All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Banned by xhosts web hosting for typing 'sudo' command once
This was my first time buying a web hosting service.
When I used the SSH function in xhosts, the terminal showed:
/usr/local/bin/composer2
Please do not use 'sudo' or leave your home directory.
Have a nice day!
Out of curiosity, I just typed a single word, 'sudo'. I was expecting it would show some kind of forbidden message. But the SSH disconnected immediately and I couldn't reconnect.
Then I opened a ticket, trying to find out what happened. After I explained what I did, I clarified that I did not use any VPN service. I received a forced refund.
It's my fault for typing 'sudo' (literally just the word 'sudo', with no other commands following it), but it's ridiculous to ban me and issue a refund for this!
Couldn't you have built a simple filter instead?
They said:
Before your edited command you had stated that you wish to "test what is allowed and is not allowed" as explained in the ticket an account that will be potentially becoming blocked on a regular basis is not feasible for us to spend hours ahead having SSH unblocked. It is easier to refund you now and allow you to switch to a provider more suited to your needs.
By the way, I didn't try to use or run any scripts or VPN services - they can verify this in the SSH logs. I only tried a few cmd like 'ls','pwd','python -V' and 'sudo'.
Be aware, everyone! If you accidentally type the wrong command like 'sudo' someday, you'll be immediately banned and given a forced refund.
Comments
You were told not to do it. You did it.
This is called Fuck Around And Find Out.
@xHosts
I am now afraid to breathe when I open xHosts
You got refunded. Go buy a VPS instead.
They said you were trying to install VPN scripts and other stuff not suitable for shared hosting in the other thread about this. I believe them more.
Customers like you are exactly why we refuse to allow jailed SSH access on shared hosting. Buy a VPS. Run MJJ scripts from it. Be happy.
Good luck Finding a new provider that you feel comfortable with
From the limited interactions I had with @xHosts he seems like a reasonable and nice dude.
You aren't an mjj so you have nothing to worry about
I'm not that person! I definitely not run any kind of VPN service!
I agree, I love xhosts...inhale-exhale...
What if someone copy and run a wrong cmd accidentally?
That is the "Fuck Around" part,
what comes after you paste the wrong cmd is the "Find Out" part
no sandbox ? really ?
>accidentally
How the fuck does that happen
If that is acceptable for you. Well, that's explain was good enough for me.
Yeah, for now I'm on the customer's side. Let's wait the provider's response before judging.
There's a proverb in English: "Curiosity killed the cat"
(See https://en.wikipedia.org/wiki/Curiosity_killed_the_cat )
I do not know your experience.
But for myself, in these years of usage of linux, it's truly happened few times that I copied the wrong cmd then run. I think this is Inevitable. If you will never make this kind of mistake, that's ok.
But it is true that the 'sudo' for this time is on purpose. I'm sorry about that, but I still think these could not be a reason for ban.
You are right, bro, This is live version for "Sudo killed the programmer"
professionals!
To me that reads like there is no security at all, and that sounds scary.
You chose to run the sudo command and SSH became blocked.
We requested information such as what you intend to do in SSH, you became vague in this.
On the other thread that you had been replying to before creating your own, before editing your reply on that thread you stated "test what is and is not allowed"
This is not something most providers allow, a customer looking to test the limits.
As a commercial decision rather than wasting hours each time you become blocked we issued an immediate refund and advised you to seek a provider more suited to your needs.
You have a full refund within a few minutes back to your card which now depends on the card issuer on how long this takes to be applied back to your card.
We go above and beyond for our customers in such as cases fixed WordPress issues that are not replated to the platform, migrated accounts from VPS to the shared platform at no charge.
If a customer is vague in their answers it is a red flag
question: is security a red flag @xHosts ?
Well, that's in our nature. You can't blame him, he's merely mortal. Saying "don't use sudo" is pretty much the same as saying "don't eat that apple" or "don't steal fire from gods". It's almost like an invitation to do it.
I'd do it too! Who wouldn't?
We know plenty of such occurrences, like opening Pandora's box, Icarus flying too close to the sun, or even the Monkey King stealing the peaches of immortality despite the warning.
Just don't say "don't use sudo" if you actually mean it!
Couldn't agree more
I'm afraid that you wouldn't have done so well if you had been in the Garden of Eden and God had commanded you not to eat the forbidden fruit
imo a direct BAN is not what people expected, and I agree you could find another better provider
First, I'm sorry about typing the 'sudo'.But I think it's not a enough reason for ban me.
Second, the most important one. I think you are even not clear which customer you are discussed with. The word "test what is and is not allowed" is not reply by me, maybe other customers. I did not said those words. I'm the 2nd person that reply you in that post discuss about the 'sudo' problem, I'm not the user that you said "try to use the VPN"
And what's mean 'vague'? It's first time I bought this kind service, I even didn't know what I should do for the web hosting service. Is this illegal?
Typing a single "sudo" is "customer looking to test the limits" ? I'm sorry about this agian, but it's not a enough reason for ban me! A sudo is testing the limit?
“As a commercial decision rather than wasting hours each time you become blocked”, So it‘s your decision to waste your customer's time? what did I do? just for a single sudo to ban me?
And let me guess: you bought their lifetime deal ( https://lowendtalk.com/discussion/203134/uk-usa-uk-london-usa-dallas-stackcp-hosting-3-50-one-time/p1 )
ssh in web hosting -- assuming that the provider allows ssh access -- is mostly intended as a convenient way of accessing one's files (to upload/download/organize them)
In general, scripts should be installed or carried out via the web-hosting control panel
just get a vps and move on.
I actually wonder how this works. Do they have their own binary that they replace sudo with? Do they schizophrenically scan every users .bash_history every 30 seconds?
Thx, I never used service like this, so just tried to explore eveywhere, tried to find that they can do
Yes. At that time, I just curious, what will happened......