So I got the following email at 1630 tonight. I know the ball started at 0800 this morning thanks to twitter. They may have had that many complaints to work through but here is the email I got.
My name is CS Rep and I am writing you from Customer Relation Department. Your case was brought to my attention because you gave us a bad review on Twitter. We are very serious about providing you with an exceptional hosting and customer service experience, we would like to confirm that everything is running as you would like. What would it take for us to became the best hosting provider for you?
Your feedback is crucial for our business to move forward. We are still that strong company with quality and products as we continue to invest more into support and service in terms of training and technology.
Do not hesitate to use my direct line (her number) or 24/7 technical support (their number) or simply reply to this email: firstname.lastname@example.org.
Thank you for choosing myhosting.com, I hope we can get your positive tweets shorty.
My world at work is customer service. So I am always willing to respond so that if they’re actually willing to improve their service they can. Here is my response.
Let me start off by saying at this point I will be leaving myHosting. I have invested in outside hosting, at best I will retain my myHosting account for exchange email purposes. That said as someone who works for a company that strives on customer service I’m going to lay out from beginning to end and my perspective on it.
Last month I had regular service issues despite my use of the CloudFlare CDN. I opened ticket #: FNF-528-19240
After multiple back and forth arguments about whether or not my site was hosted with myHosting finally they just blamed CloudFlare, the problem continued but with less frequency. I just dealt with it. For the most part the site would immediately come back on a refresh and none of my customers were noticing an issue or reporting one to me.
Then in the midst of this WordPress attack, I started to have issues a little more frequently. I started to get emails from my Customers and I did what I could on my end to fix the issue. Then it happened, I and all my customers, 4 total, were locked out of their sites. We were locked out without any email in my inbox of how to fix the issue. When the solution did arrive after my promptly emailing support it was a solution that none of my 4 customers could implement, much less be feasible for 2 of them. Despite my efforts in maintaining a secure WordPress site, including plugins to stop the brute force attacks, my site was rendered unusable not just to me, but my customers. I actually had to disabled Cloudflare thus increasing my exposure to SPAM and other undesirable traffic.
Just so I am perfectly clear. The actions of myHosting taken to “secure” the websites for which I am responsible resulted in their inability to function for my customers. It took me at least 12 hours before I could finally get those sites unlocked for my customers. During this time my ability to handle issues as well as my general perception to my customers was degraded. Doubly so since while trying to unlock 2 of the site resulted in 500 internal server errors. Once that error was corrected, cleanURLs was broken due to other changes to the .htaccess files by myHosting. Instead of just correcting their errors to the files, they dumped them. This made me look like an idiot again when a customer informed me in the morning he was getting 404 errors.
That night I started the migration to a VPS with another company. I could not trust that myHosting, even in a VPS, would not mess with my files or otherwise cause me issues and heartache.
I will say the shining spot in this entire mess was it appeared that I dealt with one single support representative. That is ownership and honestly that is what I like to see. But here is his last email, Don’t blame him though, he was trying to keep the peace and convey your situation. It is a lesson in needing to be seriously empathetic to customers and the effects of your actions as a provider.
Thank you for your patience and we are sorry that you are having an unhappy experience with myhosting.com.
Because 90% of our customers are not using Cloudflare for protection or wordpress plugins to stop unwanted access, we implemented this access restrict.
Because you appear to have a very secure webspace, you would most likely to be safe removing the lines that have been added, but this makes your wordpress website vulnerable to this attack, so please proceed with caution and make sure all wordpress user passwords are complex and secure.
We have disabled the .htaccess files on those two websites and they appear to be loading currently. If you would like, remove all the added code and turn your cloudflare back on.
Please let it be known we are trying to protect our customers the best possible way. Because of the urgency of the matter, this was the quickest solution. We hope this does not ruin your experience with myhosting.com.
Here’s how I read it:
My Corrections in Phrasing.
My mental commentary while reading.
Thank you for your patience and we are sorry that you are having an unhappy experience with myhosting.com. Because evidently the idea someone would be unhappy about being locked out of their own website surprises us.
Because 90% of our customers are not using Cloudflare for protection or wordpress plugins to stop unwanted access, we implemented this access restrictdecided to treat all our users like idiotic children that know nothing about anything. Luckily I have experience with being penalized because of the actions of others.
Because you appear to have a very secure webspaceactually know what the fuck you’re doing and have previously educated our support staff, you would most likely to be safe removing the lines that have been added, but this makes your wordpress website vulnerable to this attacka brute force attack where they just randomly try passwords, so please proceed with caution and make sure all wordpress user passwords are complex and secure. Why in the name of god do you think I use keypass and generate 20 character password strings, just for the ease in memorization?
We have disabled the .htaccess files on those two websites and they appear to be loading currently, but we broke clean URLs so they’re still not working right, our bad? If you would like, remove all the added code and turn your cloudflare back on. You mean I can unfuck my websites if I so choose!? Here I thought you guys were just out to screw me in front of people I support. And yes I unfucked every one I could as fast as I could, even before I got your permission!
Please let it be known we are trying to protect our customers the best possible way, by nuking the site from orbit by treating our customers like children and blocking their access to their own sites just the same as the attackers. Because of the urgency of the matter, this was the quickest solution, because we were dumb and too lazy to implement deep packet inspection and notice that the brute force attempts always use the same username, admin. We hope this does not ruinare sorry this has completely ruined your experience with myhosting.com. We didn’t consider the ramifications of how our actions could possible make our customers look in the eyes of their own clients. We will think about possibly not treating all our customers like children in the future but don’t count on it.
The same support guy I’ve been dealing with all day. +1 for that.
And yes, this did go up on my blog, this email will be going up as well. I want you to understand exactly how badly this has cut into me. I strive myself on customer service and whenever possible I stop what I’m doing to help when there is an issue. Even when these people do not pay me a dime for my services. I get an email at 0400 in the morning and if my phone actually wakes me up I will look and go fix the problem. I take my wife out to dinner and get a text message that the server is down and I spend the rest of dinner cranking away on my phone to fix the problem. That is customer service, owning the problem and fixing it. Most definitely you do NOT create problems for the customer and if you do, you fix them 100% and ensure the site is returned to normal. You do everything you can for that customer to ensure the problem is fixed immediately and any issues created are taken care of or assisted with to the best of your ability.
You must also remember when you do go and do something like that, it has consequences beyond just your visible customer level. Your customers have customers. Some have business and those types of actions cost them money and trust. In this case myHosting caused a question regarding my integrity with my ability to be a provider for website services. Integrity once lost can never be regained and I find the actions of myHosting down right deplorable given their impact on me, my business, and my customers.
If you have any other questions feel free to ask.
I’m not holding out for another response back, but I figured I’d give them honest feedback. I will say I was kind of happy to get the kick in the ass to go get a VPS.