Gazzin negative review #5545 by John (john@i...) on Jun 2009


Gazzin got a negative review on
Gazzin
20687-2 Amar Rd. #312
Walnut , CA
US
☎ Phone 626.549.2801

gazzin.com is inactive webhosting company!
Customer review #5545
1/10
John ( john@i... )
Time Hosted over 3 years
Global rating
Features
Price / Cost
Customer Relation
Control Panel
I have been hosting with Gazzin for a little over 4 years now.

They are absolutely retarded. I have lost 6 entire websites hosted with them. They try to fix my issues but end up creating more. They answer my chats and then close the session. Just 2 months ago, my websites show up as how they used to be (old out dated copies of my pages) come to find out they changed DNS settings that pointed to old copies of my site. I asked them about it and they could not get me an answer. I have to figure that one out on my own by going http://clam.unixbsd.info/~username for all of their servers ,which was something over 40 or so. I find their knowledge to be less than what is required to take care of ANY problem. The people who talk to you on chat are incompetent. They have NO PHONE NUMBER that you can call and talk to someone.

Long story short, they are f-ing horrible. I am now with Host Gator, and finding that, though their servers are set up a bit differently, they are MUCH better and reliable than Gazzin. Hell, the small web server I have at home gets more traffic than my Gazzin sites do combined and I have never had a single issue with it.

Also, Gazzin knowing hosts pages and accounts that their users hack other accuonts and put images n such up. Also, I have found a ton of Gazzin sites that contain the C99.PHP hacking script. Their security is horrible.

One time, one of my websites got hacked and the logs showed an internal network IP, meaning either a Gazzin employee, or a hacker that someone got into their network - either way AD SECURITY!!!

Gazzin is not worth the hassle unless you back up after every change, even little ones, and you have the time to argue with them when they tell you that "You are the one who hacked your site because that is what FTP logs say."

I have a copy of a conversation I had with them:

June 1st, 2009
Powered by CCS (v.5.9.2)

System: Please Wait while connecting to an operator

Welcome to Gazzin.com, Your speaking to - Jim

Jim: Hello

John: hi

Jim: How May I assist you ?

John: my domain is iluvjohn.com

John: i was having hacking issues a while ago

Jim: Please wait let me check it

John: gazzin changed my password and would not let me into my site for 2 weeks or so while they fixed everything

John: just hold on

John: i havent told you my problem yet

Jim: Yes sir

John: ok

Jim: Please tell me your issue

John: when my site was hacked all they did was add c99 scripts to it

John: didnt delete anything

John: after I told gazzin about it

John: they changed my password

John: so neither myself or the hacker could get in

John: now all my databases, except for one, are gone

John: as gazzin deleted them

John: thinking that they were the hackers doings

John: how can I get them back?

Jim: Please give ticket id

Jim: then i can check in deep

John: ok

John: hold on

John: i have to check my email

Jim: ok

Jim: i am waiting

John: the most recent ticket id I have found on this issue is #QTZ-793563

Jim: Please wait lt me check it

John: ok

Jim: Please send reply to that ticket with your query

John: I have talked to gazzin about it

John: but they just deny it

John: also

John: last time i sent in a ticket

John: it took them over a week to respond

Jim: we will work on your issue

John: I just need to know how I can find an old copy of the database

John: so that I can save it

John: locally on my computer

John: there were many that I have lost

John: but the one in particular that I am looking for is

John: iluvjohn_firebur

Welcome to Gazzin.com, Your speaking to - Herman

John: but the name of my account was also changed from iluvjohn to iljohn

Herman: hello herman here

John: hi

Herman: sir please tell that did admin deleted the database

Herman: for your website ?

John: as from what I can logically deduce, yes

John: there was a time when gazzin had changed my account password to check for hacker files, etc

Herman: yes

John: they when i came back all my databases were gone except one

Herman: we did changed the password

John: yes

Herman: sir

Herman: sir we never delete any

Herman: database for website

Herman: without client's permission

John: ok

John: let me explain

John: my site got hacked

John: i told gazzin

John: gazzin changed account name and password

John: i could not get in

John: hacker could not get in

John: then you send me password

John: I login

John: all databases are gone except one

John: how could they have been deleted if not by gazzin?

Herman:

Herman: we reset the password

Herman: and gave you

Herman: right ???

John: yes

John: weeks later

Herman: you gave the password to your emial account

Herman: right ?

John: yes

Herman: this can happen that someone else know password for your email account

Herman: they might have login to your account

Herman: and fetch the details

John: i have changed the password to my email account before you sent me new password

John: and also

Herman: because this kind of case happend with 2-3 of our clients earlier

John: i was on live chat with you when you sent it

Herman: yes

Herman: steve was on live chat

John: you sent it and i logged in immediately

John: they did not have time to delete it AND get my password

John: did you ever stop to think that maybe someone at gazzin did delete it without doing things the right way?

John: Hackers dont want to be noticed

John: delete database would make them be noticed

John: the hacker wanted to use my site for spam sites or something

John: not to ruin it

John: or the hacker would have done that from the begining

John: there is no way anyone got into my email - I changed password, secret questions, - everything

John: then when you sent the password back I logged in as soon as you sent it

John: and they were gone

John: The first thing I wanted to do was back up the database

John: so you see how I have my doubts

John: also

John: multiple times I have had hacked issues

John: and gazzin says that dns changed

John: and then they fix it

John: you have multiple servers

John: and my sites were pointed to different server at gazzin

John: could there be a copy on old server?

Herman: ok now

Herman: gazzin don't have old servers

Herman: this might happen

John: not old servers

Herman: that some record didn't got reflected

John: cow, clam, bat, etc

Herman: and were not changed

Herman: so we needed to do

Herman: the dns change

Herman: to get that working

John: no

John: hold on

Herman: and point to new server

John: thats not what i ment

John: ok

John: i had my files on cow.unixbsd.info for a long time

John: then on clam.unxibsd.info

John: then one day websites changed back to old versions

John: gazzin told me it was my fault and that I ftped in and changed everything

John: that was not true

John: someone at gazzin pointed the unixbsd.info dns to different servers for my sites

John: the server was cow

John: where i used to have all my sites

John: but because old versions of my sites where there

John: it seamed as though my site changed back to old version

John: see?

John: so I dont want to change anything now

John: I just want to check

John: and see if I can find anything

John: well?

John: can you help?

Herman: yes

Herman: first thing

Herman: sir i will request you to

Herman: please discuss one issue at time

Herman: first was hacked issie

Herman: then you switched to dns issue

Herman: so first please tell me

John: you dont understand

Herman: which issue need to discussed ?

John: this chat is not working

John: do you have a phone number?

John: or can you call me?

Herman: no

Herman: we don't have phone number

Herman: sir this chat will work if we discuss issue one by one

Herman: not all issue at once

John: that is what you are not getting, there is only one issue

Herman: ok

John: I was trying to explain what I ment by dns issue

Herman: now please let me give you some information

John: my databases are missing

Herman: ok ?

John: ok

Herman: iluvjohn.com is this your website

John: yes

Herman: now it is on crane.unixbsd.info server

John: my databases that are missing.

Herman: database for it is

Herman: iljohn_wpmu

Herman: it is wordpress database

John: yes

Herman: in the backup drive we have

Herman: the copy of this database

John: the site is a word press site

Herman: the date is of 29th april 2009

Herman: if you want that database from the backup

John: it also has subdomain - fireburner.iluvjohn.com

Herman: then i can restore that databse

John: fireburner database is gone

John: no

John: dont restore it

Herman: hat was the name of that database

Herman: ?

John: that is fine

John: just hold on

John: let me explain

Herman: sir

Herman: please tell me

Herman: what was the database name

Herman: for fireburner.iluvjohn.com

Herman: ?

John: iluvjohn.com wordpress site is fine right now

John: BUT

John: i had other scripts and stuff on the same server

John: one of them was a subdomain called fireburner.iluvjohn.com

John: there dtabase for that had disappeared

John: so

Herman: sir

Herman: sir

Herman: sir

John: since you say gazzin did not delete it

Herman: i want the name of the database for

John: there dtabase for that had disappeared

Herman: fireburner.iluvjohn.com

John: i thought maybe it was moved to a different server

Herman: so that i can look into the backup drive now

John: right

John: i have already been told that you do not have a backup of it

John: but ill tell you

John: it was

John: iluvjohn_firebur

John: or something close to that

Herman: ok

Herman: now give me 10 minutes

John: please know, gazzin also changed user name from iluvjohn to iljohn

Herman: so that i will check this database on ALL of our server here

Herman: just wait

John: in case that changes it

John: ok

Herman: i checked for the database firebur on all the server

Herman: it is not there

John: ok

John: please hold on

John: see if I can find anything on it

Herman: ok

John: i am extracting an old database and check the config.php file to find old database name

John: old website*

Herman: ok

Herman: i will with you

Herman: just tell me when done

John: ok, i got it

John: here is what old config.php says

John: $host = "localhost"; $user = "iluvjohn_firebur"; $pass = "*"; $database = "iluvjohn_fireburner";

John: but it might be iljohn_firebur now

John: as username on the account has changed

Herman: i checked with both the name iluvjohn_fireburner and iljohn_firebur

Herman: on all the servers

John: so that means that someone has deleted the database

John: now how can we figure out who?

Herman: let me check FTP logs

John: k

Herman: just wait

John: hold on

John: ftp logs wont have record of mysql delete, right?

Herman: nothing in FTP logs

Herman: need to check some other logs

Herman: like cpanel logs

Herman: not in cpanel logs too

John: mysql logs should have the recordof who / when the db was deleted

John: unless the person deleted the file that mysql uses as the database

John: then it would be in file manager log somewhere

John: also if log can not be found on the database being deleted then it has to be someone at gazzin that deleted it

John: there is no way around it

Herman: the file manager logs and mysql deletsion logs

Herman: are in cpanel

Herman: logs in backend

Herman: i checked that

John: what is the path to where my mysql files are stored, do you know?

John: from the root dir

John: from the main account

Herman: /var/lib/mysql/

Herman: this is path for mysql

John: ok, thanks

John: i am gonna check old backups i have and see if I included it at all

John: just incase

Herman: ok

John: i cant find any copies of the database at all

John: so

John: how do I get them back / go after who deleted them?

Herman: currently i can just say that

Herman: we are not able to find the database fireburner

Herman: also we don't delete any data on server without client's permission

John: as far as my experiences with gazzin goes, employees do anything they want and dont follow nay rules.

John: There is always a chance that someone could have messed up

John: or deleted it, even by accident.

John: it wouldnt be such a big deal if people could just come clean with things

Herman: sir we always have a copy of files or folder

Herman: before we want to edit it

Herman: or remove some data

John: but the fact that i have to hunt around for hours just to find that you dont even have a record of it is just sad

John: well then, here is where we are at

John: i had some database information stored on the domain account iluvjohn.com

John: someone hacked in

John: all my files were fine - they only added a c99 shell

John: my database was there

John: i told gazzin about it

John: they locked my account/changed password, etc

John: i changed all the passwords that I could

John: then when i get new pass to account 3 weeks later everything is gone except for wpmu dataase

John: what ever happened resulted it the lost of my information, some of which I wont be able to recreate very well

Herman: why there was c9 script in your website

Herman: sir

Herman: c99 ?

John: yes

John: i think the hacker put c99 script

John: on the domain

Herman: ok sir

Herman: please listen

Herman: hacker have access to your website

Herman: and can upload files

Herman: only when you have incorrect permission

Herman: for your database

Herman: of to your files in website

Herman: if you keep 777 permission to folders

Herman: of files

Herman: then it is very easy to access website

Herman: and anyone can access it

Herman: also keep file name in such a way that is not

Herman: know to most of people

Herman: like if your website is wordpress site

Herman: then is

Herman: very obous

Herman: that config file name is

Herman: wp-config.php

Herman: then for more security you have to change the

Herman: name of that file

John: see

Herman: because it has access to database and password in it

John: i dont understand

John: the 777 folder permission

Herman: sir

John: how does that let anyone in?

Herman: sir

Herman: tat is most most most important

Herman: thing in the security

Herman: 777 permission to folder means read write execute to ALL

Herman: to ALL means, to anybody who see your website on net

John: how can someone goes about accessing a folder with 777 permission?

Herman: just by checking the website and

Herman: browsing it's pages

John: i mean

John: if i put up a folder with 777 p[ermission

Herman: you also know that wordpress it so popular

John: you can put a c99 file there?

Herman: many people know the in-out of wordpress

Herman: and it's php coding

John: yes

Herman: sir

Herman: now tell me

Herman: do your website had this option that

Herman: client can able to upload

Herman: file in attachment

Herman: or some other options

Herman: in your website

John: some sites

John: but php doesnt let anything through

John: unless it is .jpg, .png, etc

John: so i make it as secure as possible

John: and test it

Herman: i still see that

Herman: there are file name in your website

Herman: that are same as wordpress

Herman: fot security

Herman: for security people

Herman: make there website in such a way that

Herman: no one can get access to it

Herman: and all pages are secure

John: can you show me how to access a folder on a website with 777 permission without knowing password?

John: If this is really a security issue

John: then i need to learn more about it

Herman: for that your website should have option

Herman: for the user to upload the file

Herman: images

Herman: and currently i cannot show you

Herman: that how to access 777 permission folder

Herman: without knowing password

John: right

Herman: i have restriction

John: so having a folder with 777 permission wont make the folder insecure

Herman: i cannot give you hacking information

John: in order to prevent hacking, one must know ow to hack

John: that is the golden rule!

Herman: yes

Herman: that is golden rule

Herman: if you just search on google.com

John: I have

Herman: how to access 777 permission folder

John: check it out:

John: there is what i found

Herman: you will get much more docs to read

John: 777 folder permission gives all users on the system rights to access the folder

John: but NOT over the web

Herman: if you just search on google.com how to access 777 permission folder you will get much more docs to read

Herman: that have much more information

John: that's what i am saying - everything i have come up with says its does not allow anyone to access your site or upload files

John: it only allows users of the system to access

John: meaning that you still have to login to the account to access the 777 folder

Herman: yes

John: otherwise there is nothing you can do

Herman: then tell us how there was a c99 file in your website ?

John: having 777 folder permission is perfectly ok

John: how about this - caares.org is another website

John: it had no folders

John: 1 index.php

John: index.php had "

John: hold tight..."

John: and then it was hacked

John: AFTER password change to!

John: i believe, from what i have seen, it is someone from within the system

John: or

John: gazzin has bad security hole somewhere

John: i am not sure

John: but i do know that there is a way in

Herman: sir i will take up your suggesssion

Herman: gazzin do weekly chec

Herman: for all security measures on the server

Herman: this weekend too i will check personally for any security holes

Herman: in the server

John: look at the caares.org domain

John: on your server

John: i moved the site to a new server

John: but the account is still on your servers

John: if you can see logs

John: it might give you an idea on how someone is getting in

Herman: which logs shall i see

Herman: ftp ?

John: i dunno

John: how ever the hacker got in

John: they changed index.php to redirect to new site

John: i asked gazzin on live chat

John: they took 3 days to remove the file

John: and the made a backup of the index.php file

Herman: on live chat

Herman: we don't perform any task

Herman: until and unless we have ticket

Herman: we don't take any action

John: i had sent in a ticket but you wernt doing it so i complained that the ticket was taking to long. over 3 days just to remove a site.

John: so on live chat they did it

John: they could not tell me how the hacker got in

Herman: tracking the hacking process is difficult

John: but this is an example where there were not any 777 permissions or any files and hacker still got in to empty account.

John: i know

John: i have done it myself

John: i ave a server at my home.

John: it got hacked once

John: and since then i have been up to date on things

John: and i have not had any trouble since!

John: that is why i am a little confused at how any of my sites even got hacked from the beginning

John: because if everything is up to do then the caares site would not have been able to be hacked.

Herman: each and every day there is new method

Herman: of hacking

Herman: on the internet

Herman: that is reason we have security check every week

Herman: on the server

John: The only info I can find on the 777 issue is that only other users of the system can exploit it IF there is a script that allows upload to it.

Herman: yes

John: but if a folder with 777 is aove root www dir there is not issue with hacking at all

John: above*

System: Operator has closed your chat
(ended @ 2:10pm)

Then the operator decided he didnty wan to talk to me any more and I never ficked my damn problem.
These guys sure know how to waste your time and poss you off. I have been having conversatons with
these people just like this one for years.

94 out of 105 users found this review to be helpful!

h. mangatal ( chris1@h... ) review | -anonymous- ( -no email- ) review