Netcup: Command the Cloud with KVM Mastery
Posts by nuffsaid
-
-
If I were you, I would stop the customers from moving and monitor the situation for about 6 months. Because this month was the hot phase in which netcup may have overreacted due to time constraints.
This is a very good point thank you, I have paused the move while I get more information regarding this, as I have more servers I wanted to migrate in.
I don't think it is reasonable to expect that Netcup keeps a compromised server online for any amount of time. A hacked server can do all sorts of damage, and if that were a computer under your desk, you'd have to take it offline immediately too. People often ask for help cleaning up hacked servers or webhostings, and they usually shy away from a clean slate approach because "It's too much work" or "takes too long". You see, there are important services and web sites on their server, so they can't afford the downtime. The answer is always the same: At that point it's not an option to just clean up a little. If your sites and services are that important, you should have a hot standby to switch to.
You have a valid Point, but I believe this boils down to how bad is the damage to warrant a complete server shutdown without notification, they are some organisations like us who run 24/7 so even a few hours sometimes is good enough to resolve an issue.
But the hot switch idea is excellent, so I am going to be looking into it to ensure business continuity.Display MoreI'm not in the reselling business at all but I'm also curious to learn about NetCups policy.
From the initial post it's not clear what actually happened so I guess the issue was one of the typical issue with WordPress where the site was abused to host phishing sites?
I'm not trying to play this serious issue down, but I reckon it's debatable if the "host" was compromised which justifies a complete shutdown of the server without warning.
This is by no means meant as an excuse for lack of proper business continuity planning!!!
To add more info to this one of my customer's websites was compromised to host a Facebook login phishing page. You're right, this is a serious issue where time is of essence as the longer it stays online the more damage it does but usually when we detect this or get notified they are usually sorted within the hour of the notification.
But hopefully when Netcup finally responds we will know all about their policy on reselling on their network.In my opinion, it is also to question whether customers who buy services for their own customers via netcup are actually welcome. Because we are not allowed to name competitors by name here in the forum.
There are also tariffs for resellers that have been specifically designed for such projects and should therefore not be confused with the tariffs for end users.
I believe the parent company offers custom solutions so I am not sure if these custom solutions also come with similar pricing in this regard but i will be contacting them to find out.
What led me to Netcup to begin with was the pricing and stability, which i took a while to watch and monitor before i decided to dive in. -
I have never had a problem like this with netcup, but I did have one with a competitor who gave me 72 hours to fix the problem before they wanted to block the server.
Because the competitor is very good, I am still a customer with him.
I also do have servers with other providers, and with all of them it's standard to be granted a minimum 24 hours to resolve an abuse incident.
This is also my first time in my many years of hosting to face an incident like this, so I am very surprised and worried.
-
Was hast du für einen Server? Einen Managed Server oder einen Server mit Root-Rechten?
What kind of server do you have? A managed server or a server with root privileges?
I have an unmanaged RS 16000 G11 .
-
Hello Netcup Community,
I’ve been a Netcup customer for about a year now, and my experience so far has been excellent—smooth sailing with stable and reliable servers. Based on this positive experience, I recently decided to migrate some of my customers to a larger server after testing your smaller servers for stability and uptime.
A few days ago, I encountered my first-ever abuse report with Netcup. While the incident was resolved within a few hours thanks to a friendly and helpful support agent who granted me access to address the issue, what worried me most was the handling of the situation. As soon as I received the abuse notification, the server was immediately taken offline without any warning or grace period to resolve the issue.
Given that I run a web hosting company with a few hundred websites hosted in a single container, this approach is concerning. Many of these sites are WordPress websites managed by my customers, and while I am very proactive about server security—regularly applying patches, scanning for vulnerabilities, and taking preventive measures—there are times when customers forget to update plugins or themes, creating vulnerabilities. These are typically resolved promptly when identified.
Across other providers I work with, the norm is to receive a notification of an abuse report and a timeframe (usually 24 hours) to address the issue before further action is taken. If immediate server shutdowns are the standard policy at Netcup, it’s worrying, especially as I was still in the process of migrating my customers to this server.
I’ve reached out to Netcup support for clarification on this policy but have yet to receive a response, so I am going to assume this is due to the Christmas holidays. In the meantime, I wanted to ask the community:
- Has anyone else experienced similar handling of abuse reports by Netcup?
- Is it standard for servers to be shut down immediately upon abuse notification, without a grace period to resolve the issue?
- Is there a way to request a notification and response window in future cases to prevent disruptions?
I value Netcup’s reliability and stability, but understanding this policy is critical for me as I evaluate whether to continue migrating my customers or pause to reassess.
I’d appreciate any insights or shared experiences from the community. Thank you in advance for your input!
Best regards,
A Semi-Frustrated Customer.
-
UCEPROTECT is a total scam, they are no legit service providers who actively use them as their service is strictly to extort money from people, so you can ignore the Level 3 listings or UCEProtect as a whole.
