WebHostingBuzz Reviews

I've tried 5 different web hosts to date and the reason I chose and have continued to stay with Webhostingbuzz is their customer service. Boasting about uptime and reliability is great (it has been outstanding on this front by the way), but what really matters is how a host responds to issues when they arise. Good communication and customer service is key to a great web-host, and this host has these qualities in spades.
Having been with 5 other hosting services before dealing with this company, I can honestly say they are by far the best.

This is very different from any other review that you may have read on WHT. This review will take you 15-20 mins to read. I suggest you are sitting down comfortably, this is also my first ever review on a web hosting company.

Some of you may find the latter part of my experience with Web Hosting Buzz and my review interesting.

Before i write a very detailed review of WHB - Web Hosting Buzz i would like to make a few things clear first of all.

This review contains my experience dealing with WHB, it contains extracts from actuall tickets and quotes from forums keeping all WHB staff anonymous.

I am a former customer of WHB, my contract as a reseller was from November, 2007 to November, 2008.

This is my personal and honest experience with Web Hosting Buzz and also a review about WHB.

Why am i writing a review now? I think the length of it explains why im writing it now. I have been busy lately and i know writing this will be time consuming and needs to be in detail. So it was important i take time and write it as accurately and as honestly as possible. I have had such a bad time with WHB which deserves a detailed analysis from all my tickets and correspondence that i have had with WHB.

To give WHB some benefit of the doubt - things may have changed since i last was with them. But i doubt that after my years of experience.

November - Mid February:

When i first joined WHB in November i was extremely happy with them. They were no doubt value for money and very cheap, they were much cheaper and much more value for money than my previous host.

For two and a half months things have been good then it got so bad it was unbearable for me or my clients who were being hosted on WHB.

Mid February:

By mid february i was getting MySQL errors and connection outages. I reported the problem via ticket and i was told the following by WHB:

"The server you're hosted on had some load problems related to wrong web statistics update settings. In fact this brought the server into suboptimal condition, and naturally MySQL performance was affected too. That's why you could experience some outages or query delays."

Problems still persisted and i kept reporting the errors. I was told it was fixed again, then suddenly i was told the issue was with me?

"Dear Customer,

The problems that you experience with MySQL are caused by the fact that your forum is based on the vBulletin and it overloads MySQL, because your forum is frequently visited. The configuration and the limits that are set for MySQL on shared servers do not allow so many connections and some problems appear during the work of your forum because it does not have enough free connections to MySQL. The best choice for you would be the upgrade to the dedicated plan."

The forum he was referring to has only a few members online at any one time the most would be 10 users online with a very few visitors. I was suprised how they began to make their customers doubt themselves and later use dirty tactics on getting their customers to go and sign up to a Dedicated plan? That particular website has been running since 2004 and has been through 3 hosts which has been on a shared plan ever since, and still is on a shared plan today. For the first few months with WHB my website has been the same in terms of traffic and users which i had no problems with.

But now theres sudden problems with the server, first im told

"load problems related to wrong web statistics update settings"

But just because i kept on pursuing them about the server load they decided to shut me up by putting blame on me about the issues. They suggested i take my small forum with very little users onto a dedicated plan? (This is not the first instance they were quick to suggest a dedicated plan, - read on.)

Late February - Early March:

Problems and more outages kept on arising, a WHB server side 404 page kept coming up across all my reseller sites. Which clearly had WHB companies name and address written on it. This caused further concerns, as if it was seen by a client then theres no point in me being a reseller if they could see who i was hiring the service from. Later WHB heeded my concerns and deleted their server side 404 page which kept on showing up when the server was down.

Early March:

Problems were still thriving with socket errors, all my clients websites were getting this issue which brings back our discussion about the problem being isolated to me only? (Remember when I was suggested to upgrade to a dedicated box?)

Mid March:

Server is still giving problems and was heavily loaded, which literally grinded my website and my clients websites and mail to a hault. Users were being kicked off and the server kept on restarting. They tell me that they had addressed the issue but the problem still persisted. They didnt know what else to say to me as it was clearly a problem on their end. They obviously wanted to keep me busy and gave me instructions to troubleshoot on my connection locally. When it was evident not only me but my clients were facing the same issue.

There was also no "Webalizer" available in cPanel which i found strange as other shared hosts that ive been with had it, even the one im with now has it. I use to check my statistics with it. I was told "Webalizer" was disabled from cPanel on WHB to reduce load issues on the server. - Load issues? So i see "desperate measures"were taken to substitute an important feature that customers use in place of poor server hardware/connection that cannot maintain server load.

Things have been running ok for a few weeks when i thought the storm had passed but no, not quite.

Mid April

More load issues, users being kicked off. Problem being persistent on websites with MySQL and PHP. It had a few good days when things were actually working.

Early May - Mid May

I was showing a client around and had told him he could check some of his statistics in Awstats, but guess what - there was no Awstats either, how embarrasing!? It was disabled assuming it was disabled for the very same reasons as to why "Webalizer" was disabled as i had mentioned earlier. But a support ticket later got staff to re-enable this feature for me after i had emphasised how important it was and stressed the word "client".

I was told to request this feature for each domain i had wanted it on. What a bummer!?

From early May to mid May there was more load upon more load issues. The senior technician then got back to me with

"It wasn't a networking issue today, RS9 was heavily overloaded (exactly when you and ***** were talking in chat). I've tuned some kernel options, but I suspect HDD cooling problems."

So again it boils down to the poor hardware that they are using on their servers.

Mid May:

Things got really bad, i was really frustrated. Pages were taking 35 seconds to load. I opened yet another ticket and this time the staff member agrees that the server was rather slow.

I was told that the scripts on my server was causing the problem, they were

/usr/bin/php
/forum/forumdisplay.php

So they were blaming PHP and the vbulletin software? I am no vbulletin coder and have been using the "off the shelf" premium script for years which i have had no problems with and now its the script?

I asked them why does there seem to be a problem suddenly with the script as i had not changed or altered anything since i joined WHB some months ago - why now?

I was told

"During last several days there were some problems with load there were load leaps on the server and we were working on it contantly and today server is stable.

There are no problems with the server.

Now your site is being processed quickly.
If you are still experiencing problems please provide us with full URLs you have problems with and will check once again."

So whats happened to the accusations that i was causing the problems?

I was even threatened with suspension twice!

"Advise you to check your site and scripts, i.e. during intensive attendence of your site it may cause our server overload and your account will be suspended."

Heres a funny story, the first few months with WHB was great so i recommended a family member to join WHB. He has a forum with a few more people online. I showed WHB staff that website and told them to compare it with mine as they wanted to suspend me on because i was causing the load. I asked them why the other website had more member and was working fine without any problems and i am having to deal with such accusations with very few or no users online at all?

I was really angry and had explained for the last several days and weeks the server had been slow. They kept on blaming me for the issue which again i repeatedly asked them to identify exactly what part of the script was giving problems and demanded that more senior staff take a look at the entire ticket.

I later received an apology from a senior technician:

"Please accept our sincere apologize for our previous post with misunderstanding. Yes, it was our server issue and no way with your script. Certainly it's up to you to decide what to do with your scripts. PLease let us know if we can be of any help to you at any time."

And another from the initial technician that i was talking to:

"There was a misunderstanding and we're really sorry for it. We really had some problems with rs*, but they're resolved now. If you have any problems - feel free to contact us anytime."

I was pleased that they atleast understood me if not fix the issue. I really sometimes could not understand what they were saying, it brought some glimmer of hope when there was some understanding between us.

Now for the really bad experience with Web Hosting Buzz.

Still Mid May - Websites hacked across my entire resellers package.

Now this is really getting interesting now. My websites and clients websites were hacked across the server. From standard pages to premium forums like vBulletin.

As some had vBulletin installed on them i gave WHB some benefit of the doubt. vBulletin release patches from time to time to patch certain exploits. Exploits dont always mean websites get defaced very easily. Exploits allow only certain things to happen abnormally or create different avenues of attack if they are not properly patched.

However what happened to the hacked websites and forums was more than a petty exploit, luckyly this gave WHB the benefit of the doubt.

The damage that was caused was different, and it was quite evident that an exploit could not have done so much. It was more sinister. Before you know it, another website on my resellers was hacked and defaced and the two websites were no way related to one another. The only relation i could see was that they were sitting on the same server until a third website also got hacked!

I was doubting vbulletin and thought it could have been something new that they had not discovered. However if it was just a vBulletin problem then the problem would have stayed with vBulletin only. But no it had caused problem on a root level, html pages were deleted and replaced with the hackers message.

Anyways i contacted vbulletin and various senior technicians had taken a closer look at the websites affected. I gave vbulletin staff root access to all the websites affected and also gave them shell, ftp, cpanel access to find what was wrong. By chance i already had an up to date forum installed, that was also hacked and defaced along with other root files. This eliminates that it had nothing to do with patching vbulletin or running the latest version, as the latest version along with other things inside that domain was hacked.

Even after restoring the websites with the latest updates they were still being hacked and defaced across my entire resellers account.

WHB thought my passwords were weak or there was something on my end locally, a key logger or a spyware maybe etc. But no that was not the case, as i am behind a very good firewall and security and never ever had a virus on my computer. I also dont access client websites only when i set them up which was also defaced.

Later staff from WHB carried out a scan and found that when the hackers attacked they were able to leave files in my root for an easier entry the next time they attack.

WHB was persistent that it was a flaw with vBulletin when it was not.

vBulletin was adament that it was a flaw with WHB servers. They had carried out extensive research and examination on the many websites that were defaced including their premium software. The only possible route left was the servers.

WHB staff argued why it had not happened to others on the server yet? Well that was their word against mine, who knows maybe it did happen to somebody else giving me the benefit of the doubt?

Still not convinced?

The hackers had left a few files inside my root which they had forgotten to delete. They didnt leave anything behind on the other domains they had attacked, but on this particular one they had left everything. There was this file called get.php i was able to see peoples database passwords inside their configs etc along with some usernames when i executed the script. I am so lucky not to have lost any databases.

Take a read at this old thread i had made around that time about this very same issue with WebHostingBuzz:

http://www.webhostingtalk.com/showthread.php?t=695071

As you can see many have already identified the security flaws, it being with the servers on WHB. I also showed the same outcome to the staff members at vBulletin. If i was able to see everyone whos hosted on the same server dont you think there could have been somebody on the same server helping a hacker or the hacker himself running the script obtaining passwords of other accounts?

Does this not already represent a flaw with the services that are being run on WHB servers? I did not even get a thank you for bringing this to the attention of the CEO and their Operations Manager for identifying this problem. All i got was that they would look into the problem. Eventually this was resolved and patched on the server.

I remember WebHostingBuzz itself was also hacked, this was earlier on and i have the screenshots for that too. This was quite late at night and i dont think many were online to see. I had spoken to a senior staff member about this and his response was:

"Hi

If you can wait for a few days you would notice our press release in the news rooms around the internet. (I did not see any) This was actually caused due to a hole in the blackberry service by vodafone. Very high fi group of hackers hacked into the vulnerable blackberry software linked to one of the directories in the main webhostingbuzz list of folders and tried to take down the website. Never the less it was detected well in time (within 15 to 30 minutes) by our top admins. We are planning to sue Vodafone Europe for about $120,000 lost during the downtime caused by them.

Well all of this is confidential and I would appreciate if you could keep it yourself while we release more details officially in the due time.

Cheers"

I understand that this may seem confidential, but i have been searching the internet high and low till this day for a year now and have not found a single article about Vodafones relation with WHB and WHB suing Vodafone.

So this leads me to believe what i was told was not the truth and was merely said to boost my confidence in WHB? Maybe im being very cynical here, but the way that message was written and the words used was as if it was addressed to a kid on false pretence?

I can now see why reseller hosting is cheap. No doubt i really did get my moneys worth. $57 = £30 for the whole year.

Early June - Early July

As the server loads were getting really bad my emails and client emails halted and were not functioning at all. It just continued!

Mid July - More websites defaced

We thought our problems were over? No - websites were still hacked and defaced it was time i had to do something about it.

I was kept being told that the servers were fine, a senior member of staff told me they had the best server security and firewall. Clearly after what i have outlined above they dont!

Again i allowed senior vBulletin staff to be in my shoes, i gave them ftp, shell, cpanel access etc vBulletin staff had carried out extensive research over the weeks and finally reached a unanimous decision among them. The result concluded that the server was the only thing to blame. Read on to see how they reached their conclusion.

Late July

WHB servers were compromised yet again one way or another. Like all the staff at vBulletin Mike Sullivan was the one who had helped me the most and had spent hours communicating with me to get to the bottom of what i was facing. I have sought permission from Mike Sullivan to mention him from vBulletin for this review.

Here is an extract from our ticket:

Mike Sullivan - "Hi,

I have focused on **********.co.uk and that seemed to turn up something interesting. In the logs, I found this line:

212.71.37.96 - - [29/Jul/2008:11:56:42 +0000] "GET /forum/calendar.php?c=1&week=1167523200&do=displayweek&month=1 HTTP/1.1" 200 117

"http://search.live.com/results.aspx?q=ip%3A209.51.154.100+powered+by+3.6&go=&form=QBRE" "Mozilla/5.0 (Windows; U; Windows NT 5.1; ar; rv:1.8.1.16) Gecko/20080702 Firefox/2.0.0.16"

This is about 40 minutes before the deface happened. The interesting part is the referrer:

http://search.live.com/results.aspx?q=ip%3A209.51.154.100+powered+by+3.6&go=&form=QBRE

This is a search for all sites on a particular IP (209.51.54.100), with "powered by 3.6" on them. Your sites are the top 2 results.

While this means that they were targeting vB specifically,

by limiting it to an IP, that indicates that they already had access to that server and were using a separate search to help them find more things to deface.

Between this entry in the log and when the defacement happened, there were 2 hits to /forum/ and absolutely nothing else.

That just has to point to the server being compromised.

The does look pretty definitive to me this time. I think it's time to change hosts. Perhaps look at a VPS, where you're not paying for an entire server, but you are completely segregated from the other people on it.

Please let me know if you require any further assistance.

Mike Sullivan
Developer Team, vBulletin"

So i had presented this to WHB and told them about the particular search query the hackers were attempting. WHB were telling me nobody else on the server was hacked or defaced other than me. I told them that the search query presented to me by Mike from vBulletin displays my websites at the top only, the hackers already had access to the server hence the reasons I was the only victim so far.

(Remember this was last year, i have moved now so the search query will display different results.)

I found this very ingenious of the hackers.

WHB had wrote lengthy messages to me trying explain and reassure me it was not their servers. A senior technician even told me he use to work for a "goverment" before WHB, notice he spelt government wrong. I knew right away what kind of government he worked for. But to reassure me with personal experience was a good attempt on his behalf.

So for a brief moment WHB decided to talk to vB, me being the messenger ofcourse they wanted hints from vb .

WHB Senior Technician - "Can you please ask VB techs for some assumptions about how exactly these sites might be hacked using server-side security flaws? I don't see any reasonable way to do it. Possibly some specific PHP settings might create VB security issue, or something like that? Either VB guys meant something certain they know about, or they just said "this is not our product's vulnerability because this can not be our product's vulnerability". We'd really appreciate some hints from them."

vBulletin - "Hacked passwords are by far the most common method of compromising a server. However there are literally hundreds of other possibilities due to the wide range of applications on a server and the need to constantly monitor them all and keep them up-to-date.

In short this appears to be a brush-off. You host knows very well the multitude of ways a server or account on a server can be compromised. Or at least they should.

Please see this thread on how to make your vBulletin more secure:

http://www.vbulletin.com/go/secure

If you are still being hacked after doing all of this, then they are most likely doing this by accessing your server or account on the server. There are currently no known exploits in the latest unmodified version of vB.

Best regards,
Steve Machol
Customer Support Manager, vBulletin"

After that last response, WHB did not reply to the ticket.

There were still major load on the servers and i was already looking for a new host. I was then suprised to see a comment from a support staff.

"Small server overload has been in process all day long due to server security maintenance."

Suprise Suprise!?

Later i had posted on the vbulletin forums and this was the response i had got from vb staff:

"Steve Machol:
If you are still being hacked after doing all of this, then they are most likely doing this by accessing your server. You need to contact your host about this.

Me:
Hi Steve, Mike and I also came to the same conclusion. If you look at ticket number (Ticketid: 824317). You will see what Mike has to say and that there is sufficient evidence to say that it was the server that was compromised afterall.

A vbulletin. 3.7.2 (latest version was defaced), 3.7.1 and also a 3.6.8

I am in the process of changing hosts, however my current host fails to understand what i am trying to say to them and they are persistent that it is vbulletin's fault.

This is what they had to say.

WHB:
Dear .......,

I totally comprehend you but it is a matter only of your vbulletin's security which is not being guaranteed and provided by you i.e. it is not updated at all. Please be so kind to contact vbulletin's developers/support and install the LATEST version and ALL patches and updates! Keeping all these rules will make your forums safe for sure!

If you have any further questions just let us know. We'll be happy to help.

Me:
How can i make them understand that 3 different domains on the server were defaced which were not linked with one another and that 2 out of the 3 were fully updated versions of vbulletin?

Mike had also showed me the process of where the hackers traced the forum boards with msn search targeting the particular server which the hackers know well there was a way in.

I really would appreciate a reply which i can pose to my current host including any technical terms which they may understand.

Thanks

Steve Machol:
Unfortunately you cannot make a host like that understand. If they are not even willing to investigate a possible security breach on their servers, then the only viable option is to get away from them as fast as you can."

Another response for the above from Steve:

Mike Sullivan
Aug 01st '08 11:29am

"Hi,

I suppose you can use my name and try to explain what I showed. I'm just a bit wary that it looks like a vB staff member just saying it's not our fault. I'm really not trying to do that.

As for your host, I doubt you'll be able to convince them of much. Especially if it's from things I say. It's "he said, she said" really. In a weird sense, I wish I could find a whole in vB (or some other software) when I do these searches. It would actually provide some closue to the issue!

I don't really know what I can say technically, unfortunately. Looking at the logs, I could see when the pages started returning a particular page size; that indicated when it got hacked. I saw no accesses in your logs between the last good access and the first bad access that had anything weird about them (they were just /forums/).

The search enginer referrer is probably the clearest thing. Did my explanation of that make sense?

While I know that there is no such thing as guaranteed safety, your host's response just says "upgrade to the latest version and you'll be fine"... But as you said, you're already on the latest version. I don't know how they'd respond to you telling them that.

Hopefully you can get away from them. Glad to hear that you were looking into some VPS options, though you're right they might require more management. It depends if you're interested in getting into that. Frankly, just getting to another host might make the problems go away.

However, some of these problems are (somewhat) intrinsic to shared hosting. Only so much can be done to prevent 2 people with full access to the server (via Apache) from interacting with each other.

All I can say is: Good luck!

Mike Sullivan
Developer Team, vBulletin

(Mike mentioned going with another host could solve the problem, guess what? Im with a new host and no problems what so ever! - Read on.)

Early August

Problems still remained with regards to server overload, other users were also facing the same issues as this was evident on WHB forums. I was fed up and was in the process of moving but it was a very hard one.

I found communicating with WHB support staff very difficult. My first language is not english either nor am i perfect. However there always has been some misunderstanding and i have continually had to repeat myself so many times so that the support staff is able to understand me. There has been times where ive tried explaining simple things to them which they wouldnt simply understand. I have also had to break down my english just so that they could understand me, that experience was very frustrating.

I remember a time i had highlighted a ticket as urgent when my website was hacked across my reseller, support staff had demoted it "Low Priority" which made me even more upset with them.

There was a point i had an urgent ticket, it was responded to after 29 hours. Usually staff reply within a few hours, however in my case it took staff to respond to one of my urgent tickets 29 hours when the subject of the ticket header read: "3 websites hacked". However they changed my ticket status cheekly from "Urgent" to a "Normal" one. I give them credit for doing that as they came very close to replying to my ticket, but atleast they tried and gave me a sign that they had read it.

I suppose they were able to buy enough time to give me a flawed response 29 hours later. I thought resellers would have been taken somewhat seriously as they also have clients to manage and look after. Clearly they were not interested and i was merely another drop in the sea.

Their servers have been overloaded for a long time, on and off they were blaming it on the mail and then they tell me some clients were using up a lot of resources on their servers.

Every time i had approached them i was told they were taking down the sites that were abusing the server. - For that long!? I dont think they will have many clients left.

They were clearly under some sort of attack. The hackers were also searching sites on the particular server i was on by a the "specific IP address" search which Mike from vBulletin had demonstrated above.

I felt really ashamed after a few months as i had been promoting WHB as being a reliable and a good host. I had also introduced a family member to WHB, he was doing well on a different server on WHB until it suddenly had server issues.

I paid for a years hosting and so did he. He was told by WHB to Upgrade to a dedicated plan.. only after hes being with them for a few months which is when he started experiencing problems.

Does it not seem strange WHB had also told me the same thing? Why do they take every server load as an opportunity to sell their clients dedicated hosting? WHB was asking us to upgrade to a dedicated server initially just because we were experiencing load issues.

WHB is clearly just interested in how to get your money fast as cheap as it may seem. Im not suprised they must enjoy putting load on their servers and get customers coming up to them omplaining about load issues, they will then be very quick to suggest a dedicated plan. Talk about dirty tactics, they must be doing very well by now.

I found a new host around mid August which left me over 3 months to sacrifice. However my family relative has had to move after being with WHB for around 5 months so hes had to sacrifice a lot more months.

I am having no problems with my current new host even though i am paying a little bit more than what i use to with WHB. I have had:

no server issues,
no hacking attempts,
no script issues,
no MySQL errors and
no down time,
staff also know what their talking about.

Its been over 6 months and no problems at all, so what does this say about WebHostingBuzz hosting? I'll leave that for you to decide.