Kings Bollege Bambridge anyone?
Beleaguered customers of UK hosting outfit tsoHost have been thrown a fresh curveball. Sites starting with the letter B on its cloud (Gridhost) platform are struggling to load. Issues began just over a week ago when the company reported "temporary loading issues" that were hitting B websites on its legacy cloud-hosting …
I look after a site which has been on a VPS with TsoHost for a few years (and Evo Hosting before they were bought) and it's dire. Frequent high load periods throughout the day meaning probably an hour of unavailability every day. I don't own the site unfortunately and owner seems happy with it. Begins with "d" though.
leaving them ASAP as they're cheap but not cheerful. They just expired our primary business domain today, having never sent any reminders or any invoice. On contacting their 'helpdesk' I was told that they might not be able to renew it as it could take five days to process a payment (despite their T&Cs stating that they offer at least a month's grace). And this is on top of blocking our outgoing emails for quite some time, plus totally screwing up the MX record for a site we migrated out. The 'technician' put all the MX parameters in the domain name field!
Then there's the 'helpdesk' that can email you but you can't email it. All their emails come from noreply addresses and their 'portal' only works in the latest browsers. They clearly don't want to talk to customers, and their company register listing shows two directors in the US but no UK based responsible parties.
That's not actually true about their helpdesk.
I'm a long time TSO customer (for now!) and I just checked the address of support ticket updates (I have an open ticket on this very issue) and they are from email@example.com and clearly say "###~~~--- Please reply ABOVE this line ---~~~###" so I don't know where you got this idea of a noreply address from, assuming you are using Tickets and not Live Chat (I never use the latter)
Also, what browser were you using? I use Firefox + NoScript and I don't have any problems with their web portal.
Have to laugh at the statement from TSO in the updated version of the article.
"small subset"? "intermittently"? LOL
3/3 of my websites beginning with 'B' are affected and they have been almost unusable since last Friday.
They are slowly (no pun intended) improving today but still well below what you would consider usable, with timeouts and failures, and the like, being what you mostly get. Often a site won't load at all, but if it is does it is painfully slow and creaking along before it falls over again.
My definition of "intermittent" in this context would be "more often up than down" but the reverse is the case.
I don't understand how it is taking them so long to fix this.
> I don't understand how it is taking them so long to fix it.
We had a similar problem (sudden, massive, swamping load on web server) at a contract I did a few years ago. We traced it to one client's website having been hacked: festering badly-written malware trying to do something in/from their private file structure. IIRC we just checked with them they had no transactional data then diffed backups till I saw some "static" files disappear (and remaining datestamps matched), overwrite with that and bobs your uncle.
Yes, I assumed something like that. Which is why I don't understand why they can't just identify the offending vserver and suspend it. It doesn't take 3 working days (5 if you include the weekend) to do that.
They were quick enough to suspend one of my sites over a false positive for malware on a download I was hosting, when that happened last year. On an executable that hadn't changed in several years. *sighs*
I don't understand how it is taking them so long to fix this.
They're probably still trying to work out why anyone thought it was a good idea to distribute virtual instances over physical servers alphabetically.
Meanwhile customers starting with a letter Q report performance has always been excellent.
They are awful, too many accounts, not enough resources.. just another cookie cutter hosting company.
It's the standard lifecycle, they get setup with good intentions and decent resources, then slowly try and push up margins by getting more accounts, diluting resources so you've got a nice business on the books, then action their exit strategy by selling to a monolithic hosting company ( i.e: GoDaddy et al) - that's the nail in the coffin. Rinse and repeat.
I have some websites hosted at TSOhost. For several years those used Lets Encrypt certificates (free).
On Sunday 26 Dec I became aware that one site was now giving "insecure" warnings indicating that the certificate was no longer valid.
I logged in to TSOhost to see why. The Lets Encrypt control panel icon was gone.
I raised a support ticket, being a Sunday and Christmas and a cheap host, response was slow but eventually I got: "I am afraid that on our cPanel hosting packages, we don't support Let's Encrypt, but you can add any issued free SSL from an open-source and install it from the TLS/SSL option in cPanel."
They also suggested I might like to pay £50p.a. for their commercial alternative. As it was a personal "hobby" site on "economy" hosting, paying an extra £50 is bonkers.
You might think that a provider would give clients advance warning of withdrawal of an essential service, but no! I took the suggested alternative of getting Lets Encrypt elsewhere and installing it. For someone with reasonable IT literacy I found a relatively straightforward way to do that (Google for "certsage") but, IMHO, beyond the capabilities of most small businesses and individuals. That said, it will be necessary to repeat the exercise every 60 days creating a further incentive to move to a better host which I've already done for a few other sites. [Lets Encrypt should keep working for 90 days but advice is to renew after 60 days]
TSOhost is part of Paragon Group, which is part of HEG (Host Europe Group) which is part of GoDaddy. If the same policy is to apply to the many GoDaddy subsidiaries there are going to be a lot of very upset individuals and small businesses.
It's pretty much a "must" for a website to have a secure certificate these days. Without one, visitors are likely to get a scary "insecure" alert from security software or web browser and Google will give a poorer ranking in search results. Other web hosts still provide Lets Encrypt (free) including "budget" hosts. I can only infer that TSO (or GoDaddy) have spotted a way to squeeze more cash out of their customers - I checked elsewhere for certificate prices and it looks as if TSO host are adding a healthy profit margin, cheapest I could find is under £10p.a.
Ok that's bizarre considering its an official free add-on that literally every WHM and cPanel host have enabled. Seems you can use a workaround https://community.letsencrypt.org/t/tso-host-remove-letsencrypt-from-cpanel/167591 but that's really odd when its basically something that has been standard for a number of years.
Not odd at all - it's a scam to collect more revenue, with attractive headline / lead-in pricing for basic shared hosting with the profit coming from pretty-much essential "add-ons" like SSL certs.
Their on-line help does at least acknowledge that you can continue to use Let's Encrypt or other 3rd Party certs, but tries to scare the bejesus out of any non-tech customers from doing so. I've just updated the cert on my club website using the CertSage script mentioned above and can confirm that it works perfectly, with clear instructions that most users should be able to follow. Only real downside is the need to repeat the exercise every few months.
In general not at all impressed with TSOHost / GoDaddy but, like a slowly boiling frog, I can't quite bring myself to go through the hassle of migrating the (inherited..) website and email to somewhere better.
Direct link to CertSage here:
Standard at GoDaddy (as if there aren't enough reasons to avoid them anyway). This page covers it, https://uk.godaddy.com/help/install-a-lets-encrypt-certificate-on-your-linux-hosting-account-28023
I really don't think they want anyone to use third party certificates with text like this "...cannot guarantee their safety or reliability..." and a link to another page to explain how to "Install your certificate and private key in cPanel" that gives "No page found."
It seems GoDaddy is buying up smaller hosts and migrating them to their platform which means the old host's clients lose their existing Lets Encrypt certification.
That they do that without prior notice to those clients beggars belief. GoDaddy SSL certs come at an even higher price than TSOhost at £70p.a. (after an introductory discount if you pay up-front for 2 years).
A friend runs 3 small web sites on TSOhost's 5 web site package at about £86p.a. he reluctantly stumped up £50 for SSL for one of them when TSO pulled the plug on Lets Encrypt. He told me after the event but I was at least able to help him set up LetsEncrypt for the 2 other sites he has there, otherwise what once cost £86p.a. would now be £236p.a..
"Might need to start looking for alternative hosting."
Change that, remove the word "might".
Check any alternative is not a GoDaddy subsidiary.
My preference remains with hosts big enough to be able to provide 24x365 support but small enough for your business to be important to them (not in the sense of phone queueing systems that put you on hold for 20 minutes interrupted every minute with an assurance that "your call is important to us").
Unfortunately it's hard to name any because, when an aggregator like GoDaddy come knocking, the payday for the owners is just too big to turn-down.
I had hundreds of domains, initially with excellent small providers but gradually they all got absorbed into bigger companies. Eventually that became 123reg who were OK for a while but, if my understanding is correct, they got gobbled up and the gobblers got gobbled. Costs went up, service went down. I just had to knuckle down and migrate a few sites a week until all were gone. It was a big effort but saved me thousands, higher specification service and responsive, effective support. I expect GoDaddy will buy them and it'll be back to square one...
About 3 years ago I moved everything away from Tsohost, resulting in much less stress for myself and my customers. I'm blown away that they're still having such issues to be honest. I'm trying to move a few sites away from Tsohost for a large agency who are dropping Tsohost completely. Of course for the majority of today I'm been messing around battling with Tsohost support to provide some form of actionable update as to when the B sites issue will be resolved.
As 3 years ago, Tsohost flat out refuse to provide any form of ETA. I've been waiting 8 plus hours now for the escalated support to reply to my ticket.
I so do not regret moving away from Tsohost (as stressful as it was at the time).
What, more downtime, yet again? …something something B Ark… something something… but I don't seem to be able to access that particular website just now for some reason…
Apparently TsoHost used to have a reasonable reputation once upon a time, but then they got acquired by the Sirius Cybernetics Corporation, and, well, you can kind of guess the rest: "Go stick your head in a pig."
The update to add where Tsohost state "We have identified high load as the root cause of the issue" is a total lie.
After they messed around for over a week, that including multiple full days of downtime for my site beginning with "B" they finally resolved the issue.
It must have been pretty significant because according to their status page at https://help.tsohost.com/status/report/13096 they state on 14/01/2022:
"We have successfully completed the migration of ‘B’ website data from the failed hard disk to brand new hardware. Your website should now be working correctly. If you made any changes to your website since Monday 11th January 2022, please check your website to ensure all changes have been saved."
As expected, after Tsohost fixed their brokne platform the sites in question were immediately migrated away.