New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
[Hacked] No Support Linux Hosting is Shutting Down
"On February 8, 2021, a hacker successfully compromised all the servers we use to operate our business including the No Support Linux Hosting web site, Admin section, and our customer database. We can no longer operate the No Support Linux Hosting business."
More details here: https://www.nosupportlinuxhosting.com/
Comments
No Support, Yes Compromised.
sorry to hear that.
I've never heard of this company but it sounds like they're living up to their name.
At least they have the decency to close down instead of pretending its all okay and never telling anyone so they can milk the last profits from it
Actually respected them, thought they were p cool.
"Do you like paying extra so other people can ask amateur questions? That's how it is at other hosting companies where beginners and experts pay the same price. Beginners drive up the cost by asking a lot of novice support questions while the experts don't contact support. That is great for amateurs, and unfair to the experts like you.
No Support Linux Hosting has a completely different business model. We ignore the support questions, and pass the savings on to you! If you are an expert who does not want to pay extra for help with amateur support issues, then you can host with us and save big money.
Experts like you can sign up now for free. We charge $1/month per website, and there is no limit to the number of websites you can host in your account. This is the best deal in the web hosting industry, as long as you are the type of person who can find his or her own answers."
That sounds like my kind of host, hope we see more like it someday.
Are you guys related?
It sounds a lot like the person who's running the company is just shutting it down and selling off customer data, any reasonable host would handle this better with better communications (what data was taken? working with authorities for an investigation if the attack was big enough? if there were backups, set the service back up, and many customers will stay if the company explains how they will patch the issue and prevent the next attack!)
thats a hell of a exit strategy, this guy is playing 4d chess
Admit mistakes, accept the consequences, explain your plan to do better. It's the only recipe for success because you can have a giant team of the most skilled in the industry and you're going to screw up. Giving up is lame.
https://www.zdnet.com/article/web-hosting-provider-shuts-down-after-cyber-attack/
They've been around for a long time. 2010 or earlier.
Solid business plan - shared hosting for $1/mo, lots of great tutorials on their site, no support. They did well. Not of interest to the typical LET reader but for the average guy who's got one brochure site, knows the basics of Wordpress, and doesn't want to pay Dreamhost $10/mo? Good deal.
I just got an email from them 2 days ago saying they didn't want to do an interview for LEB.
http://www.nosupportvpshosting.com/ their other venture?
That's been running for some time. Maybe it didn't affect that in any way?
The shared hosting page on that site mentions its a sister company: http://nosupportvpshosting.com/sharedhosting.php
May be he got bored and closing down. Or may be he never had offsite backups, everything got compromised, nothing to restore either.
If a sister company exists, then @cociu should acquire them.
I think the story as written seems plausible. There is speculation in the thread on HN that they were attacked by not patching for last month's sudo privilege escalation bug in a timely manner.
But yes, I would consider this minimal information even from a company proclaiming no support. Without that information we have to assume the answer is "we don't know, could be everything including payment methods, change any shared passwords and watch your credit card statements carefully just in case".
I think leaving responsibility for all backups to the user could come under their definition of "no support". Unless a provider boasts of having regular (and tested) backups I always assume it takes none.
The statement says "All customers should immediately download backups of their websites and databases through cPanel." so it sounds like user data is still present. But back in the HN thread someone stated "but somebody had already changed my password and recovery email in cPanel" so that might not be the case for all (unless this user just lost their credentials really).
Given they ran with cPanel maybe they don't want the customers to stay. The change to from per-server licensing to per-account licensing in 2019 would have hit "high volume of small users" hosts like this significantly - perhaps not enough to make the service run at a loss but likely the little margin left is not worth the hassle of cleaning up after the hack and trying to restart.
It's a shame and I wonder what they used that got compromised because they are the only host I've seen that uses ASP.NET from Microsoft.
But yeah they were a great host but I never used them because you always need some sort of Support.
Ah! Sad to see them going down
Their pricing was $1 per domain per month IIRC. Not per account but per domain.
Though that is more sustainable than some pricing models given cPanels per-account pricing, I suspect their margins did take a hit.
As someone who hosted there and had zero issues in the years I did host there, I was a bit shocked and saddened to receive an email saying they were shutting down...
Almost exactly 48 hrs later....my service is back up!?!
Nosupportlinux did respond to my enquiries for further information, and were very frank about what happened, the status of any compromised data, and its potential effects on me.
I do not personally believe this is hoax or an attempt to grab and dash user data.
But I also cant explain why everything that I had hosted with them is running.
@Shakib I can confirm that they are, if not the same company, linked to Shanje
nobackuplinuxhosting.com?
I was reading the situation as each user having a cPanel account for that domain though, otherwise "All customers should immediately download backups of their websites and databases through cPanel." wouldn't work?
Unless they run everything from one huge reseller account per server, that could plausibly be a workaround that might successfully kept the licensing costs down (I've not touched cPanel in over a decade, so I don't know the pricing ins & outs in detail).