They are rubbish in everything they do.

Whether it is just for one basic site, or like us a reseller with many, do not go near them.

They will be more trouble than they are worth, with slow servers, bad idiotic support and terrible attitude to customer retention. Don’t do it

Seems they are resetting more passwords on the 10th.

http://fasthostshell.blogspot.com/

@Eliot: I’m sure there have been many people happy with what they have had from Fasthosts, I think the problem with them arises when you want a little more from them. They kinda strike me as mass production, low quality, no customer service and when it comes to something like this… total incompetancy.

@Adrian: I am no expert in managing servers, but I would imagine that there must be astronomical costs associated with that level of proactive management. Having said that, a good sys admin should have these things in place when setting up. Things like intrusion detection, rootkit detection etc are the basics but I am guessing if folk can hack into the pentagon if they want to it is hardly surprising that a hosting company can get hacked. The least they could have done though was encrypt our passwords, makes me wonder about what other contingency plans they had??

I think any hosting company can take security to a certaibn level and most of them wil have pro active top level security but to implement that on a personal level for every client would be a mammoth task.

I’m afriad I cannot offer any concrete advice on the specific hosting requirements for anyone but perhaps a few simple considerations for you.

1. Any company holding data that has compromised would be required to report it to the police if it breached data protection law
2. There are companies that will provide penetration testing but this will come at a cost
3. You are entitled to ask for services from a hosting company but they are also entitled to charge for a service. If they cannot provide the service they are not worth going with. Ongoing forensics may be expensive but how valuable is your data?
4. Try looking into specialist hosting companies, they may be able to cater to your needs more specifically

These are just some thoughts that have come to mind whilst writing and by no means comprehensive but if anything, Fasthosts have certainly posed some interesting questions to potential hosting customers for any hosting company.

Lets see if there is any reaction from their competition and maybe we will all benefit.

Thanks for you input folks

I have been calling the “top” hosts just to see what do they offer. And guess what?

None will check your site regularly to see if it has been hacked; none will do forensics and report it to the Police/high-tech crime unit. None will attempt penetration tests against your site.

What they will do is restore your site from a backup, apply patches. Is it just me thinking this is not “managed” enough?

Does anyone know a hosting provider who will pro-actively *manage* a site?

As for data of mine being around, sure, but I don’t see much danger in that. So what if I signed up for some dead-in-the-water service a year ago? It’s like someone knocking you over the head on the street and stealing an old supermarket receipt from your pocket.

I suppose it’s an inevitable consequence of ‘engaging in an environmen’ – be it your local pub or the web. Of course, that never means others should just mess around with stuff you trust them to safeguard.

Thinking ahead: where could a Windows/ASP/MS SQL host move all their sites to? What are the best non-Fasthosts options for resellers, who don’t want to look after their own server? Thanks for any tips.

I can imagine that is exactly why this has happened, just a shame I was in the boat when it sprung a leak.

Well, from someone who works for a MUCH smaller hosting company (&, I hasten to add, one who ENCRYPTS THEIR CUSTOMER’S PASSWORDS), we’ve been picking up disgruntled customers of fasthosts all year. Vive la fasthosts cockups!

This is baaaddd..
http://www.theregister.co.uk/2007/10/19/fasthosts_banking_hack/