single file at 350KB/s HOWEVER, I can download 10files at the same time, each at 350KB/s for a total of about 3.5MB/s Is there any way to get around this limitation? Does anyone know of a way to increase the VPS’s upload speed for a single file, or increase my download speed somehow? Thanks for any ideas.

    November 28, 2009 @ 9:15 pm | Reply
  17. Probably something set at the routers or in the master control of the server. That’s something you should be asking your host.

    November 29, 2009 @ 2:00 am | Reply
  18. Had a couple more thoughts on this. Not sure if any of them can be automated though.

    I look at the affiliate program if they offer one. Sure, as a reseller (or a Digital Point spammmer) you can make a lot of money with such a program but paying out a hundred bucks for a signup doesn’t leave much money for things like servers and customer support.

    The phone lookup is a good idea. I found myself a couple of days ago fooling around with Google Earth and doing look ups on some of the providers here. One of them is a UPS Store. Another one may be an empty field but I couldn’t be sure of the address for that street. Now I don’t have a problem with the use of a UPS Store for a mail drop as I use one myself as we’re incorporated in another state but it is something to have in the back of your mind.

    Sites like this one that provide honest reviews. Yes, I’m a CJ reseller and I know all of the hundred dollar offers in there for webhosting. Seems like most webhosting review sites I come across just list the top 10 money givers from CJ, adds 5 stars to many of them, writes a couple quick fake reviews, installs a form for comments but mysteriously it’s broken, and presto, they have a review site. Sites like DP and WHT with their dozens of posters with post counts of under 10, all of them being spam but yet they write gushing reviews of a host or two.

    Just some thoughts.

    -drmike

    December 1, 2009 @ 12:59 pm | Reply

Leave a Reply to df Cancel reply

Some notes on commenting on LowEndBox:

  • Do not use LowEndBox for support issues. Go to your hosting provider and issue a ticket there. Coming here saying "my VPS is down, what do I do?!" will only have your comments removed.
  • Akismet is used for spam detection. Some comments may be held temporarily for manual approval.
  • Use <pre>...</pre> to quote the output from your terminal/console, or consider using a pastebin service.

Your email address will not be published. Required fields are marked *