Don't Get an Unknown (Inexpensive) Web Host

Searching for the best web host that fits your needs can be a real pain. There are so many options out there, and they all sound great. Some are even as cheap as $3.95 a month for a chunk of disk space and monthly transfer. Let me frame this article with a trite, but perfect, saying: you get what you pay for.

A few years back there weren't quite as many options on the market, and it was hard to find an affordable linux web host that offered SSH (shell) access. I am a software developer, and SSH access is a prerequisite for me. I found an unknown company that had all the features I wanted, and the price was right: $6.95 a month if I paid annually. I decided to go for it, and I setup my email addresses there as well as a bare shell of a site. I mainly used it for email for the first year or two. Finally I started actually posting content on my site (, and the problems soon followed.

Three times in the last year or two, PenguinHost suspended my account without warning. In none of the three incidents did they ever give a satisfactory reason for the termination. I do not run a spam service or anything else absurd like that. My site has only ever hosted a blog, self-help articles, email for myself and peers, and random file transfers. I have never violated the Terms of Use. As of yesterday (03/18/2007), the most recent incident was only 2 months prior, and things were going well enough to survive until my contract ran out. In an odd twist of fate, my account only has one week left, so I am extremely fortunate to not lose out in regards to a floating contract.

Let me offer you a little more background about myself. I am not a random web hosting client that accidentally lets hackers exploit old versions of scripts I have laying around. I am actually the lead developer and admin manager for a large website (Alexa ranking < 20,000), so I know a thing or two about running a web site. If a problem were to arise with my site, I would be more than willing to work with my host to clear up any issues. However, it is never acceptable to just ban my account without warning. In fact, their Terms of Use document clearly states that "Any User, which PenguinHost Services determines to have violated any element of this Acceptable Use Policy, shall receive an email, warning them of the violation." However, in a seeming contradiction, if the action is deemed severe enough to be a full suspension, they have a backout clause: "If inappropriate activity is detected, all accounts of the Customer in question will be deactivated until an investigation is complete. Prior notification to the Customer is not assured." In light of these statements, I strongly urge you to investigate the terms of your host before giving them your money and committing to a year of business with them. You might not think it's that important now as you startup your first blog, but you could sorely regret having skipped the research when your site starts to grow and pull in AdSense revenue (or something similar), and your host just starts going down all the time. You owe it yourself to invest some extra time now in your future online presence.

Returning to the problem at hand, after much deliberation I was able to convince the technician (going by the name "Nick G.") to restore my logins for the purpose of backing up my data, and I gave him permission to leave my home page disabled if necessary. I had to email him incessantly for a response, but when he finally responded (with a Neanderthal grunt of "done" after my four emails), he apparently saw an opportunity for exploitation. He didn't exactly leave my homepage disabled: he redirected my homepage to an advertising scam site! I won't post the exact link here so I don't contribute to his affiliate account, but here is the URL sans affilate ID: . Notice I didn't make that a link; I have no intention of sending free PageRank their direction. Nick G.'s affiliate ID with that organization is apparently "ozman20," which I post here for official historical purposes. I don't know yet if it is illegal for him to exploit my domain name for personal profit like this; if you know, please inform me in the comments.

I did a little more research on PenguinHost, and I noticed another clue that should raise a yellow flag: they make some false (or at least misleading) claims on their site. For example, on their About Us page, they make the audacious claim, "Our unique online control panel is the best in the industry. With over 100 features and still easy for a beginner to use sets us apart from the rest." However, as can be found by clicking on their Control Panel Demo, they simple use cPanelPro, usually referred to as cPanel, which is quote possibly the most common unix hosting control panel on the market. You can read more at the cPanel Wikipedia entry. I see cPanel on hosts all over the place; quite clearly this software is not "unique" to PenguinHost, and it definitely does not "set [them] apart from the rest." I realize this is just an attempt at marketing, but it is dishonest, and intended to deceive ignorant consumers.

Another yellow flag is the peculiar email address Nick used: (just to be a nice guy, I left this blank on purpose). Who in the world is CHIhost? Apparently they're another host in Illinois with PenguinHost. I haven't bothered to see who's reselling from whom, or who the actual datacenter is, but there's something very fishy about having another hosting company respond to my tech support. Either they're run by the same people, or one company resells hosting for the other, or some other unprofessional situation. Whatever the deal is, let me implore you to do two things:

  • Never sign up for hosting service from PenguinHost. If you currently have service with them, find a new host as soon as is economically viable.
  • Strongly reconsider signing up for hosting service from CHIhost. I know little of them, but the situation is very fishy, and their website is far from impressive. They also let their BBB Verification expire, whatever that means for them.

So what is your alternative? Sign up for a well-known, trusted company, even if it means spending a little more money. The investment is undoubtedly worth it, even just for peace of mind. There are many well-known companies with available BBB profiles for you to investigate. When my situation went down last night, I did some quick but thorough research and settled on DreamHost. I know they had a rocky time a few years back, but they are up to a 'B' rating with the BBB, and their feature list is impressive. I'm definitely not a DreamHost fanboy yet; all I can say is that my transition was smooth and painless, and their support team bent over backwards to help me get setup. I have heard great things about several other hosts, and the best thing for you to do is to take the extra time and research so you don't get burned.

If you would like to track the status of my BBB complaint with PenguinHost, their BBB profile should get updated over time.

To help provide better understanding of yesterday's event, I am posting the complete email transcripts: down 14 messages

Adam Sun, Mar 18, 2007 at 3:37 PM To:,

My site,, is down with the error page

Please respond immediately, this is unacceptable to have the site suspended again without notice.

Nick G. From Sun, Mar 18, 2007 at 4:53 PM To: Adam

You need to switch to a plan appropriate for that usage such as our dedicated server $179.95/mo + $99 Setup or Semi-dedicated server $39.95/mo + Free Setup

Which one do you want me to setup for you? [Quoted text hidden]

Adam Sun, Mar 18, 2007 at 4:57 PM To: "Nick G. From"

I'm sorry, that doesn't make any sense. What do you mean by "that usage"??? I've just been faithfully subscribing to the "Professional" plan annually for several years now. What limit did I surpass? I'm almost undoubtedly switching hosts now (since my renewal is just a few days away), but I at least need full access temporarily to make backups of all my files for the transition. [Quoted text hidden]

Nick G. From Sun, Mar 18, 2007 at 5:02 PM To: Adam

We cannot unsuspend this site as it will likely overload the server again.

We have already linked complaints from other users to your usage.

-----Original Message----- From: Adam [Quoted text hidden]

Adam Sun, Mar 18, 2007 at 5:13 PM To: "Nick G. From"

From a business perspective, please provide more information about the situation. You have given me no idea what you are talking about when you say "usage." I run no daemons or anything on this site, and I get low traffic. If you are going to suspend my account, I would appreciate it if you at least told me what "usage" you are talking about. I have done nothing different; it just a blog, like it was a week ago, and the year before that... [Quoted text hidden]

Nick G. From Sun, Mar 18, 2007 at 5:20 PM To: Adam

php overload

-----Original Message----- From: Adam [Quoted text hidden]

Adam Sun, Mar 18, 2007 at 5:23 PM To: "Nick G. From"

I'm really not trying to be difficult here; it seems there has been a misunderstanding. Why are you being so vague? What does "PHP overload" mean? CPU Usage? I have a runaway script in an infinite loop? Do you not have CPU quotas setup on this shared server? Whatever it is, I desperately need at least FTP and PHPMyadmin access to access my files and try to fix it, as well as making backups for moving to a new host. I will be filing a complaint with the BBB if things do not start improving. [Quoted text hidden]

Adam Sun, Mar 18, 2007 at 6:10 PM To: "Nick G. From"

Please respond with more information soon. Having my site down this long is very frustrating, especially when I have no idea what caused it. [Quoted text hidden]

Nick G. From Sun, Mar 18, 2007 at 6:32 PM To: Adam

Your account appears to be a heaven for hackers, they are probably the one that caused the overload, which is your fault for having out of date insecure scripts on there, just look how out of date these scripts are: drwxr-xr-x 15 sunetos sunetos 4096 Apr 26 2006 i_forum/

drwxr-xr-x 10 sunetos sunetos 4096 Dec 12 15:21 drupal-4.7.4/ drwxr-xr-x 10 sunetos sunetos 4096 Jan 20 14:25 drupal5/

Those versions of drupal has known security issues: "These are maintenance releases that fix problems reported using the bug tracking system, as well as a security vulnerability."

I only checked a couple of your scripts, it is likely you have some more insecure stuff too.

If we open your account it is likely hackers will hit it again.

-----Original Message----- From: Adam [Quoted text hidden]

Adam Sun, Mar 18, 2007 at 6:36 PM To: "Nick G. From"

I have not used any of those for a while; I keep very up-to-date. That forum hasn't been on the site in years. Can you delete the "i_forum" folder just in case somebody's accessing it? If you look more closely, you will see that I have a symbolic link named "drupal" that points to the very newest version of drupal, 5.1. I only keep the old folders there for important versioning purposes since I don't get something like Subversion on a budget host. There shouldn't be anything insecure publicly accessible. I am using Drupal to drive the site, which is used by millions of people around the world without problems, and I only use official modules. [Quoted text hidden]

Adam Sun, Mar 18, 2007 at 7:22 PM To: "Nick G. From"

It is extremely important that I have my website back up within an hour. I submitted its design just 2 days ago to online design galleries for potential feature. This is extremely embarrassing to have my site down right now. Considering the 99.9% uptime claim on your site, can you please work with me with some consistency to get this issue resolved? [Quoted text hidden]

Adam Sun, Mar 18, 2007 at 8:05 PM To: "Nick G. From"

I need FTP, ssh, and CPanel access back immediately, even if you keep the home page down. I need to start moving my items to a new host now so there is time for DNS to propagate to minimize the downtime. [Quoted text hidden]

Nick G. From Sun, Mar 18, 2007 at 9:02 PM To: Adam Done

-----Original Message----- From: Adam [Quoted text hidden]

Adam Sun, Mar 18, 2007 at 9:10 PM To: "Nick G. From"

Thanks! I'll start packing everything up immediately. [Quoted text hidden]


Why ?

Why can not I get it?Cara Kuat Berhubungan Seks

Simalar Story

As a former Penguin Customer myself, I can completly understand where your comming from.

Actually what makes this funny is, I was actually ON server 131 for a brief time before packing up my service (although is just as bad if not worse as penguin was)

I kept having issues with the php service on that server as well how ever it was not a specific user the process would just stop responding all together at random intervals and my entire site is driven by php and mysql.

I'm fairly certain they only give each of their VPS systems about 400 Mhz of processor time at most. I had setup a cronjob to report to me the actual server specs but quickly had my account suspended since apparently cat /proc/cpuinfo was a voilation of the terms of service. They quickly re-enabled my account

On that server specificly I had seen server loads hit 150 before they rebooted the server

Not surprised...

It's nice to hear that I wasn't the only one (not that I'd wish that experience on anybody). Unfortunately, the BBB closed my support ticket claiming that Penguinhost's offer of 50% off a new account was a reasonable way to seal the deal (even though my ticket specifically mentioned that all I really wanted was evidence of what happened).

a d a m

Oh the horror...

Man, this all is crazy... glad things are back up and running. I should have posted earlier, as things have been pretty bad with my current host as well.

If you have time, you should post reviews on It's a pretty decent compendium of hosting services, and it should be implementing more robust comparisons shortly. I wrote a small bit on my GoDaddy woes, and the guy who runs it double checked with me before posting it. Since by then my server issues had been clarified a little (though not solved), he even edited the review to be more accurate.


Thanks for the tip! Just submitted part of this story to webhostingunleashed.

a d a m

The camel-back-breaking straw

How frustrating! The fact that you wrote such a long, complete article on the event indicates you're not just fictionalizing the event to malign PenguinHost, although their lack of cooperation is perhaps a result of their characterization of you as having an illegitimate, hacker-friendly site -- a characterization that is apparently a result of their own ineptitude (we're only getting one side of the story, of course).

But the straw that really breaks the camel's back is this bit about the redirect. Rude/nonexistent customer service, inept account management, stereotyping based on misunderstanding a site's security --- these are forgivable as crimes of the ignorant (albeit still reasons to switch hosting services). But redirecting the users of one's personal blog site to some shammy, spammy, scammy website? Borderline unforgivable and grounds for filing a complaint with the appropriate government body (FTC) and consumer organizations (such as the BBB).

So indeed, "Avoid PenguinHost!" seems to be the appropriate rallying cry. Perhaps other users with similar horror stories -- or those who haven't had trouble with PenguinHost -- will be able to chime in.

Post new comment

The content of this field is kept private and will not be shown publicly.