Elitehost down?

Ai toggie. my clients want to kill me. dont know what to say to them.

kom elitehost. win me back.

edit: buddy told me he got some issues with Cybersmart.

Is this related?
 
Last edited:
Thank you for your patience, the network has been mostly stabilised.

We are still experiencing a network outage on the server: rs04-pta.za-dns.com
We are working to get all services restored as soon as possible and will keep you updated with the progress.
 
This problem is easily solved, for at least local visitors to elitehost, if the destination IP in the DDOS is blackholed or null routed in the last hop internationally before hitting SA.. All international traffic to Elitehost is dropped for the duration of the DDOS, but all SA people can visit Elitehost no issues..
 
Elitehost said:
Thank you for your patience, the network has been mostly stabilised.
We are still experiencing a network outage on the server: rs04-pta.za-dns.com
We are working to get all services restored as soon as possible and will keep you updated with the progress.
Click to expand...

Unfortunately 90% of my sites are on rs04-pta.za-dns.com. What is the reason that it's still down? was it one of the sites on that server that was the target of the attack?
 
WAslayer said:
This problem is easily solved, for at least local visitors to elitehost, if the destination IP in the DDOS is blackholed or null routed in the last hop internationally before hitting SA.. All international traffic to Elitehost is dropped for the duration of the DDOS, but all SA people can visit Elitehost no issues..
Click to expand...

In theory yes, but in practice no.

Alot of international traffic comes through via JINX and NAP Africa. Particularly IP ranges behind Hurrican Electric, Microsoft Azura, Google Cloud Services, etc. As international traffic is coming through the local exchanges, mixed with all SA based local traffic, it requires some creativity and onsite DDoS mitigation with large pipe.
 
Stride Mother said:
I'm also on rs04-pta.za-dns.com, so I'd love to know the reason too.
Click to expand...

Thank you for your continued patience, our network engineers took initial action by blocking all international traffic to the affected IP. This was partially effective but further action was required as a large portion of the traffic came from local sources.
The IP has been blocked locally and internationally. We are monitoring the network and will continue working to get services restored to rs04-pta.za-dns.com.

Our deepest apologies for the extended downtime and disruptions.
 
Elitehost said:
Thank you for your continued patience, our network engineers took initial action by blocking all international traffic to the affected IP. This was partially effective but further action was required as a large portion of the traffic came from local sources.
The IP has been blocked locally and internationally. We are monitoring the network and will continue working to get services restored to rs04-pta.za-dns.com.
Our deepest apologies for the extended downtime and disruptions.
Click to expand...

Can anything be done besides waiting out the attack?
Do you know what site was targeted?
 
I'm still having issues with cp05-jhb and sh02-pta. sh01-pta seems to be fine, as is cp03-pta.

Intermittent access to the client area; very slow when it does work (slower than it normally would be with WHMCS).
 
I recall a large DDoS attack like this around the same time last year (or was it March?).

@Elitehost, any further insights regarding the attack source would be most-appreciated. Thanks.
 
NullHypothesis said:
I have said it before and I'll say it again there is virtually no benefit to host locally, these knuckleheads don't know nothing about hosting. For comparison I have a shared account from an EIG owned host (h9) that I use for miscellaneous stuff and that blows Elitehost out of the water. $6.79 a month for unlimited domains, I host it in the UK data center. Yet when noobs come to the forum and ask questions about foreign hosts I see remarks such as "why not host locally" and I just see recommendations for Elitehost ("only R35 a month") or Domains.co.za (another **** company). These companies cannot be used for serious business. Think about how cheap a R35 a host works out when you running a business on it, spending money advertising it, people coming to it and see it offline. Not so cheap anymore hey?
Click to expand...

Sure, I get you. But doesn't this only really apply to shared servers? My VPS instance over at domains.co.za has not been down once since I got it last year. EH shared has had more downtime after I came onboard than it did before that, but nothing unacceptable like Afrihost, which I dropped a long while ago.

That aside, would you recommend H9s 2-core VPS for an SME law firm? The pricing looks pretty good, but just want to get some insight regarding performance and priority support.
 
No seriously guys, this is now costing us money. What is the solution and what is the ETA?

Sorry this time we are jumping ship. Why can Hetzner mitigate/resolve such issues without extended downtime?
 
breacher said:
No seriously guys, this is now costing us money. What is the solution and what is the ETA?

Sorry this time we are jumping ship. Why can Hetzner mitigate/resolve such issues without extended downtime?
Click to expand...
Im really considering leaving. Had good support from them. But need more after hours support sometimes also and they dont. they seem to knock off @6
 
@Elitehost:

This is starting to get out of hand now.

The level of service being received is starting to be pretty much in line with that of Afrihost, which many of us here know is far from acceptable. The last time this happened (March of last year, if I recall correctly), updates were much more frequent and detailed. Now we're just getting vague updates about attacks, with no technical explanation as to the complexity and type of attack the network is being hit with and what is being done to mitigate/resolve.

The status page hasn't been updated since 13:51, where it currently states that most of the network is stabilised, excepting for rs04. Meanwhile, I'm still unable to connect to anything on cp05 and sh02, and I'm receiving CF errors (mostly regarding SSL handshakes) when trying to log into the client area. Opening a ticket would be of no use to me as it seems that system is also intermittent due to the attacks (perhaps you need a secondary support system on a third-party host, like you do with your status page?)

I really do get that your uptime has been great, for the most part, and I haven't had any major issues since migrating over to you. However, looking at the level of service being provided on public channels, I wonder if I need to start making reconsiderations. As a shared-hosting client, I expect there to be a problem every once in a while, but I certainly don't expect service-levels like this. R35 or not, it just isn't right.

Please can we have some detailed feedback?
 
Last edited:
_neo said:
@Elitehost:

This is starting to get out of hand now.

The level of service being received is starting to be pretty much in line with that of Afrihost, which many of us here know is far from acceptable. The last time this happened (March of last year, if I recall correctly), updates were much more frequent and detailed. Now we're just getting vague updates about attacks, with no technical explanation as to the complexity and type of attack the network is being hit with and what is being done to mitigate/resolve.

The status page hasn't been updated since 13:51, where it currently states that most of the network is stabilised, excepting for rs04. Meanwhile, I'm still unable to connect to anything on cp05 and sh02, and I'm receiving CF errors (mostly regarding SSL handshakes) when trying to log into the client area. Opening a ticket would be of no use to me as it seems that system is also intermittent due to the attacks (perhaps you need a secondary support system on a third-party host, like you do with your status page?)

I really do get that your uptime has been great, for the most part, and I haven't had any major issues since migrating over to you. However, looking at the level of service being provided on public channels, I wonder if I need to start making reconsiderations. As a shared-hosting client, I expect there to be a problem every once in a while, but I certainly don't expect service-levels like this. R35 or not, it just isn't right.

Please can we have some detailed feedback?
Click to expand...
+1
 
and dont you guys have Cloudflare in place. to help with this kind of issue. (hope its not the free plan)
 
Stormer12 said:
and dont you guys have Cloudflare in place. to help with this kind of issue. (hope its not the free plan)
Click to expand...

They do have CF in place (though that's for their own domains):

scrn_dnsdumpster.com-2017-04-18-19-59-04.png
scrn_dnsdumpster.com-2017-04-18-19-59-26.png
 
Last edited:
Stormer12 said:
cant they put main ips & servers on Cloudflare
Click to expand...

I don't think it works that way... They would need to clarify, because clients should really be getting their own CF. Here's a snapshot of everything dnsdumpster knows about cp05:

scrn_dnsdumpster.com-2017-04-18-20-21-07.png

From that, one can tell that it wouldn't support direct CF/DNS links. I don't know so much about how all that kinda stuff works, so again, they would need to clarify.
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X