By clicking “Accept All”, you agree to the storing of cookies on your device to enhance site navigation, analyse site usage, and assist in our marketing efforts
These cookies enable our website and App to remember things such as your region or country, language, accessibility options and your preferences and settings.
Analytic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.
Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.
We spend hours every day on items which, strictly speaking, are web development, but the alternative would be a broken website and a client who then doesn't know what to do
Sorry if it came across that way but we don't want hacked sites on our systems any more than you do because they send spam and can cause disruption for other clients, plus you obviously. Our standard advice of restoring a backup and patching is usually sufficient to prevent any further issues. For example if a hacked site is fixed but not patched, it *will* be hacked again which is why we aim to give you the tools via the control panel, and explain what is needed to fix it.However, some time last year I noticed one of my sites had been hacked. I informed Vidahost and was basically fobbed off.
I remember the ticket but I'm afraid I can't remember the ID to check exactly what happened. If any of my colleagues sent you unhelpful replies I would have let them know. As above, we don't want hacked sites any more than you do. We will help but we don't have the manpower to fix every single issue and we're also not web designers - if we did/were we would also automatically patch all installations but that's not viable either - for example about 5 people a day ask us for a backup restoring because a WordPress update has caused a theme issue, and from the backup system activity we can see a lot more people use it without contacting us.Although I tried to do what I could to secure my sites further I discovered over time that more and more sites were being infiltrated.
It was only a few months later that I got a reply from a different guy at Vidahost who reacted in a totally different way to his colleagues and said that if my sites were infiltrated then this is a serious security breach and I should have told them immediately !
Again, there are no bad intentions here - there is no point in us fobbing off anyone about anything because we are here to resolve any query which comes our way, as much as we can.Vidahost exchanged several emails with me declaring that they had warned me via email that my site was nearing it's limit but only after my continued insistence that I had received no such email that they finally realised they had made a mistake with the email address they had sent the warning message to.
This was an expired SSL certificate on our main site which was my oversight. It's not related to outdated/insecure scripts on your website in any way and my colleagues fixed it - thanks if you reported it to us (I wasn't here on Saturday morning although I was covering the night shift until an hour or so before the SSL expired from what I heard). The SSL issue was my fault, I thought I had it setup for 2 years.What prompted me to resurrect this thread after such a long time is I have noticed that Vidahost are flagging up as a security certificate issue when I try to click on their link from Google so looks like security issues are there again![]()
Holy Thread Ressurection
Even though I knew Vida were getting bigger I went to visit them at their new HQ in Slough a few months ago, as we invest significant hosting with them.
What I saw was: a totally secure datacentre, oh yes, Biometric scanners to get into the building, and I had to be with a director of Vida at the time, then I had to get past the security guards with various checks, then to the server cages, and then there was another biometric scan specifically for see to their area.
That put my mind at ease that everything was being taken care of to the highest level.
I think I even submitted a problem on Christmas Eve, and had a message back that it would be taken care of Christmas Day - and it was. When I asked 'didnt they have a day off' they said that Vida is a 24/7/365 support.
I know they've grown yet I think they've kept their awesome service. I keep all our hosting with them.
What I saw was: a totally secure datacentre, oh yes, Biometric scanners to get into the building, and I had to be with a director of Vida at the time, then I had to get past the security guards with various checks, then to the server cages, and then there was another biometric scan specifically for see to their area.
I repeat my earlier post.I have always had first rate service from Vidahost.
There again I have never treated them as my in-house IT department, only as a hosting company.
I repeat my earlier post.
something with more holes than a colander like wordpress!
Nuno the first time user here...Well spotted @spiritusuk. Those 3000+ posts I made were just practicing for my first real one here.Nuno,
You may be a first time poster but I am not ....
...
After this went on for several months I felt I had no option but to jettison my websites. I informed them of this and my disappointment but it was clear with their lack of response that they didn't particularly care what I did or didn't do.
I'm no techy, but I felt I got "world class service" that day.
we were only offered an 'abrupt' refund, nothing more.
Their support isn't outsourced and is pretty much 100%.
If you have a site with security holes in the code then its your problem not theirs, they are well within their rights to disable it and not re-enable it until its fixed as its a risk to others too. Stop slagging off an excellent company (Vida/Tso are both paragon internet brands) and sort out your crap websites with their security flaws.
Strangely enough we've never had any of our 20+ sites hacked because they are either well written in php/html 5 from scratch or based on magento rather than something with more holes than a colander like wordpress!
Why are people always so quick to blame a hosting company for their websites issues?
If you own a high street store and you leave the front door unlocked, you can't blame the landlord when you arrive in the morning to see the stock has been stolen.
This begs the questions:
- If you are so unhappy, and have been hacked twice, why are you still with Vidahost?
- I thought you has 'jettisoned' all your Vidahost hosted sites. Now it appears not. Did you perhaps 'jettison' them after the second hack?
- Have you found the malicious code? If it's in a folder or file in the root cleaning up the individual sites won't work. It'll just come back.
- Why did you move to Vidahost in the first place if you have a large presence on another host?
- You are right that Vidahost's record of customer support is not 100%. Nobody's is. It just appears that a very significant majority here are satisfied with it. Are you surprised that this majority might think there are two sides to every story?
Funny isn't it, if you have a problem then you are a 'whinger' or making it up, but if you think they are great then you must be genuine?Apologies. It was the other whinger who jettisoned their sites or claimed to.
It ain't what you do, it's the way that you do it...
(Sing along version)
But as Darren at Vidahost now makes clear, if you have shared hosting and they get into one website then they have easy access to the rest through your single cPanel, a facility provided as part of their services.
All my websites have different logins, passwords, plugins and themes kept up to date. We run over 50 blogs on different hosting, none have ever been hacked before, all my ones on Vidahost have been, twice. This may just be unlucky, but please do not defend them for repeatedly ignoring my very straightforward questions, and also ignoring my request for advice on a different hosting package that could provide a more secure environment.
And when you offer your instruction not to slag off Vidahost, and tell us that their Customer Support is 100% then take a look through the thread. It is clear that a number of people have been unhappy with the 'support' they have been given by Vidahost, and therefore it is not 100%. You are not amongst these, but if they are happy to accept the good feedback then they also have to be accepting of the bad.
All I can confirm is that they have provided the worst customer service I have ever received from a hosting company.
I got a response from a Darren Lingham (I think I have seen his name mentioned on here before?) who says:
I can absolutely guarantee that this hack was not caused by a vulnerability at the server level. If that were the cause, the other several hundred WordPress and PHP related sites on the server would also have bene (sp?) affected
Great finally some clarification of my concern. However I do not have a server package with them, I have a shared hosting package.
However Darren then explains
A vulnerability in one or more of your sites, allowing someone to add code to all of your sites because they're under a single cPanel
So if a hacker gets access through one of your sites then they can run amok through your hosting as it is all on the same cPanel.
However, it is clear to me now that if you run a shared hosting package (any shared hosting, not just from Vidahost I must add) there is no second line of defense if a hacker gets through one of your sites. Therefore my concern with remaining on shared hosting is justified.
This thread concerns the customer service of Vidahost. I am not saying that the issues with my websites have not been caused by a vulnerability. However if I have never had any issues with the same websites, same themes, same plugins etc on other hosting packages elsewhere and never had a problem then it is understandable to question Vidahost.
What I am extremely disappointed in is the poor customer service. Failing to answer simple, direct questions (I doubt they have even tried to read my tickets), ignoring my request for advice on providing a more secure hosting environment, and absolutely no inclination to give advice or help, just a cold shoulder and a fob off. If they could provide a more secure hosting environment then I would happily pay more to get it. No such advice was given, despite me asking for their expert opinion.