New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Charityhost.org Review - Provider or Dominator!!!
This discussion has been closed.
Comments
Is it safe to assume that, this issue became so big that it tainted the name of the provider?
Oh things are getting worse?
Now you are talking exactly like CH. I am not suspecting but i am almost 99% sure you are the CH. Such a disgrace man. Before asking why i uploaded prohibited content, just read again and again my old comments, ticket recordings. You ignored several time my points as the CH.
I think we can do this for fun. But it won’t be enforced. And language has to be softened like “do you think hosts like @CharityHost_org should be banned?”
Stop it you trolls
Not trolling bro. Public shaming of not caring about privacy is protected by my first amendment rights. And I can easily enforce it too.
Oh you guys have that in your country? Dang.
Well I think many countries have this right. There are exceptions. This isn’t one of them scenarios.
I also don’t need to enforce it. I don’t think admins will get in the way over a few bucks from a host getting bashed on the forum.
From CharityHost.org's first thread itself I sensed they are to be avoided at all cost.
then came the "peeping into clients files" drama and it was confirmed they do not belong to this web-hosting ecosystem anymore.
and now this new drama which strongly conclude they are a nightmare to deal with.
CharityHost.org should rename themselves as "GreedyHost" that name suits them more perfect, ain't it?
I agree with you, but what gave it away?
Yep. And then we cancel everything from them.
I know it's called charityhost but I really hope you're being paid for all this shilling, otherwise it's just sad.
I hope this type of fun will be caution to such greedy-shadow minded provider. Also it will help Let owner to think such provider should be allow here or not
The... host... art?
The clue in public_html is HTML. The clue to you, McFly, is that this was an FTP account.
But why would it be public? It's an FTP server, so only anonymous FTP access would find this.
Also, let me know what browser browses FTP without having to make advanced configuration change. Most popular browsers disabled that by default years ago.
FTP is getting used 'fast and loose' with this.
What Charity sold was effectively a very very very large shared hosting account (directadmin? whatever panel). It isn' intended for hosting a public website, rather as just backup storage/masterbatorium.
Maybe the op had his content in
public_htmlto make it easier to browse and lotion up.The smart idea would've been for Charity to break/disable/etc the webserver on the servers to force it to always be over FTP. Then again, if he had done that, he wouldn't able to say 'his stuff was public'.
The product should be 'fixed' in this regard. Disable the webserver, local firewall at 80/443, whatever.
Francisco
But if there is no domain pointed to that public_html folder then does it even matter if it’s stored there? Only way to find out is if you manually set the Host header to whatever random domain was set on that FTP account and then access the server, but you’d need to know what domain the account was set to in the first place.
(Unless I understand this all wrong)
Doesn't have to be a domain, can be a pure IP address.
EDIT:
It would be good if it looked like this.
https://ftp-us.imperva.com/Web/Account/Login.htm
.. but as far as I understood in his specific case it looked like this (example):
http://185.179.105.210/
if i shoot someone and later find out they deserved it, wou> @jure12 said:
you just outed yourself lol
"public_html" was folder name convention using by control panel to store their file, it doesnt mean any public at all, i just naming which using by apache/old webserver for long time and control panel tend to use it for unknown reason. (For long time it was using not only store HTML static, probably some perl script and PHP).
Also @bdspice was tell not domain pointed and I afraid he got dedicated IP to expose HTTP on network, even "somehow" HTTP was expose on FTP package, Its for sure misconfiguration from provider to make it expose to public.
I have said this earlier. @CharityHost_org could have just disabled the webserver (It should have since they advertised it as ftp storage and not shared hosting storage).
If no webserver, then no such drama would have had happened.
@CharityHost_org made error after error as provider.
With all things aside, this is what should have had done.
The whole drama began when @CharityHost_org enforced the AUP yet they themselves didn't follow the AUP in the first place.
CharityHost.org
PLEASE READ THIS EMAIL IN FULL AND PRINT IT FOR YOUR RECORDS
Dear abdul gofur,
Your FTP Storage account has now been setup and this email contains all the information you will need in order to begin using your account.
New Account Information
=============================
FTP Package: FTP 500GB
FTP account server IPv4 addresses: 23.128.116.100
Domain: ftp.abdulgofur.com
First Payment Amount: $44.00 USD
Recurring Amount: $44.00 USD
Billing Cycle: Annually
Next Due Date: Monday, February 16th, 2026
If you have requested a domain name during sign up, please keep in mind that your domain name will not be visible on the internet instantly. This process is called dns cache propagation and can take a few minutes but up to 48 hours depending on your registrar.
==================
Username: ftpabdul
Password: 5zv5JCjE2lK3
Cyberpanel FTP Control Panel URL: https://ftp01-htx.spectroweb.com:8998
Note: You must accept the SSL warning in your browser for the server SSL cert to login into Cyberpanel control panel.
Uploading Your Data
=============================
You will need a FTP client such as FileZilla or alike. You will also need to create at least 1 FTP user in the Cyberpanel account to login with FTP.
You can upload your files via FTPS.
FTPS Hostname: ftp01-htx.spectroweb.com
Support
=============================
You can find easy tutorials in our knowledgebase: https://charityhost.org/account/knowledgbase
For any support needs, please open a ticket at https://charityhost.org/account
Thank you for choosing CharityHost.org
Reach out anytime with any questions or concerns.
Thank you!
CharityHost.org
https://charityhost.org
visit our website | log in to your account | get support
Copyright © CharityHost.org, All rights reserved.
This is the email when i got the server. I have not requested for a domain. Should i worried about public_html or not?
new vid idea "crazy hosting provider crashing out"
‼
No, unless the host hilariously misconfigured the FTP server like @ailice and @itachikonoha were mentioning. That would be a funny twist of events, the host blaming you for their own bad configuration.
So either one of two things happened, both of which are scandalous:
With HostBrr's storageboxes (which use DirectAdmin), I need both a domain name pointed to the storagebox server, and the files must be in public_html. If no domain name is pointed to the server by a DNS zone, then I can only access the public_html files by overriding the "Host:" header to whatever domain was set on the account (which requires the visitor to know the exact domain name to specify in the "Host" header; it's almost like a password to that end).
Since you didn't request a domain name, either a random publicly-viewable domain name was assigned (gibberish123-characters.domain.tld) or the host assigned a whole public IP to your server. The latter makes little sense from a cost perspective, since that IP assignment is better used on a VPS or an actual server, but then again nothing about this host makes sense. Pick your poison.
(Again this is all assuming my understanding is correct, which could be hilariously wrong... anyone is free to correct me.)
but hey don't worry, you can browse your data without any account via HTTP!
/s
404 :-D
Also do you really people believe @CharityHost_org is so rich that hey assigned "public IP" per free FTP service and he gave away hundreds of those? Stahp, it wasn't "per IP" - I am pretty sure he claimed it was some internal domain thing, but I am too lazy to search for it. Also he probably lied.
So, if I understand this correctly....
@CharityHost_org sold an FTP storage box where any random internet user could access content stored in the public_html folder, regardless of whether the client had explicitly setup a domain to share their content or not?
That sounds more like a giant security hole than an excuse for peeking into a client's private data 😬
my only question is what would have happened if OP wasn't storing porn, and CH snooped on actually private data just because OP was using the storage they were entitled to
everyone has to assume CH snoops on everything if their policy is to look at your data when they see you using your product
Definitely not.
They can't even afford modern servers.
Okey, I did some digging.
@CharityHost_org gave away "FTP Storage" services. People put data in
public_htmldirectory via FTP.@CharityHost_org claims it's publicly accessibility data because of the cyberpanel he is using and client needed to type/provide (any) domain name while registering - no need to configure it, no need to set any DNS records. It uses it internally.
aka: you can find the IP address for panel/host, you can talk with that IP and craft the domain name client provided and you would get a listing of public_html content despite client not configuring anything and/or even being aware. He will also claim
you don't understand the productas you, as client that (got) bought a FTP Storage service is supposed to understand cyberpanel.but hey at least now he added
public_htmlto product description.https://charityhost.org/ftp-storage/
https://web.archive.org/web/20250000000000*/https://charityhost.org/ftp-storage/
vs