@Elitehost:
I don't think that is the way to go. If people are wanting answers on a public channel, then you should provide the answers on a public channel. Besides, we could not access the ticket system for the most part of this attack, and you spending SO much time responsing to all of them is not the greatest idea, for anyone's sake.
Further, I'm quite annoyed that the Twitter updates were non-existent, except in reply-format, which does not show on your main timeline, and therefore not at the bottom of your website either.
I really do get that you try your level-best to mitigate these attacks and perhaps have to learn new things as the attacks change over time. However, it really is important that you up your game regarding client-service. You are not such a huge company that a member of management can't personally sign into this forum and give us a decent update (Jason?). There are people here who resell and need to be able to inform their clients of the issue at hand and what is being done to resolve it. Some technical details should be provided so that they may be passed on by resellers and VPS hosters. If there is some sort of legal glitch that disallows certain information from being shared early on, then all you need to do is say so - it really is information-enough. You need to start being transparent like you did before, otherwise you start looking like those red people we've all come to hate so very much.
Lastly, and to follow-up on my previous post here, I really need to re-iterate that your old status page was more effective than what you have now. The list of servers and their statuses for each component (HTTP, FTP, DB, SMTP, IMAP, etc.) was very convenient as it gave me the ability to tell a client that a server looks unstable and currently has intermittent access - all without you having to say a single word. Now that the old status page is gone, we have to rely on these really short messages with your deepest/sincerest/whateverest apologies. As such, I highly recommend that you bring back the old status page, even if you have to host it with two different companies or a highly protected dedicated server of your own with a different IP (plus fallbacks).
If there is anything I've learned in business, it's that the client may not always be right, but the client is always 'king', and they deserve the very best from their service providers, whether they're paying R35/month or R3500/month.
All-in-all, I am very disappointed. My symapthies are with you in terms of the attack, but you really did 'drop the ball', as you say.
Due to the inconvenience it would give to my clients, I will not be moving to another host at this time. For the most part, I see this attack as something that happens once in a blue moon, and so it is not enough for me to move clients over.
Please, guys, let's fix this issue and get back on track.
