ServerOrigin: Buyer BEWARE! Scammers, liars, slow support, mean support, etc!

My original discussion posted on WHT Forums.

I'm not one to talk bad about companies but this one is the one exception. Not only have I been disrespected, but I've had money taken out of my account after cancellation of their service a week ago (after canceling a month prior). I reported it to them the same day the money was taken out and here I am, still waiting. I've updated the ticket 3 times without any response. I've given the transaction ID and yet...no response.

But let's start over. Let's go back to the beginning. I go to them because we were having a 100mbps DDoS attack that we couldn't mitigate. So, I ordered their service (the cheap one here). So after getting set up and going through lots of problems with them (and continued to have problems until I finally got away from them...anways), we apparently started getting BIGGER attacks. They were telling me that we were getting over a 1gbps attack (which my site never had prior to them and after moving from them, still have yet to see, yet they claimed it was constant and almost every day or every other day).

They than made it seem like they were doing me a favor when the attack got up to 1.5gbps, that they wouldn't charge me for this and would filter it. So I thought, cool, these guys are awesome. Not... They then came to me saying that the attacks were in excess of 3gbps and 200kpps and that I would need to upgrade to their executive product (view link above). So, I say fine...I just want my site to work. Fat chance in hell...

So now I have a more expensive package, things aren't working due to it being a proxy infront of the server, things are being blocked, legit traffic is being blocked...it was a nightmare.

But here's the kicker. A hacker somehow got my information from their site. After talking to Kevin (the owner), he told me that there was no way that this was possible. I had told him that that information could only be found from either getting into their database or talking to a person over the phone. He then went rambling for about an hour how someone could have called in and acted like me and could get my security answer from the tech...HUH?!

So since we were having all these problems and SO kept blaming it on my current server set up and my sysadmins, I had talked to Kevin (again, the owner) and he told me it would be best if they hosted the servers so they could keep a better eye on it and config it better so we wouldn't have these problems. I told him that if we were to do this, I would need his word that the servers would be secure, not able to be hacked (or social engineered like he said "happened"), and that the site would be working better than it currently was at the time. Long story short...it was WORSE.

When we moved, we had hours and hours of downtime. They said it was because they were unfamiliar with the previous server's configuration. So I gave them access to see what the previous server's config was and they changed things to fit the old one. What do you know...we are back online. Oh wait...only for a few hours and then we are back down. The server was so unstable and when the site was up, it would take at least 10 seconds to load each time. People were getting constantly blocked from the server to the point where I lost around 15k uniques each day, lots of ad revenue, and worst of all, the configuration was so terrible that even my IPB Subscriptions (paid subscriptions) CORE program was not working. They then blamed it on my scripts being faulty. Not sure about any of you that use IPB, but I doubt that a core IPB program is faulty, especially when it was just working on the other server.

To sum up that last paragraph: Lost lots of traffic due to everyone being blocked, people leaving due to terrible load times or the site not even loading, losing tons of money in ad revenue, and losing even more customers because they are getting mad that my scripts aren't working even though they are paying.

So not even a week go by and I tell them to cancel everything. I hire a new sysadmin, he moves everything over to the new server after he config'd and hardened it, and what do you know, everything is working GREAT. The site loads in under 2 seconds, my scripts are working, no one is getting blocked, and my members are happy again. Oh, and another kicker...we've had 1 attack that lasted 5 minutes at 1gbps in the whole month we've been on the new server yet with serverorigin, I was told that we were getting 3gbps+ attacks each week. Hmm...Scam? I think so. Just to make you upgrade to the next biggest package and have your site load slow as hell, your scripts to not work and legit traffic be blocked from accessing your site.

No wait...I'm not finished. So after being on the server for a few days and canceling because it's not working...and after telling them to cancel my subscription and invoice, what do they do? They don't cancel them. They let the payment go through and now they are saying that they never received the payment. This payment went through a week ago. And then I get an update to the ticket today...after posting 3 times in a row, a few days apart...saying that as per the "TOS I agreed to" (which, mind you, was only for the proxy, I didn't sign anything for the server) that I had to cancel 1 month a head of time. I'm sorry...but how am I suppose to cancel a ****** service ahead of time without knowing that your setup wasn't going to work ServerOrigin? C'mon?! Do the right thing, if your server wasn't working for me, then you need to refund the money like a true business would.

Let's go back a little bit now. So like I mentioned, I talked to Kevin about hosting my stuff on their servers and he told me that they would manage it. I was slightly opposed to that because I had been with AdminGeekz for so long that I built a great relationship with them...so I had him promise that things would be better. So he did. Fast forward past all the ********...a whole week of them dicking me around, telling me they weren't familiar with my configuration as to why the servers weren't working, etc (I would think these so called "professional server business" people should know how to config a server that had sites that ran IPB and wordpress), I hired a new sysadmin to get into their server and start moving stuff to a new server. So he starts looking around and tells me how the servers were configured very poorly, not securely, and only configured to use half the power of the servers I had paid for (hopefully he can come in here and state exactly what he saw). Lovely...so this will lead in to the next paragraph.

HACKED! After we moved to the new server, my new sysadmin found a c99 shell that was place on my server during the time I was with ServerOrigin!!!! And then what do you know, a hacker sends me a message saying he can get anyone's password on my site just yesterday. So I said PROVE IT! And he sent me my database information...and what do you know, it was the same information we had when we were with SO. It's since been changed. So I got to laugh at the hacker and tell him it was no longer right...and he went on to tell me that it was fine, we had a shell on our server and he could get it again. So, needless to say, he did...we had kept the same file name on the server but it would send the IP address of the "hacker" to our email inboxes.

I think that's it. I told them if they wanted to keep jerking me around and trying to make me feel bad for making them "work so hard" on the server ("6 hours of work that they normally charge $50/hour for)...I'm sorry, but when was it a businesses job to make their paying (mind you, they charge out the a**) customers feel dumb? I noticed in another review, another user felt the same way. I'm sorry...but I would only feel bad for them if they had actually done a good job. Seeing as they did a terrible job and I lost a LOT of business, ad revenue, and SERPs because of them...I think I should be reimbursed for damages caused to my business.



tl;dr
1. They make you feel good that they are upgrading your service for free, then they bait and switch you. I still think that they lie about the attacks.
2. They claimed 3gbps+ attacks weekly, its been a month on the new server and only 1 short 1gbps attack.
3. Support tries to make you feel dumb and sorry because they are doing "a lot of work for you".
4. They didn't cancel when I told them to cancel so they took money from me and claim to have never gotten it.
5. My new sysadmin didn't have a single problem with the configuration of the server. It's funny how a single guy, who does this almost as a hobby...did a better job than a TEAM or business of people that work on servers day in and day out.
6. New sysadmin found a c99 shell that was placed on our server and a hacker had our database information from the SO server. So if you want to keep yourself and your members information safe, keep away.


Save your money people. Upgrade your servers and hire someone that knows how to properly config servers for DDoS. SO was costing me roughly $1400/month and my new server + sysadmin is costing $520/month.

I hope this review saves someone else the headaches, misery, business and money that I had gone through. And if I missed something, I will be sure to update this thread.

 

I'm also from Se7enSins. My username is FatalityXXX.

Those months of using ServerOrigin were absolutely the worst experience of a server I've ever had. The downtime was terrible, and Azzid also stated their customer support was horrible.

Like he said, save your money. Don't go with these guys.

 

After releasing this article on WHT, they got a little upset and now we are getting hit with a pretty big DDoS attack. Coincidence? You decide. But I find it a lil funny that after I post all this information about them, tell them that I'd gladly release any of the information they want me to, including the phone conversation with them...they still wouldn't hand it over to me and they wanted me to sign away my whole account details to be publicly displayed. Why would I do that? It's just as easy for them to forward the information to me and I post it, is it not? But they claim I was going to "filter" the information or something...nice excuse. I'd rather not allow them to be able to release my information on the internet legally. But they are too afraid for me to post it.....? I don't get it.

But now we are getting hit with a massive DDoS attack which we haven't been having problems with and I find the timing of this rather "interesting". Especially since the attack is now being sent to another IP on our server which has never had an attack before and only SO or any of our hosts would have known about. The site is very small and is just a news site. It doesn't attract the wrong kind of people so it's very interesting that after we nullroute our main IP that our other IP starts getting attacked.

Just "funny" if you ask me...

 

In fact, it's hilarious.

I hate to seem a bit unprofessional but come on...

1) You have ddos attacks that have your site down.
2) You hire ServerOrigin to protect your site.
3) You are under attack nearly twice a month for the 5 months you were with us. (Which you state we were probably lying about)
4) You publicly fire us, attempt to blackmail us with PR.
5) You won't sign a privacy waiver to allow us to defend ourselves (You say it's our fault too)
6) You come under attack because you have announced to the world you don't have protection any longer.
7) You blame us because we must be doing the attacks now too.

Exactly... What did I miss? Anything?

Any other ideas of things we could be doing to you? Are your legs cramping? Your back hurts? Maybe we did a rain dance and we're the cause of your arthritis. Did your stocks drop Friday? Must have been Serverorigin!

The thing is:
ServerOrigin protects more websites than any other U.S. ddos mitigation provider. We have contracts with everyone from small jewelers to Sun Microsystems. We have customers that cancel all the time because their attacks have stopped for several months. Believe me, your attempt at ruining our reputation with the lies and your cancellation isn't going to bankrupt us neither would it be so hurtful that we felt vengeful enough to break laws and possibly put ourselves out of business for something this ignorant? Please don't flatter yourself.

We are a ddos protection provider. We are not an attacker. Believe what you wish. Coincidence, whatever. We didn't become an eight-figure company by breaking the law.

 

First off I'm not sure if DP has any rules about having first hand experience with a company but In this case I do as I was also a admin on this forum at the same time all of this was going on.
Second I really just have to laugh at the back hurts comment.

Anyways I've been with this site for a good four years. Sure its has had lots of up and down time because of little kids that can click a button. The worst of the down time and errors were when we were on ServerOrigin's servers. I always seem to never have a problem on the site, I could always load it fine and fast when others could not. Yet when we were on SO servers I got hundreds of 504 errors and complete "Server cannot be found" errors.

I'll admit I don't know the whole story as I never handled the money or any big thing that only the owner could do but I was a very active admin and I can guarantee you that I was the most active Admin/member on that site during the months we weren't with SO and the months we were with SO. When I say active I don't me posting I mean on the site, in the admin control panel, constantly refreshing to see if the site was loading fine. I can tell you that no matter what your reports say about our uptime was, is that you are lying. They are no where near the percentage you claimed.

My last complaint/comment is why when we were with you we had 3Gbps+ attacks every couple of days or so you claimed(I forget) yet on our new server I haven't seen as so much a total hour of downtime, let alone a attack that big. Also I have yet to see any kind of errors that we got when we were on your system.



You can believe me or not as this doesn't effect me, I'm just posting my opinion.

 

I found out how the exploit was put on our system and made to look like it was there before we were with ServerOrigin (therefore making it seem they had nothing to do with it). The hackers exploited SO, went into customer tickets, found that one of our tickets had our password to the server in it, they placed the c99 shell on, and changed the timestamp (which I just found out was very easy to do). So now they have a c99 on our server in case they couldn't access the server anymore via SSH with the information we gave SO. Even if it was prior to moving to their servers, the exploit was placed on our server directly due to allowing SO access to our server to try to figure out why their proxy was not working like it was suppose to with our site and server configuration.

That is no my only gripe about them. I take back my statement about stealing money from me. I had 2 invoices of the same price and thought I already paid for the proxy service a few days prior to the money being automatically taken out. So I apologize for the misunderstanding but it doesn't take away from the fact that my sites and members were compromised due to SO's lack of security.

And about signing your policy...as I told you, I am NEVER signing anything with you guys again. Feel free to send me the audio file of the phone conversation so I can post that without you being in trouble for breaking your privacy policy. I don't see how you can turn that down... I have a lot more to lose if I sign something for you to publicly release anything about me but YOU have nothing at ALL to lose by turning over the audio file to me and me posting it...now do you? No you don't but you won't so we can continue to go round and round about that argument.


OH WAIT! I know why you want me to sign something. It's because you didn't disclose to me that the phone conversation was being recorded. Isn't that illegal? So if you released it to me without me signing anything, I can take you to court for it. I get it now...no wonder you won't send it to me. You had a hidden agenda.

 

I'm a member from se7ensins, username: scopen4.

If you took the time to find all the closed/deleted threads about 504 etc... errors, you would know that there was a huge problem while using YOUR servers. It got so bad members were being infracted for making a thread about the errors. I know for a fact that every member on se7ensins can vouch for the errors that ocurred almost every day and every hour while using YOUR servers. Several hundred errors later, Azzid switched servers and there has been ONLY 1 downtime since. Its quite obvious that the SO servers were nothing but trash with little support. I was about to give up on the site, then the switch to new servers fixed all our problems.

Thats all I have to say about the matter and you would find that ALL members of se7ensins would agree.

 

Seems like your in the wrong not ServerOrigin, they are a well established host.
webhostingtalk.com/showpost.php?p=7020622&postcount=27

Sums it up and hence why the thread over there is closed.

 

Nah man, they don't need you to sign anything, they just have to tell you that you are being recorded. Every customer service line does it and you never have to sign anything.

 

He called me...there was no recording saying it was being recorded nor did he disclose it to me.


And that thread over there was closed b/c my members were complaining about their service and since they didn't have invoices to prove they used the service, they closed my thread and let SO have the last post making them look like they are right.

And now they are threatening to sue me. Thanks SO...

 

He did even tell you half the story making him look better...

 

@ OP - did your site suffer from DDOS while you were with ServerOrigin as 'ServerOrigin' stated above? If so it is far more likely that this is a continuation of the same rather than some nasty stunt by SO, surely?

 

No, we have been away from them for over a month now and right after posting these "nasty stunts" about them, we started suffering from massive attacks that we haven't ever seen prior to SO and even in the month after leaving them. I just found it too convenient in timing....but I'm suppose to remove my remarks about them or else they will pursue legal action.