Well, I intended to resume blogging this afternoon, but my host was down yet again. Hosting Matters who, ironically enough, has the following on their home page:

Join us. Spend less time worrying about your site being available and more time pointing people to it.

was apparently hit by another denial of service attack, as Joy reported this afternoon–which she was able to do since she’s not on one of their servers. A long string of posts on what HM did to solve this problem, however temporarily, is available here.

This is getting quite frustrating. Not only are the major blogs constantly down now but, for those of us using our blog account as our primary personal e-mail server, we’re denied access to that as well. I don’t understand the technicalities involved here and am assured that it’s not really the host’s fault. But this may simply be a function of too much overcentralization in the blogosphere; having so many of the top blogs on one hosts has made us vulnerable. I suspect people will be a little more leery of signing up for HostingMatters accounts now–I certainly wouldn’t do it again. Their technical support is excellent, but they are no longer a reliable hosting service.

James Joyner
About James Joyner
James Joyner is Professor and Department Head of Security Studies at Marine Corps University's Command and Staff College. He's a former Army officer and Desert Storm veteran. Views expressed here are his own. Follow James on Twitter @DrJJoyner.


  1. Steve says:

    “..but they are no longer a reliable hosting service.”

    Well, I’m not a ‘major blogger’ but I do feel the some of the same frustration you express. It is not fun being down.

    However, the only fault I can find with HM here is possibly in selecting upstream providers who have, apparently, failed to do the necessary stuff to block the denial of service attack (and I do understand the technical stuff).

    HM should never have had to go through the exercises they did today to get things back up.

    You could easily experience this same issue at any number of other hosting services.

  2. joy says:

    Honestly, I think the bigger question here is wether or not you want to be with a hosting service that will host politically sensitive web sites.

    As for their response, you already know how I feel about that. But just know that brute force ddos attacks can and do take sites offline despite multiple countermeasures. For instance, a few weeks ago, two widely used spam lookup databases were taken offline due to brute force ddos attacks. One can only do so much.

    I had someone mention to me today that there is a method to create an alternate mail server entry in case the primary one goes down. This might be something that I would mention to Hosting Matters if it’s just the lack of email access that is bothering you.

  3. bryan says:

    Speak for yourself, beltway boy. Not only is my blog not up, but a visit to my main URL says
    “There is no website configured at this address.”

    I’ve been unable to deal with this all day as I’m out of town. It’s frustrating, but on a much lower level for me since I’m a small fish.

  4. James Joyner says:

    Yeeha. OTB isn’t a big fish either, although I guess it’s now past the “throw it back” stage. But many of the truly big sites–InstaPundit, CalPundit, VodkaPundit (indeed, most of the “pundits” that you’ve heard of)–are on HostingMatters.

    This is sort of a Microsoft problem: because they’re big, they’re a likely target.

  5. Paul says:

    Funny you mention Microsoft, they have been ddosed as have yahoo, google and all the other biggest names in the biz.

    James, I understand your frustration but I assure you it is misplaced. A hosting provider can not just go to every upstream provider and get them to block someone at the drop of a hat.

    As you know, I own a hosting company, I could have none no better. To spin to a somewhat bizarre analogy…

    It is the internet equivalent of a drive by shooting. If someone wants you dead and just drives past you and shoots you there is not a whole lot you can do about it. (well, without the secret service anyway)

    The good points in this thread were over centralization of the blogosphere and Joy’s point of being with the same company that hosts anti-terror sites.

    To me the anger of the blogosphere is completely misplaced. It is terrorist that are responsible for this not HM. I doubt you would agree with suing gun makers but you blame HM.

    If you would like, I’ll give you a free email account as a backup to your present one. If your mail server does not answer to, mine will answer. I can also give you web mail so you can check it anywhere you are.

    You still use the same address but you always have a back up.


    BTW you can not do that with http, only mail.

  6. Steve says:

    “A hosting provider can not just go to every upstream provider and get them to block someone at the drop of a hat.”

    All responsible and responsive upstreams should indeed respond to this type of situation quickly and efficiently.

    The organization I work for has made this level of responsiveness a key selection criteria for transit providors and the 3 to which we have gigabit connections do respond ‘at the drop of a hat.’

    I’ll note that we evaluated but do not use either Qwest or AT&T which are the 2 upstreams that HM has specifically mentioned.

  7. Paul says:

    Steve, have you ever fought your way thru a ddos?

  8. Paul says:

    As an update Steve, Both AT&T and quest filtered the IP at a core router. AT&T says the requests were so massive their core router freaked.

    What SPECIFICALLY would you have had anyone do?

  9. michele says:

    “but they are no longer a reliable hosting service.”

    Ok, call me when you find a hosting service that will guarantee they will never be the victim of a DOS attack.