Jonathan Burdon

I have written a pretty in-depth review of Jonathan Burdon and AlreadyHosting.com concerning their affiliate fraud campaigns here. I even discovered that Jonathan Burdon is directly using cookie stuffing to obtain fraudulent affiliate commissions.  You can watch a short video demonstrating the cookie stuffing for MDDHosting, BlueHost, HostMonster, and WebHostingPad in this video.  If you’re not very familiar with how affiliate systems work, the basic premise is that sites will use outbound links to the provider that place a cookie on the user’s computer to identify the referral so that the affiliate can be paid.

In an article about Jonathan Burdon [which is likely written by Jonathan] it is claimed that “There is one *unnamed* company on the web that refuses to pay Jonathan for his contract so they have launched a smear campaign against him, please ignore their comments,” and the article goes on to say “If users will take a few moments to visit Jonathan’s sites they will soon realize that his site is a great resource and that the individuals writing the slanderous posts about him are simply incorrect.” Source: http://www.articlesbase.com/branding-articles/jonathan-burdon-webmaster-2848333.html

It seems that Jonathan Burdon believes that I’m personally launching a smear campaign about him and goes so far as to claim my posts are slanderous.  What I find particularly interesting, is that I have only posted verifiable, factual information and even the email communications with Jonathan Burdon.  I’ve not posted or said anything that wasn’t simply true and verifiable.  To be entirely honest, I don’t care about Jonathan Burdon or his reputation but only that he doesn’t continue committing affiliate fraud and, as such, stealing money from other hosting providers.  I publicly challenge Jonathan Burdon to disprove any of the information I’ve posted about him or AlreadyHosting.com.

I’ll be straight and to the point as to why Jonathan Burdon (AlreadyHosting.com) has not been paid for their affiliate commissions – they’ve committed affiliate fraud and, as such, we terminated them as an affiliate.  In performing cookie stuffing, not only has Jonathan’s site immediately taken credit for everybody who visited his page whether the page was helpful or not in the provider obtaining said new customer but it has done so under the false pretenses of being a “Review” of which the page was most certainly not.  Any provider that relies upon word of mouth and quality reviews to obtain customers will have a large portion of their customers who simply search Google for reviews of their company.  As soon as one of our potential customers clicks on the AlreadyHosting.com link to read the review of MDDHosting they will already be giving AlreadyHosting.com credit for the purchase even if the visitor was only on the page for a tenth of a second and didn’t find any useful information.

Jonathan Burdon has submitted a DMCA Takedown Notice to us and our data center to have his email conversation removed from public view under the false pretense of his emails being “original works” that he claims are protected by U.S. Copyright Laws.  While I do very much appreciate Copyright laws and their protection of intellectual property; I do believe publishing of Jonathan Burdon’s emails qualify under “fair use” and, as such, as soon as the DMCA Takedown period has passed (10 to 14 days) said emails will be published here once again along with some more emails not yet published.

It is my own personal opinion that the only one being damaging to Jonathan Burdon’s reputation is Jonathan Burdon.

Here are some more sources of interesting information:

http://www.webhostingtalk.com/showthread.php?t=963915

http://www.scottswezey.com/blog/2010/jonathan-burdon-wants-to-sue-you-if-you-link-to-someone-that-doesnt-like-him/

Update – 07/24/2010

Upon further research it does appear that Mr. Burdon is indeed correct about emails and copyright and as such the emails that were previously posted and removed due to his DMCA notification will not be reposted.

At the hosting provider I own we originally started offering Virtual Private Servers late 2008 to address the needs of our clients who were outgrowing shared but didn’t yet want to move to a full-blown dedicated environment.  We did offer VPSs for about 6 months before the HyperVM scare at FsckVPS happened where dozens of VPS nodes were wiped clean and data lost.  We then decided to discontinue HyperVM and worked on migrating our existing VPS clients to other providers we worked with and trusted to be reliable.

The Good

Fast forward to late 2009 when we brought our first new SolusVM VPS server node online.  SolusVM has been an exceptional control panel with a good list of features and while it is missing some basic features such as bandwidth reports, cpu graphs, and memory graphs SolusVM has been working on improving their software over time.  We can handle a few missing “features” as long as we know that those features are in development and will be added.

The administration control panel and the user side of the control panel are very clean and concise while still being very powerful.  The only gripes we originally had with SolusVM was the inability to customize the client side templates and re-brand the solution however they did enable this ability and so far we love the control panel in this aspect.

SolusVM does offer a forum where you can post your questions and issues and receive support from others using the software as well and fairly regularly a SolusVM staff member will also stop by and help out as well.  There is also a support ticket system should you have an issue that is urgent or that does require some privacy.  Our general experiences with SolusVM support over both methods has been fairly good – I wouldn’t go so far as to say great but the support definitely has not been bad.

The Bad

As with any solution the support staff can only support their solution and they cannot support third party issues such as hardware issues with a server, networking issues outside of the VPS system itself, etc…  We understand this however we are facing an issue currently that is indeed a part of the SolusVM control panel ecosystem and yet we’re receiving no support on the matter.

The particular issue we are facing is that no matter what speed we set for individual VPSs in the control panel they are limited to a total limit of around 10 megabit/second transfer speed.  Before contacting SolusVM support we did do some testing to make sure that the server itself was configured correctly and able to transfer at rates up to 100 megabit/second:

[root@boreas ~]# wget http://speedtest.dal01.softlayer.com/downloads/test100.zip
–2010-04-22 17:02:27– http://speedtest.dal01.softlayer.com/downloads/test100.zip
Resolving speedtest.dal01.softlayer.com… 74.86.116.210
Connecting to speedtest.dal01.softlayer.com|74.86.116.210|:80… connected.
HTTP request sent, awaiting response… 200 OK
Length: 104874307 (100M) [application/zip]
Saving to: `test100.zip’

100%[========================>] 104,874,307 9.55M/s in 9.7s

2010-04-22 17:02:36 (10.3 MB/s) – `test100.zip’ saved [104874307/104874307]

91.4MB/sec transfer

Even with providing this information to SolusVM they responded that they were able to reproduce the issue on our servers but that the problem was not a SolusVM problem and that they could only provide support to the panel itself.  They stated that they could not and would not support issues with our server or network.

We’re quite a bit on the fence with SolusVM due to this lack of basic support.  It’s obvious that the server itself is fully capable of 100megabit speeds and that the networking is fully capable of these speeds as well and yet SolusVM support is telling us that it’s a server or networking issue and that they won’t help.  To be clear the only thing that has been done to this server is that we installed it with a basic CentOS5 installation and then performed the SolusVM installation.

I’ll be sure to update this post once SolusVM does get back to us either letting us know that they are going to help with the issue or that we’re on our own to find another better supported control panel.

Update

It seems that they’re unwilling to help in any way/shape/form which is really unfortunate.  Up until now we’ve had nothing but good things to say about SolusVM and their support but it looks like there isn’t much support available.

Jason from SolusVM support got back to me saying they tested the rate limiting on our servers and that it is working and suggested that we test the feature ourselves.  They also stated that they tested teh speed limiting on their test servers and that it was working fine.  They went even further and said that it was an OpenVZ issue and not an issue with their control panel.  The tech went far enough to say that they are not willing to spend hours of their time investigating the issue when all we really wanted was a bit of effort on their part.

Update Number 2

I let the support tech that I was dealing with, Jason, know about my suspicion of what was causing the issue and I let them know about this post.  My suspicion is that since we are using SoftLayer servers where ETH0 is Private Networking and ETH1 is public instead of ETH0 being public as it is on most servers at most providers that perhaps this was causing issues.

Jason got back to me stating that they will not be blackmailed by a bad review and that he is passing the ticket over to Phill as he is no longer going to respond to the ticket.  Phill did get back to me very quickly (within about 10 minutes)  and hopefully we’ll be able to identify the issue.

Update Number 3

Phill did get back to me letting me know that the traffic shaping is indeed hard-coded to ETH0 and suggested that we either change our public networking to ETH0 or that they perhaps that SolusVM should do public network detection.

From speaking with Phill it seems as though he thought that our issue was that the Traffic Shaping wasn’t properly applying to the VMs and come to find out it’s not but that isn’t our primary issue.  Ultimately there is still the issue that SolusVM hard-codes eth0 into it’s traffic shaping and we’ve uncovered this today.

As for the issues where the VPSs port speeds are dropping for no apparent reason, we’re still working on this for sure.  Hopefully SolusVM support will be willing to assist with this.

Update Number 4

So it seems that SolusVM wanted me to remove any excerpts used from emails/tickets with their support.  I’ve done so as requested.

Update Number 5

Ultimately after finally getting Phill at SolusVM to actually discuss the issue with me he suggested that I drop all traffic shaping rules on the host node.  We did so and amazingly all of the issues disappeared.  This was after hours upon hours of SolusVM saying it wasn’t an issue with their control panel – it turns out that it was actually an issue with the control panel having hard coded eth0 into their traffic shaping settings in their control panel.  Every SoftLayer server uses eth0 as private networking and eth1 as public networking which means that SolusVM’s way of performing traffic shaping simply didn’t work correctly in our environment.

While this does mean that we’re unable to perform any traffic shaping per VPS via SolusVM until they enable the feature to select your primary eth device and that we have to do so manually if we wish to do so – we’d rather have to do some manual work and have it work correctly than to rely on the control panel and have it flawed.  We’ve voiced our opinion in the ticket that SolusVM should give the option to choose an alternate public ethernet device and we’re doing so here as well.

As far as I’m concerned the issue is ultimately resolved but SolusVM does have a long way to go before it gets back to where we would feel comfortable recommending it to our partners and other providers we socially network with.

The individual signed up using a first name and last initial only, their mailing address was a mail forwarding address, and many other red flags were sent up when this individual attempted to order services.

Here is a complete view of the email conversation with all personally identifying information redacted and by all means read it over and let me know what you think in the comments.

This individual came to us from WebHostingTalk.com so I’m curious how they are going to portray this email conversation.  I guess we’ll just have to wait and see what they have to say.

Anybody with enough experience in the industry knows that most “web hosting review” and “top 10 web hosts” type of sites are simply affiliate link farms where the goal is to pull in as many visitors to click on their affiliate links as possible.  Someone experienced in the industry who has “been there, done that” will often see through this and knows to conduct their own research and won’t fall for these tricks but someone new to the industry and turning to Google for advice won’t.  While there isn’t anything inherently wrong with that, what bothers me is when the site makes commission in a misleading way.  Some sites actually do write up a decent review of the provider and provide links to sign up which is entirely understandable but some are not so honest and straightforward in their dealings.

One such site that is operating in a misleading way is “AlreadyHosting.com” which is operated by Jonathan Burdon of Murray, Kentucky.  While going over our affiliate sales I noticed that one particular affiliate had an extraordinarily high conversion rate and to be honest I wanted to know what they were doing to achieve a conversion rate of 9%.

Their site “reviews” as of this writing 111 companies which is not a lot when you look at the hosting industry itself as having thousands of individual providers.  When you look at any one of their providers that they review you may be surprised at the utter lack of any content or reviews (I certainly was).  I have pictured the page that I found was sending the affiliate referrals to us and commented directly in the image as to how their methods are misleading. Not only does every host that they “review” offer links to “Promo pricing” and “Coupon Codes & Promotional Links”, but every one of these links goes directly to the provider dropping the affiliate code without giving any promotional codes or pricing.

I contacted Jonathan (read entire conversation here) and explained to him that we felt that he was misleading his visitors by offering links to coupon codes and promotional pricing when those links actually just dropped them on the affiliate URL where no such information can be found.  We let him know that we were doing so pro-actively and that while we could have let him continue sending us visitors and simply refused to pay him any money at a later date but that we simply were not that type of company.

AlreadyHosting.com uses it’s SERP power to be seen for “[Hosting Company Name] Review” which means that the customer isn’t simply browsing for a list of providers but is looking for specific information on a provider that they are already considering.  At the time of this writing I did a Google search for “GreenGeeks Review” and in 9th place is “GreenGeeks Review & Coupon Codes | AlreadyHosting.com”.  Upon visiting this URL you will see that there is no review but there are links promising promotional pricing and coupon codes which anybody that is already considering that provider is going to click on.  As soon as the visitor clicks on the link they are taken to the provider’s site and should that visitor continue researching the company before buying – AlreadyHosting will obtain commission on the sale due to the visitor having been interested in coupon codes and promotional pricing.

In my conversation with Jonathan I explained to him that we were more than happy to keep him on board with us as an affiliate as long as he was willing to modify the page to actually link to the content it claims to link to (i.e. promotional information or coupon codes) or to simply not claim to link to such content if it isn’t doing so and rather than editing the review page to modify or remove the misleading hyperlinks Jonathan decided to respond with a threat:

If you do not reconsider we will keep your
review active and will tell our readers how you treat affiliates and will
directly recommend that they sign up for another company. I will also
invest a lot in SEO for that page to ensure that it ranks high for all of
your keywords.

Upon visiting the “MDDHosting Review” on AlreadyHosting.com after this email exchange I found that he has updated the page with an “Important Note” stating that we had discontinued his affiliate account with us, which we have.  I have no particular problem with this but what I do find interesting is the site claims to be a site containing the “BEST WEB HOSTING REVIEWS” which would lead the average hosting consumer to believe that they either have tried and reviewed the services they “review” directly or they have input from third parties who have done so and as such list them based upon their quality of service and support which is obviously not the case.  Should any of these “best web hosting providers” find that AlreadyHosting.com is misleading their potential customers and committing affiliate fraud by using misleading hyperlinks AlreadyHosting.com may end up having to place this notice on more pages than just ours.

At the end of the day I don’t suggest trusting any of the “Web Hosting Review” or “Top 10 Web Hosts”  sort of sites as they are all affiliate driven and a vast majority of them are simply misleading.  If you do happen across a site offering coupon codes or promotional codes and it turns out there are none to be had make sure to clear your cookies so that you don’t pay these crooks for misleading you.  I highly suggest a resource that is not affiliate driven for researching hosting providers such as the WebHostingTalk.com Forums.

Getting the server ready to build applications from source:

Check for any RPM installations of the applications.

rpm -qa | grep -i apache
rpm -qa | grep -i httpd
rpm -qa | grep -i php
rpm -qa | grep -i mysql

Remove any RPM installations found with the “rpm -e” command:

rpm -e application_name_here

Install some base requirements to compile and install the software.

yum -y install gcc gcc-c++ ncurses-devel libxml2-devel libpng-devel

Download the appropriate sources for Apache, PHP, and MySQL and decompress it.

cd /usr/src
wget http://us3.php.net/get/php-5.2.11.tar.gz/from/us.php.net/mirror
wget http://apache.inetbridge.net/httpd/httpd-2.2.14.tar.gz
wget http://downloads.mysql.com/archives/mysql-5.0/mysql-5.0.87.tar.gz
wget ftp://ftp.ibiblio.org/pub/Linux/ALPHA/freetds/stable/freetds-stable.tgz
tar xzf php-5.2.11.tar.gz
tar xzf httpd-2.2.14.tar.gz
tar xzf mysql-5.0.87.tar.gz
tar xzf freetds-stable.tgz

Build and Install MySQL.

Add the MySQL User and Group

groupadd mysql
useradd -g mysql -c "MySQL Server" mysql

Install MySQL.

cd mysql*
chown -R root.root *
make clean
./configure \
--prefix=/usr/local/mysql \
--localstatedir=/usr/local/mysql/data \
--disable-maintainer-mode \
--with-mysqld-user=mysql \
--with-unix-socket-path=/tmp/mysql.sock \
--without-comment \
--without-debug \
--without-bench
make && make install

Configure MySQL.

/usr/local/mysql/bin/mysql_install_db
chown -R root:mysql /usr/local/mysql
chown -R mysql:mysql /usr/local/mysql/data
cp support-files/my-medium.cnf /etc/my.cnf
chown root:sys /etc/my.cnf
chmod 644 /etc/my.cnf

Set MySQL to start on boot

echo "/usr/local/mysql/lib/mysql" >> /etc/ld.so.conf
ldconfig
cp ./support-files/mysql.server /etc/rc.d/init.d/mysql
chmod +x /etc/rc.d/init.d/mysql
/sbin/chkconfig --level 3 mysql on
service mysql start

This sets up symlinks for all MySQL binaries so that they can be run from anywhere.

cd /usr/local/mysql/bin
for file in *; do ln -s /usr/local/mysql/bin/$file /usr/bin/$file; done

Set a MySQL Root Password for security (obviously use something other than “new-password-here”.

mysqladmin -u root password new-password-here

Test the Password:

mysql -u root -p

While logged into MySQL delete the test database.

drop database test;
use mysql;
delete from db;
delete from user where not (host="localhost" and user="root");
flush privileges;

Building Apache

cd /usr/src/httpd*
make clean
./configure \
--prefix=/usr/local/apache \
--enable-shared=max \
--enable-module=rewrite \
--enable-module=so
make && make install

Build and Install FreeTDS for MSSQL Extension Support.

cd /usr/src/freetds*
./configure
make && make install

Build and Install PHP

cd /usr/src/php*
./configure \
--with-apxs2=/usr/local/apache/bin/apxs \
--disable-debug \
--enable-ftp \
--enable-inline-optimization \
--enable-magic-quotes \
--enable-mbstring \
--enable-mm=shared \
--enable-safe-mode \
--enable-track-vars \
--enable-trans-sid \
--enable-wddx=shared \
--enable-xml \
--with-dom \
--with-gd \
--with-gettext \
--with-mysql=/usr/local/mysql \
--with-regex=system \
--with-xml \
--with-zlib-dir=/usr/lib \
--with-mssql=/usr/local/
make && make install
cp php.ini-dist /usr/local/lib/php.ini

I prefer to symlink configuration files to /etc so that they are easy to find and edit.

ln -s /usr/local/lib/php.ini /etc/php.ini
ln -s /usr/local/apache/conf/httpd.conf /etc/httpd.conf

Edit the Apache Configuration File – I prefer nano.

nano /etc/httpd.conf

Uncomment the following lines or add them (uncommented) if they do not exist after “AddType application/x-tar .tgz”

#AddType application/x-httpd-php .php
#AddType application/x-httpd-php-source .phps

Find the DirectoryIndex (CTRL+W in Nano) and add index.php to the beginning.

DirectoryIndex

Set Apache to start on boot and start it for the first time.

ln -s /usr/local/apache/bin/apachectl /etc/rc.d/init.d/apache
ln -s /etc/rc.d/init.d/apache /etc/rc.d/rc3.d/S90apache
/etc/rc.d/init.d/apache start

Then, you must configure FreeTDS to point to your MSSQL DB server. To do so, edit (or create) the /usr/local/etc/freetds.conf file and put in there exclusively these lines:

[global]
host = xxx.xxx.xxx.xxx (ip of the MSSQL server)
port = 1433
client charset = UTF-8
tds version = 7.0 (or 8.0 if using FreeTDS 0.82 or later)
text size = 20971520

There are clients that see purchasing web hosting as a long-term relationship with their provider and they look forward to reliability, service, and support for a long time to come.  Realistically most clients tend to stay with their provider until their needs drastically change and this is how things really should be.

No host is perfect – every host is going to experience issues from time to time and what is more important than whether or not they ever have issues is whether the host is directly at fault for the issue or if the issue was something that shouldn’t be held against them such as hardware failure.  Just because your host experiences an issue is not reason alone to leave that provider unless they could have prevented the issue and chose not to or they simply handled the situation poorly.  Most clients understand that issues happen and as long as they are kept informed as to what has happened and what is being done to resolve the issue they are willing to work through the issue.  If you find yourself changing hosts every single time your provider has an issue you may want to consider giving your provider a chance to handle and resolve the issue before deciding to move.

Generally you are going to get what you pay for – you can’t sign up for a $1/month provider and expect the best service and support in the world just as if you sign up for a $30/month shared hosting provider you would expect a high level of service and support.  I have found in my personal dealings in the hosting industry that the less a customer pays the more they tend to expect out of the provider and the less they understand the provider/client relationship.  Now of course there are going to be exceptions as you may get an amazing coupon for a provider that drops your monthly cost to something ridiculous or you may sign up with a provider that is simply over-priced and provides a low level of service and support.  If you find yourself constantly changing providers to get a “better deal” or to “save money” the chances are that not only are you hurting the providers that you are jumping from quickly but you are hurting yourself as you are likely going to end up with a lower quality provider and have more issues with service and support.

Do you understand the provider/client relationship – The hosting provider is usually not your webmaster or designer and if you find yourself submitting tickets asking your host how to do things with your site then chances are that you are in over your head and you may want to look for a webmaster.  Realistically you shouldn’t have to put in more than one or two tickets every month and if you find yourself putting in a significant amount of tickets you may be in over your head.  I have found that most issues that web hosting customers put in tickets for could be answered by a quick visit to Google. Now don’t get me wrong, I’m not telling you not to ask support for help, what I am saying is that many times you can find the answers to your questions faster on your own by researching the issue before submitting it to your provider.  Providing support to clients does cost the provider money and some providers will go so far as to let clients who submit a large number of tickets go or worse they could reduce the priority of answering said client’s tickets.

If you find yourself moving from host to host you should look back and see why you have changed providers.  Are you choosing low quality providers or are you expecting more than you should for what you are paying?  You should determine why you are changing hosts frequently and do what you can to change this behavior as the change will not only benefit your provider but it will benefit you in the long term.

The most important quality required in a person starting their own web hosting provider is resourcefulness – when you are new to hosting there are certainly going to be roadblocks that you come across and questions that you do not know the answers to.  Being resourceful means that even if you don’t know the answer immediately you know where to look to find the answer.  The vast majority of support issues that clients raise could be answered simply by visiting Google.com and typing in the question or a description of the issue.  Unless you are an expert on everything (keep dreaming) then you either need to be resourceful or you will very quickly find yourself being asked questions you cannot answer which leads to very unhappy customers and bad reviews.

The second most important quality required is good business sense – such as knowing that offering unlimited master reseller accounts for $7/month is not going to lead to anything but a quick rise and and even quicker fall. It is very important that any entrepreneur sits down and writes up a solid business plan setting both short-term and long-term goals as well as planning out how the business is going to achieve these goals.  While it is possible to start a business and be successful without a business plan it is highly unlikely and I would say personally that it is the exception to the rule.  Without a business plan not only is it impossible to know if you are getting where you need to be but it is impossible to determine what changes should be made to help meet any goals that you may have in mind.  You need to be able to make the big decisions without having to go to your friends, family, or others in the hosting industry to ask them what they suggest.

The third most important quality is a basic understanding of marketing. Many new hosting providers try to compete on price with the major players in the industry which is another issue that anybody with solid business sense is going to know from the start is simply not going to work 99% of the time.  Larger providers are able to offer more features and resources at lower prices simply due to their ability to obtain hardware, software licenses, and other necessary tools at much lower prices by dealing in bulk.  As a small provider you will not have the ability to get such good deals on your resources and as such attempting to compete on price with the larger providers in most cases will lead quickly to the demise of your company.  Understanding the basics of marketing will help you not only get your company’s name out there but will also help to convert potential customers that do make it to your web site.

I will post more on Starting and Running a Web Hosting Business within the next few days so be sure to check back for Part Two!

Let’s face it – the world tends to be a very hostile environment and the internet is not much different.  From viruses and trojans to distruption of service attacks – it happens all day every day and it is only a matter of time before it affects you.  I have personally dealt with two DoS attacks in the last two weeks and both for very different reasons although the end result is about the same.

Last week the DDoS, or distributed disruption of service, attack was motivated entirely by financial gain for the attacker.  The attacker had previously attacked another hosting company called A Small Orange and had attempted to extort $7,000 from the company to stop the attack.  ASO did not bow to the demands of the attacker and simply worked to filter out the attack and return service to their customers.  While some of ASO’s customers were not satisfied, many times when a provider is put in this situation there is not much that can be done.

The attacker moved on from ASO to my company and sent a message to our sales department informing us that we were next.  The attack began about an hour later and peaked at about 4.5GBPS which is enough to  bring down most small data centers in their entirety however our data center SoftLayer Dallas was able to filter out the attack within 10 minutes to restore full service.  The attacker subsequently moved on to their next target which was VectorLevel who was hosted with Colo4Dallas at the time.  The attack at VectorLevel brought Colo4Dallas to it’s knees until the attack was null-routed at C4D’s upstream provider.  At the time of this writing Colo4Dallas’ web site was unreachable and as such I am not directly linking to it.

Fast forward a week and a half and another one of my servers was under a new attack from a new source.  This time the attack was not monetary and the goal was simply to take a particular site offline.  The target of the attack was a fairly popular forum that centers around firearms manufactured by a particular company.  The forum has information such as cleaning and maintenance of the guns and in my looking over the site is nothing apparently negative.  My guess is that whoever wanted to bring the site offline was more of a “pro gun control” type of person.

This attack was a bit more difficult to stop as it was smaller and “flew under the radar” of our automatic filtering systems but was still large enough to cause intermittent connection issues over the period of about two hours.  We worked to filter out the attack however whoever was administering this particular attack was doing a pretty good job of countering the counter-measures were putting in place to mitigate the attack.  Ultimately we were able to fully mitigate the attack after quite a bit of work and effort.

It seems that there are malicious people out there whose only goal is to cause harm and to disrupt the services of others.  If you do find yourself in a situation where your web site or hosting service is being disrupted by a DoS attack please do be patient with your provider and understand that there isn’t always something that can be done to fully mitigate the attack.  If your provider is able to restore full service to you within a fairly short period of time (less than 2 to 4 hours) you should consider yourself lucky as many DoS and DDoS attacks can last days if not weeks.

I was doing the math on the licensing structure (we’ll go with the 1-CPU Enterprise license as this example).

I will start by saying that I realize it is in LiteSpeed Technologies’ best interests for you to lease your license from them as this gives them the most profit/income etc… where as an Owned license is generally seen as a larger up-front investment to reduce long-term costs.

I am also aware that I am comparing monthly lease to a yearly ownership as I am wanting to compare the extremes (smallest up-front investment vs the largest).

Owned licenses are an investment into LiteSpeed Web Server/Technologies and I always look at investments based upon how well they will return and how long until they return. A 39 month wait until the investment begins to return is a tad too long in my opinion and as you read on you will see the details of my analysis of their licensing program.

The primary problem that I see is that the Owned licensing doesn’t really reduce long-term costs fast enough – the argument could be seen either way that either the leasing prices need increased (sorry, have to share both view points) or that the owned licensing needs to be reduced either the initial purchase or the support renewal costs.

The price of a 1-CPU Enterprise Leased license is $32/month or $384 paid monthly for a year.

The price of a 1-CPU Enterprise Owned license is $41.58/month or $499 paid yearly.

At these prices you could have a Leased license for 15.6 Months for the price of an Owned license for one year – which makes sense if you think about it.  At the end of the first year if you want to continue support and upgrades for your owned license you then have to pay $99 for a support renewal.  You do not have to pay any such renewal fee for Leased license.

The price of a 1-CPU Enterprise Owned license for two years is $598 which would get you 18.69 months of Leased licensing – so after you have your owned license for over 18 and a half months you’ve broken even on your investment of an owned license.  While a year and a half is not a tremendous amount of time – it is asking for a huge investment of your money up front.  To make the Owned license an option you have to be willing to invest over a year and a half into LiteSpeed before you even break even.

After 18.69 months of being on an Owned license and having paid the $99 support fee after a year you will be at approximately $8.25/month for each owned license which isn’t terribly bad (a savings over leased of $23.75/month), but keep in mind it took over a year and a half to get to this point which leads me to my next concern.

The next major concern in my eyes with the current structure is that for the Owned license to “pay for itself” (to return on my original investment) which is one of the primary reasons I look at owned licenses over leased – it will take an additional  21 months for a total of 39 months before going Owned has “paid for itself” and returns on your initial owned licensing investment will be realized if you don’t include the support Renewals. The first and second renewal for a total addition of $198 because by this point you’re already at 39 months before going Owned has paid for itself.

Is it really intentional on the part of LiteSpeedTech to make an Owned license holder have to wait 39 months before they can start to see a return on their investment of going Owned?

What are your thoughts? Post comments!

I have in the past fought tooth-and-nail for Apache’s ability to match LiteSpeed Web Server’s speed when serving web sites.  Apache can be configured to be nearly as fast if not just as fast as LiteSpeed but the problem is that Apache requires in my own personal testing nearly two times as much memory and FastCGI to come close to LiteSpeed comes out of the box.  LiteSpeed claims to serve static content up to 9 times faster than Apache and PHP up to 50% faster.  While I won’t go into depth as to which one can do what faster, I will go into why I chose to move my company from Apache to LiteSpeed and what benefits we have seen.  If you want to see benchmarks that compare LiteSpeed and Apache I recommend you search Google.

My company has relied upon Apache for years however I recently began testing the latest version of LiteSpeed which has come a long way.  LiteSpeed out of the box offers the performance of an extremely-optimized Apache installation with half or less memory consumption in my testing which is a major benefit.  Apache is very weak against certain DoS attacks such as a HTTP Request DoS which doesn’t require a large amount of outgoing bandwidth but can be devastating to an Apache web server where as LightSpeed takes such attacks in stride in my testing.

I found personally that the overall “feel” of browsing various test sites, both dynamic and static, felt snappier or zippier which is an additional benefit to running LiteSpeed.  In the end if you know what you are doing and you have the RAM in your server to accomplish it you can match LightSpeed Web Server’s speed at the cost of efficiency.

LiteSpeed’s Web Server is a direct replacement for Apache and installation was a breeze.  LiteSpeed supports all of the popular control panels and all of the features of Apache except for your old Server Side Includes but who uses those any more?  In my experience on a cPanel based web server you can log into WHM and switch between LiteSpeed and Apache at any time and you can run LiteSpeed on an alternate port for testing any sites that you wish to make sure will function correctly before “making the switch.”  I have yet to run into any issues that are caused by LiteSpeed however I will post an update if I do run into any.

At the end of the day my advice is to spend the extra money you would be paying to add additional RAM into your server on a LiteSpeed Web Server license.

Edit: LiteSpeed 4.0 *does* support Server Side Includes even though the current FAQ on LiteSpeedTech.com says that it does not.