Recent Dreamhost problems (in the last year)?

I recently signed with Dreamhost when I saw a nice offer (the ‘555’ deal in celebration of hosting over 500,000 domains). I was pleased to see that Dreamhost offers support for Ruby on Rails and has a lot of other nifty features, to boot. In fact, I was so jazzed about the sign-up offer, that I posted a link to Dreamhost on a message board used in a Web Applications Development course I’m doing with the Open University, UK. A course moderator wasn’t so keen on DH, however, and posted a reply that rather chilled my initial enthusiasm. I’ve copied her message below. My question, for those of you who might know, is whether she has her facts straight, and assuming so, what has been done to improve any kind of security issues here? I’m not so concerned about “overselling”… I think it makes more sense to allocate more resources than most users will need (at least from a user’s POV) than to have very low caps and need to pay extra if a site gets some unusually high traffic–or have a site become unaccessible for the rest of a billing period–so I don’t really see having such restrictions set high as a negative. But the allegations about hacked sites, stolen FTP passwords, etc–this I DO find a bit concerning. Anyone (DH customers)? Dreamhost staff? If I can report back to “class” with a bit of info about how safe DH is now compared to when (if true) this happened, there might be a few more sign-ups coming. —lolo

OU TT-series course moderator comments:

[quote]aaargh :frowning: Couple of points:

  • this is fine for hobby sites, just don’t host a business site on there! Reliability is pretty poor, and they oversell bandwidth and disk space in the hope that most people won’t use their allocation.
  • they have just been hacked and had thousands of FTP passwords compromised. The thieves then used these to add a load of link spam to the victims’ home pages.
  • whatever host you use, don’t sign up for 2 years in advance! When it all goes pear-shaped 6 months down the line you won’t get your money back.

Sorry to be so negative; I have never hosted with Dreamhost myself, but I know a lot pf people who have, and regretted it.[/quote]

Well, that’s why there is a 97 days money-back.

But for such service, even if the service is good today, don’t pay 2 years in advance, even if you know the company.

Get [color=#CC0000]$97[/color] Off with promo code :[color=#CC0000]97USA[/color] :cool: -->choose your plan (promo code included)

Sure, I’ll bite:

I think it depends on what kind of uptime you think you need and how much you’re willing to pay for it. For a basic business site just telling your customers what you do, where you’re located and how to contact you, I’m 99% sure you’ll be fine here.

For an ecommerce site with more than $100 in sales a day at 20% margins, I’d say you’re making enough to consider virtual private hosting. Note that this won’t help with DOS attacks, which have formed the bulk (60%) of the downtime for me at DreamHost, but it does help with the 20% of downtime due to my neighbors having wild CPU parties in the middle of the day!

What aspect of the hosting is unreliable? I’ve had problems due to DoS, bad neighbors, and some NFS glitch. I’d argue that the only problem that could be due to some reliability concern is the NFS glitch.

Very true. And the problem with that is? I haven’t heard of any problems people have had with not being able to use their space or bandwidth. I remember one person running out of space on their device but that got fixed straighaway.

This is true. I do hope that DreamHost’s investigation determines exactly what happened and that they address the underlying causes of the problem. At least it was smaller than the TJX credit card heist.

It all depends - you have your 97 day money back guarantee period. You can trade off the $2 a month discount against the probability that you will want to cancel after 3 months but before 24 months.

Good luck with your decision!

Free unique IP and $67 off with promo code [color=#CC0000]FLENSFREEIP67[/color] or use [color=#CC0000]FLENS97[/color] for $97 off. Click here for more options

Dreamhost has fully disclosed the details of the stolen passwords, read the articles for you self at the dreamhost status blog.

First post, Security Breach

second post, Security Update

I was informed by DH in an E-mail that one of my users had been compromised. The E-mail also instructed me to change the password for that user, and any other place I used that same combo.

The hacker had actually injected his links onto the bottom of my main index page, and nothing else. It was very easy to remove the data, and after changing the password there haven’t been any further problems.

–Matttail - personal website

That, actually, says a lot! :wink:

Yes, there have been some problems (all shared hosts, in fact all hosts, have them!), but DH has handled,and is continuing to handle, them. Most of what she said has been thoroughly discussed all over the web in various forums/blogs, and, when you read through those posts/threads and the resultant comments, you can’t help but note how many people out there still believe that DreamHost is an exceptional value.

It is also important to remember that one rarely hears about the “happy” customer; it’s the ones who are unhappy that yell the most and the loudest. :wink:

I have hosted with Dreamhost (for almost 9 years now) and I guarantee you that I know a lot more people who have hosted with Dh, and love it, than she knows people who “have regretted it”. :wink:

No host is perfect, and YMMV with any webhosting company. Everyone is entitled to an opinion, but I feel that the opinions of those who do use the service are more reliable than those who have only heard the horror stories.


I agree with Lensman here; If your livelihood depends on the site being up, then you really shouldn’t be hosting it on any shared host. A VPS or dedicated box, while initially more expensive, could actually save you money in the long term. Of-course, many business sites are mainly informational and having near 100% uptime is not as critical. In such cases shared hosting is probably going to be adequate.

As for DreamHost; Yes, they have experienced quite a few problems over the last few months, resulting in more downtime than we (or they) would like, but my overall experience since being with DreamHost has been very good, with the recent problems just highlighting how trouble free the service normally is.


Web Hosting Reviews | DreamHost Promo Code

Thanks to all of you for your quick replies. I’d still be happy to hear from others, but I’m getting a better idea of any potential issues. As I replied in the course “café” discussion, the fact that this HAS happened probably just means that DreamHost is likely much more vigilant now than many other low-cost hosting alternatives. Since I’m just starting out, anything more doesn’t make sense, but if something I do gathers enough momentum and starts to pay the bills, I’ll certainly considered dedicated hosting.

@mattail: Thank you for posting the links to the DreamHost status blog; that’s very helpful. I notice that the second link you provided was empty, but with a quick search I was able to find the proper URL:
second post, Security Update

As others have said, if it’s a site you intend to make money from, and uptime is high on the list of priorities, shared hosting is not the place to look, but if you can tolerate some down time, and I’m not talking about a lot of downtime, on average I would guess that the downtime for my sites is around 5 minutes per month, this is just a rough guesstimate not taking into account problems such as DoS attacks which are beyond Dreamhost’s control.

In general I’m happy with Dreamhost, the occasional glitches can be annoying, but I don’t expect a lot for the price, which is what it all boils down to in the end. In the hosting industry, for the most part, you get what you pay for.

Web Hosting Review | Get Around The Net Directory

To be honest the fact dreamhost was hacked wasn’t really a major issue for me.

I have seen stories of ISPs having every customers email addresses compromised. Banks which have had security problems etc. No system is perfect and there is always someone looking to find ways around security.

Rather than it being something surprising I think you have to expect that it could happen anywhere given the number of people out there willing to do this sort of thing.

Where dreamhost have got things right is by disclosing the problem, how many companies would be so worried about their company image that they would cover up something like that.

Shared hosting may not be for everyone but if you do not need a lot of resources then its fine. Whats the point of having a vps or dedicated server if your site doesn’t need it.

$97 DISCOUNT with [color=#CC0000]DISCOM97[/color]
More codes

I was a very happy Dreamhost customer until a few days ago. The fact that my website uptime since then is been in the 40% range has changed all of that. I can’t keep my websites up, and the last straw was a condescending email I received from DH support yesterday blaming me for the problems due to the number of scripts I was running. I counted two .cgi scripts on my main website page.

My take on the Dreamhost situation is that its rapidly spinning out of control for them. They can’t keep the servers up, they can’t keep up with support requests, and they can’t even give me a straight answer to why my websites have been down 12+ hours a day for the past three days. I’m assuming that they’ve got a warez site or something on the same server as my sites, but instead of finding the problem they blame me for it.

I’d stay as far away from Dreamhost as possible, even if you’re running a hobby website. When its working, its a good value but based on the way things have been the past few days that’s not going to happen much going forward.

Considering that they destroyed several years of brand equity with me in a few days due to their shoddy service, unacceptable downtime and general cluelessness should tell you everything you need to know about DH’s “recent problems”. The fact that I’ve made my displeasure very clear and they’ve not even given me a good explanation as to why the problem is happening should speak volumes. The fact that their response to a problem is to blame the customer should speak volumes.

As soon as I can work out the logistics I’ll be leaving Dreamhost far behind. IMO they’re in over their head and that’s a “recent problem” that will only get worse…if they’d even give me an honest answer telling me what the problem is and when they’d have it fixed I’d be fine but I’ll I get is spin and prevarication. I’d have an easier time getting a straight answer out of AOL than I have out of Dreamhost in the past few days…

As others have said, if it’s a site you intend to make money from, and uptime is high on the list of priorities, shared hosting is not the place to look, but if you can tolerate some down time, and I’m not talking about a lot of downtime, on average I would guess that the downtime for my sites is around 5 minutes per month, this is just a rough guesstimate not taking into account problems such as DoS attacks which are beyond Dreamhost’s control.

I’d be happy as a clam if I could get only 5 minutes of downtime a month. I’d be happy if I could get 5 hours of downtime a month. The way things have been the past week I’d be happy to get 5 hours a day downtime.

Sorry da1prophet, I think you are too over for that… For me, the major problems over these 6 months is only the DNS load balancing problem which lasted for about 20 hours for me.

As for the DH support, I greatly appreciate them. I once have problem with the downtime issue, I email them and I got moved to a new server and then I’m happy. I have my site monitored using host tracker and I get my site 99.8% up.

So… happy to get 5 hours a day downtime ?? Come on !!!


Get YOUR $97 off on yearly plan with [color=#CC0000]YOUGET97 [/color] promo code. Sign Up NOW

DH has had a few issues with responses to customer support incidents that have caused a couple good and longtime users to leave.

Much like the comment above - the problem was not what was done but that email from DH support has had an accusatory tone rather than a “supportive” tone. I completely understand that after a few hours of searching for the cause of an issue that I would have some attitude, but you CANNOT take it out on the “stupid customers”. Take a break, take a leak, take a walk, take a chill-pill THEN send your email.

I know at least one ecommerce site that has left DH over it.

Wholly - Use promo code WhollyMindless for full 97$ credit. Let me know if you want something else!

Because of the ill responses ?

Hm… luckily I still have good ones from them. And hope still remains so.


Get YOUR $97 off on yearly plan with [color=#CC0000]YOUGET97 [/color] promo code. Sign Up NOW

Yeah, I wonder if it means that DH needs to implement better CRM software? Though maybe they just have the same problem that I do when responding to technical support issues - walking the fine line between nice vs. condescending. :slight_smile:

This is where face-to-face interaction is helpful. I can convincingly nod and smile sympathetically.

Free unique IP and $67 off with promo code [color=#CC0000]FLENSFREEIP67[/color] or use [color=#CC0000]FLENS97[/color] for $97 off. Click here for more options

From the comments above, I bet they should have it.

Maybe the application should be smart enough on responding to support’s feedback by saying, “Hey, your chosen words of response will irritating the customer. So your message is being hold by the system. Please review and refine it. If you are not ready enough, go and make some coffee first !!” :stuck_out_tongue:

Get YOUR $97 off on yearly plan with [color=#CC0000]YOUGET97 [/color] promo code. Sign Up NOW

It only takes one. If you have a script or two that is causing problems on your server, then they’re correct… that’s your fault.

As far as the tone of their emails goes, I’d guess that it could be linked to the tone of yours. If you really feel you were mistreated and did nothing to provoke it, then report it.

Sure… 1,300+ servers and they’re never up. That’s why people keep signing up and making them one of the biggest hosts in the world. It must be because people simply don’t have a choice, since there are only a few thousand hosts out there.

That must be it! Even though ignoring a problem would affect hundreds of people, it’s clearly some sort of conspiracy against you. Maybe every other customer on your server is in on it and they’re willing to put up with poor service just to know you’re having trouble.

If any damage was really done, you did that yourself. The second you decide to put something on a single cheap shared hosting account, regardless of where it’s hosted, you’ve pretty much decided that your “brand” isn’t worth much.

There sure is a lot to work out when it comes to something as hard as signing up at a new host! I can see that quality branding is really priority #1.

That’s odd that you’re having problems, since AOLers are usually very web savvy.

I almost forgot to ask: What exactly were you talking about in the last sentence of this post?

:stuck_out_tongue: Save up to $96 at Dreamhost with ALMOST97 promo code (I get $1).
Or save $97 with THEFULL97.

Ah! Got some badly behaving scripting going on there have ya? And the message was “condescending” because you obviously know much more about your scripts’ impact/effect on the server/your site then DH does (because of your high level of expertise and your ready access to all the system logs and such), right?

I suggest you take a careful look at exactly what your scripts are doing, and how they are doing it (complete with enabling resource reporting and a thorough review of the generated information) to see if there might be any element of truth in that "condescending message). :wink:

You could also post a link to the problematic site(s) here, so that other could help you with this evaluation ( of course, we could only see it for the few minutes a day that it is up - oh, wait, we could also track it’s actually uptime too, couldn’t we?)


Guys (seiler, rlparker) - we’re talking about communication here - not the real source of the problem.

it takes two people to communicate and it’s up to the receiver to determine how he wants to take it. If he’s offended, it’s his choice - this has absolutely no bearing on who’s fault it is. This is a negotiation. Although DH has all the power (the ability to shut down the account) and the customer has the option of taking his business somewhere else. BUT - knowing that DH has got to be a bit frustrated after hunting the cause of issues, the first communication HAS to be seen as convincing the customer that it’s his problem.

Maybe we can convince DH support that they need to pretend that they’re trying to get into someone’s pants. That’d change the tone of those first messages. They’d include a couple drinks and maybe dinner and by the end everyone will believe that it really is their problem and take care of it.

I’m not saying that DH staff aren’t right that it’s the customer’s fault, just that it might need to be a bit less accusatory in tone (in some email) if they want a better and cooperative response.

This is not a logical argument and no amount of debate training is going to change anything. These are human communication issues - despite DH staff being ninjas.

Wholly - Use promo code WhollyMindless for full 97$ credit. Let me know if you want something else!

[quote]we’re talking about communication here - not the real source of the problem.

it takes two people to communicate and it’s up to the receiver to determine how he wants to take it. If he’s offended, it’s his choice - this has absolutely no bearing on who’s fault it is.[/quote]
Good points, wholly, and they evidence excellent perception. I agree with you as far as it goes, but I think there are cases where some folks are “offended” for no valid reason. :wink:

I’m not so sure I buy that, as I have had a lot of experience dealing with people who are “uber-sensitive” and far too quick to take umbrage at the slightest suggestion that they might have any degree of fresponsibility for why something is “borken”. It’s a little like when you remind your teenager to turn out the lights and they respond, “I DO NOT* always leave the lights on! How dare you accuse me of that? Who said I left the lights on! That’s not true! Why are you picking on me?” Shakespeare, wasn’t it?: “Methinks thou dost protest too much” :wink:

Hey! That’s a good plan, just as long as they don’t spend any money or resources that could be better used to provide services or hardware for other customers for that level of “coddling”. That is the “customer service” model for far too many American business these days, and those costs have to come from somewhere. I actually like a host that is “frugal” that way,. even to the point of aggressively managing clients that demand more attention than is reasonable for problems that are not really part of the hosting company’s support responsibility (such as third party scripts - as mentioned in the TOS). That makes for a better value for the rest of us. :wink:

That is another excellent point and I think everyone should try to be “less accusatory” in most circumstances; I’d also like to point out that neither you nor I even saw the email in question (the OP elected not to share it), so neither of us are really qualified to characterize the “tone” of the email. As you point out, it really doesn’t matter- the receiver of the communication will generally characterize it in whatever way he chooses irrespective of what was actually said. In my experience, clearly “bad” tech support responses are usually shared by the recipient; I’m also dubious of claims that someone’s communication was “condescending” or “accusatory” when they can’t be bothered to actually report what was said or written.

That does nicely sum it up in my view, and I think you are “right on the money” with that assessment. :slight_smile:

That said, the obvious question is, “Why even respond to these types of posts?”, and there is a strong and somewhat convincing argument to be made that there is no worthwhile reason to respond at all. The counterpoint to that argument is that, in public forums such as these, it is so easy for a poster to unfairly and/or unreasonably vilify another (person or company), making no effort to substantiate or provide support for their statements (I call these types of posts “a drive-by bashing”, that some balance is added to what others reading the thread see by taking the time to challenge, or comment on, the reasonableness, or voracity, of the post.

Meh…I’m not sure it makes any difference anyway to this poster (his mind is made up), and your post artfully points that out. It might, however, give a subsequent reader some pause before assuming that what was reported was completely accurate and fair.

So, not knowing what DreamHost’s initial response to this poster actually was, or the ultimate source of the problem, I can only trust my own experience. My experience with DH Tech Support’s demeanor and “tone” is that they have been unfailingly personable, friendly, solicitous, and proffesional. My experience in tracking down problems with third-party scripts is that is almost always the script itself, its installation, or its operation that is the problem (though, as you point out, that is not so much the relevant issue with this poster).

Caveat Emptor, YMMV, etc. - all the standard disclaimers apply. PAX :slight_smile: