Terrible Jodohost Support!

Dennis

Guppy
I can not believe the lack of support with Jodohost recently and I would advise everyone to be extremely careful.

I have been a member since 2006 and have paid for reseller hosting since then. Therefore as such a long term client I believe I have a right to complain and request someone looks into the support staff attitude and time to resolve ticket requests as well as the potential problems when decisions are made to install new especially untested server software.

In the beginning I was so pleased with Jodohost and the support was prompt, friendly and even beyond what they were required to do. However, I have see it go down hill since the to a level that in my opinion shows that the support staff really do not care how much inconvenience they cause and time wasted. Sometimes it is hard to make the support staff understand the problem even in simple terms as often they will post a reply request for further information without even attempting to look into the issue first. One of my clients even referred to some of the answers as "canned replies". I understand there may be some language difficulties having the support staff based in India but this should not effect the level of support. A simple ticket can take a long time to resolve if there has to be numerous replies with clarification needed. Then, if the support thread is more that a few posts it gets worse. Often the support staff do not read the previous tickets and I end up having to repeat myself in new replies referring back to previous posts. I cringe if a support ticket can not be answered within one or with posts as then I could be looking at days or more to get the issue resolved.

I am not talking about errors with the code of our clients' sites but I am talking about server issues like application pool problems or web sites suddenly not preforming very well after upgrades etc.

The latest issue is still ongoing and has taken over 3 months and as yet hasn't been resolved. It is not something that my client's or myself have done wrong but relates to some software installed on the servers after an upgrade that has disabled some functionality of the CMS used in several sites I maintain. I was not warned that this could cause problems and have not been given any practical solutions. I have posted this in the customer support forum http://support.jodohost.com/threads...opeless-support-and-the-ms-url-scanner.28111/.

Again and again Jodohost is failing my clients. Now I have no alternative than to change hosting providers but to move many hosting accounts and web sites to another hosting company is not a simple task and all hosts know this.

Your support MUST improve and I caution everyone to beware! We should be warned when if you install software that could potentially disable web sites and options provided if it happens.

Three months and still not resolved when it was not our fault is disgusting! Shame on you Jodohost, shame!
 
This is a unique situation, and we are working on it a lot. The major issue is simply in the way the CMS makes the URLs, and the errors it causes, and how much like in use exploits this is to other such URLs. The allow rules take time to build, and simply 'removing' them is putting many at risk. It is a bit hard to explain all in this without extensive examples showing how they look. However we are changing rules for you and working to get it all going, I have stepped in the last week and working on it personally, but it is a large task. Exploits, automated bot scans, and automated 'hacking' tools are at an all time high, and while the sitefinity CMS may not be vulnerable, it uses many methods that look quite like hacking/defacing scripts, which can be a big problem.

I certainly don't want to blame you as a customer at all, as the rules in place are by us, but we do need understanding in the fact that there are some limits in what we can enable on demand and without opening to other problems as well, and the sitefinity way of making a new URL for every action makes the process of allowing it even more troublesome, so its both the app and the rules at fault.
 
Thank you for your reply but the fact still stands that my clients site admin area (and seven other sites) is not working. I also understand that you are personally working on it but still we wait. If more attention was paid to this a long time ago it may have been sorted by now. It was through no fault of mine or my clients that this has happened but the software that was install has broken my clients' sites.

These clients are bus and tour operators and now is the busy season but they can not update their price list, timetable or publish specials because the CMS links are not working. How do you think that looks for me? Especially when I am told I would have an update in 24hrs but days later - nothing. I spend a lot of my time re-creating static pages to use on the site but then I discovered that even the link that allows me to point to a static page doesn't work. If I had known these issues would continue for such a long time I would have re-created their whole site and published it somewhere else. I have spent so many hours on this issue and no-one can pay me for the lost time not to mention the problems this is causing my clients.

Again, my recommendations stand - the support MUST improve! Also, I have spent so much free time on this. Couldn't Jodohost set up a VPS or some other hosting to publish these site to while this issue is sorted? Instead we have been left hanging!
 
Stephen we very busy to fix / resolve DDOs attack, now we have found old logs for your website which was blocking by Urlscanner. To fix that issue we have allow few character on your site URLs strings.
Can you please give it a try and inform us if still getting any error.
 
It is still not working and I have answered in the ticket. But I already gave the login details so the support staff could have checked this for themselves and easily seen that in the CMS no content area of a page can be edited.

I have also said that Sitefinity seems to generate a new query string for edit links for each session (perhaps for added security) so you would need to allow all characters and any URL string within the site.
 
I used fiddler and the login details you had given us, and that seems to have helped a bit..it seems you are using quite a bit of custom handlers in you web.config e.g.
[ Telerik.Web.UI.WebResource.axd" type="Telerik.Web.UI.WebResource ]

and these kind of stuff was not being loaded at all as the application pool was set to integrated mode.

I then switched it to classic mode, which basically will load everything from web.config and now the edit parts of pages are opening. But i have see in fiddler it still give me error on some .css like /App_Themes/Brochure2010/z_DevXpress.css
which i am digging still but not sure as of now.

Please do check your site out and let me know if things are now working for you in that edit sections or not.
 
Now I have a bit of time I need to add to this post to say that Jodohost, to their credit, did sort this error out at about the date of the above post. They have allowed the URL strings that the CMS uses. I am not having a different issue with a client site which is using the same CMS. So I am dreading the problems I may have to get it sorted.

My original complaint still stands as I believe there should be more focus put on solving issues. and avoiding being asked again for information that has already been submitted. Otherwise it is just wasting our time and frustrating my clients.

If my client has an issue, I go out of my way to solve it. When Jodo realised that the problem was due to change in the hosting server it would have been a good idea for Jodo to put the site on a VPS or some other way to get the site working while the original error was being resolved.

Because of the delay in being able to edit my clients site, there was a complaint made to the government and the company was investigated for false advertising. There was no way to edit the site and a price list remained out of date. This is very bad and could have been avoided Jodohost!
 
If you have an issue with some other area please submit it and it will be resolved, I can assure you of that.
 
Hi, I already submitted a ticket and have been let down again with responses like "We apologize that 2008 server caused this error to come, but we cannot force it to work if it is not working...". So each of my clients is now expected to pay $3000+ for a new CMS and site. I have tried to find other Sitefinity CMS users that are having this trouble on shared hosting but seems only to be Jodo.

As far as I know it is not incompatibility with Server 2008 but the Urlscanner software installed on the server. The last CMS build was released sept 2010 so is fully compatible with Server 2008. An exception was added or settings changed for the other site that had the same problem but it just seems like I am expected to advise the rest of my clients that that they need new websites.

I just want my clients' sites working please and better Jodo support!
 
Dennis,

We will attempt to help, and try to get things going, but the issue is running outdated software.

Just this week we found clients still running mambo from 2005, and joomla from 2009, and they wonder why they are attacked and defaced. Well, running outdated software does that.

It isn't that the software won't work in 2008, it is that it is not working in the most secure manner and looking/working like a vulnerable site. If you will provide the ticket ID in the helpline@ mail like last time we'll check it further but won't ensure you that it will work 100% with the style we'd seen in the past its a complex matter to resolve having to allow many strings that should not have to be allowed. And every one of them required to work right so it takes time to find what's needed, and some patience in working with us as we find the strings required.

Running old software such as this is going to have downsides, some of which can be worked around, and some which cannot be, so far it seems like we can mostly make these work but it isn't a fast process by any means.

Every day thousands(even millions across our network) of automated cross site scripting, sql injection, brute force admin login and other attacks happen on domains on the servers, why should we remove all security from the servers simply because someone runs a piece of software that uses the same techniques as those and allow them all to be even more vulnerable just for one? furthermore even if they have protections against this blocking it at a lower level before they hit prevents them from having to even process/sanitize the content and makes the servers run better as they aren't being hit by the automated requests and processing, they simply deny early and done.
 
Thank you for your reply and offer to assist. I do not believe that this version of Sitefinity is any less secure than other standard web sites and still believe there should be a way of isolating sites that cannot function without their own way of rewriting urls. Even Microsoft does not just stop functionality of their software. They also give a period of time before stopping support and don't 'suddenly' force an expensive upgrade. This was put on us without warning and no consideration for the repercussions (legal action was started against one of my clients). If the web site was causing direct problems then I could understand Jodo's action.

If there was an updated version of Sitefinity or patch I could use for my clients I would but to upgrade would cost them thousands and take a lot of time. I just can't do it at present. As there is no agreement on this issue I will advise them that there is no more support for this version and let them decide but they need time to consider their options.

If you are willing to help resolve this until my clients can choose an alternative then that would be appreciated. I'm not sure of 'helpline@' email as I use the ticket system. The ticket ID is "AJO-89694-846"

Thank you.
 
Helpline is the email address to use to escalate any ticket, if you could mail there. We've always been willing to till work with you on this. However about security of the matter we won't be agreeing on that matter, but it isn't material to the support aspect now or anything :)

If you have an issue on a ticket use your email (webmail, email client, whatever way you do) and just fire off a mail to helpline@ (jodohost.com) address and give ticket ID and brief overview and that will go to company management as well as on shift managers to address promptly.
As for notice, that's not our duty we cannot test every app against protections, it just is not reasonable for us to even consider such, it would never be possible for us to do even with 1000 staff dedicated to the task. sure isolations can be done, virtual servers can be made, but quite simply the task of licensing them costs more than the plan and is not something that can be done in a manner that will work unless the customer moves to a virtual server plan and pays for it in order to run their older software. Shared environments have more issues than dedicated isolated ones no doubt, but it doesn't change that old software is very much more vulnerable than fully updated software, just that in a shared setting sometimes the protections have to be more strict and cannot be tailored to a specific application especially when it is unknown.
 
Back
Top