WideVPS - Do not order from them

[sationus]

Hello,

I would like to share what happen w/ WideVPS.

I ordered the VPS on 6/16/2014.

The next day on 6/17/2014 I got the VPS info.

I went to login on 6/18/2014 for the first time. (because I work nights)

It would not let me in. So I logged in to the control panel, and it reports "Suspended"

So I put a ticket in to the support team, and I got this reply:

Attack detail : 8K scans
dateTime srcIp : rcPort dstIp:dstPort protocol flags bytes reason
2014.06.17 22:49:10 CEST 176.31.207.11:2006 150.57.28.37:445 TCP SYN 48 SCAN SYN
2014.06.17 22:49:10 CEST 176.31.207.11:2008 45.106.46.12:445 TCP SYN 48 SCAN SYN
2014.06.17 22:49:10 CEST 176.31.207.11:2007 130.121.66.116:445 TCP SYN 48 SCAN SYN
2014.06.17 22:49:10 CEST 176.31.207.11:2010 200.45.9.42:445 TCP SYN 48 SCAN SYN
2014.06.17 22:49:10 CEST 176.31.207.11:2011 75.49.87.118:445 TCP SYN 48 SCAN SYN
2014.06.17 22:49:10 CEST 176.31.207.11:2012 152.98.101.18:445 TCP SYN 48 SCAN SYN
2014.06.17 22:49:10 CEST 176.31.207.11:1621 13.120.193.108:445 TCP SYN 48 SCAN SYN
2014.06.17 22:49:10 CEST 176.31.207.11:1732 129.0.9.17:445 TCP SYN 48 SCAN SYN
2014.06.17 22:49:10 CEST 176.31.207.11:1622 196.31.235.61:445 TCP SYN 48 SCAN SYN
2014.06.17 22:49:10 CEST 176.31.207.11:1654 65.121.19.51:445 TCP SYN 48 SCAN SYN
2014.06.17 22:49:10 CEST 176.31.207.11:1614 82.74.221.45:445 TCP SYN 48 SCAN SYN
2014.06.17 22:49:10 CEST 176.31.207.11:1660 217.75.221.65:445 TCP SYN 48 SCAN SYN
2014.06.17 22:49:10 CEST 176.31.207.11:1632 133.33.69.5:445 TCP SYN 48 SCAN SYN
2014.06.17 22:49:10 CEST 176.31.207.11:1703 83.126.219.97:445 TCP SYN 48 SCAN SYN
2014.06.17 22:49:10 CEST 176.31.207.11:1627 17.106.132.76:445 TCP SYN 48 SCAN SYN
2014.06.17 22:49:10 CEST 176.31.207.11:1669 164.28.227.63:445 TCP SYN 48 SCAN SYN
2014.06.17 22:49:10 CEST 176.31.207.11:1676 86.20.50.87:445 TCP SYN 48 SCAN SYN
2014.06.17 22:49:10 CEST 176.31.207.11:1698 16.107.237.103:445 TCP SYN 48 SCAN SYN
2014.06.17 22:49:10 CEST 176.31.207.11:1670 176.26.236.26:445 TCP SYN 48 SCAN SYN
2014.06.17 22:49:10 CEST 176.31.207.11:1692 53.116.250.41:445 TCP SYN 48 SCAN SYN


We do not tolerate these attacks.
Marie C.


I let them know that I never even logged into the VPS at all, and it was not from me. They said they are not going to turn the VPS back on, so basicly they stole the 12 bucks from me. I should have checked here before I ordered from them.

I thought I would let everyone know ahead of time.

If they refund my money I will let people know, but I also contacted paypal, and will contact my CC company, because they protect online sales.

 

[spenchev]

Why don't you make a paypal dispute ?

 

[HH-Josh]

As spenchev has said, submit a PayPal dispute. At least you've not paid yearly for the service.

What does their own TOS state?

 

[easyhostmedia]

Looks like you wont get a refund as it would be deemed you have violated their Terms of Service.




http://www.widevps.com/terms.html

Payments and Collections

1- The user must pay your invoice at least 1 day before due date.

2- If in the due date the invoice is not paid, your server will be suspended one day after.

3- If your payment is not made 2 days after being suspended this be removed to assign it a new customer.

4- If our system detects any dispute or problem with your payment this will be suspended and you will have 8 hours to solve this problem, if the problem persists your server will be removed.
Refund Policy

If you are not 100% satisfied with your purchase because our types of services you have only 24 hours to request an fully refund for the cost of your order.

Dedicated Servers: If it has been 24 hours and you still want a refund must pay installation fee of 25 USD to issue the refund.

There is NO refund for Registration and / or Renewal of Domain.

If you have violated our Terms of Service may not receive a refund.

Refunds are subject to the discretion of WideVPS.

 

[ughosting]

Most hosts will switch off a VPS if the VPS was involved in an attack.

We would do so, however, we would have investigated whether your story of never having logged in was correct or not.

I would like to ask, how guessable was your password?

If an easily guessable password was used, you might have brought this on yourself.

 

[Cloudcandy Sale]

I totally agree with the ughosting. As you would be the main reason for setting an guessable password that is being hacked & therefore you would not get a refund.

 

[SalManHulk]

That's unfair for their customers...

 

[shango]

@SalManHulk you do not suspend user accounts when they violate your TOS and take part in ddos attacks?

 

[Gaiacom_LC]

It sounds to me like they may have received a report from a previous user, and suspended your account without checking the dates.

Too bad, really, because they could have kept you as a paying customer, and you could have received service without all the trouble...

Edit: Now I see the dates on the traffic log, but, eh, what I mentioned is known to happen also. :rolleyes2

 

[Rado_Ch]

Still, those Terms seem pretty harsh. 8 hours to solve a problem after VPS is suspended? So what if I just went to bed when they suspended it? Until I wake up it would be too late?

The ticket response also shows that they don't really care about what happens with their customers, just strictly follow some made up guidelines. Alright, they detected an attack, suspended the server, fair enough. And what information is given to the customer? "We do not tolerate these attacks" and nothing more. So if I am a novice and just bought my first VPS I would just stare with astonishment, not knowing what is that in front of me, what the issue is and most important - what solutions do I have to resolve it (even if they are paid ones). In my mind pretty unprofessional. :twocents:

 

[hostroyal.us]

looks like a scam to me

 

[packet3]

Wow, it took them some time to send you the details from when you signed up, I had issue with them before I found there support/customer sevice not very welcoming

 

[facilitator]

I see most of the companies struggling with Entertaining Customer tickets and quires even few don't have proper support you to use their contact us page.
Why don't they have own support team and providing 24/7 support? of course there are some extra costs involve but customer satisfaction is the key to excel in any industry.

 

[SLogix-Brian]

I think it's scam. Just my point of view.

 

[King-Servers]

Its been really unfair from customer's point of view. It would advisable for you to raise a Paypal dispute.

 

[easyhostmedia]

It would advisable for you to raise a Paypal dispute.

100% pointless as hosting is intangible, so offers no buyer protection, so Paypal would not do anything

 

[HostZealot]

Just one more example of what happens when people rush for cheap service, without reading the TOS or thinking even a bit of possible consequences.

And really, I would try to setup my VPS asap, as I paid money for it, why would I let it be hanging idle?

Finally, regardless of the rudeness grade in their reply - they indeed stopped an attack your server was involved in. How come that your server was involved - that's a whole another question.

I have to agree with Rado_Ch on this one - they acted really rude and unprofessional.

BTW, I recall a case when hacker used a loophole to gain access to admin panel of a provider and placed his email address as a bcc for VPS, hosting and dedicated templates. It was not detected for 2 years, after that he gained control over all of the accounts... You can imagine the rest yourself. That hosting provider does not exist any more.

Thus said, that attack could be caused not by hacking your VPS... but by hacking THEIR database.

 

[HostingAbove]

I would most certainly advise escalating with the on-duty Manager to review the case before raising a PayPal dispute.

Unfortunately, disputes affect the reputation of both the client and vendor from the merchants eye. ^TG