Robert John Morton
The Internet Website Hosting
Internet Insecurity
Spam Email
Digital Exclusion
Security Warnings
Modern Websites
Semantic Indexing
Router Problems
About ISPs
Introduction
W@y Internet
NET,
Oi,
Blink
Claro,
GVT
Conclusion
I have only used three main website hosting services over the entire 27 years that I have had a website. The first was short-lived [5 years only] and very off-handed. The second was reasonable for the long term [over 20 years] but was inevitably scuppered by an administrative failure.
In the early days, I wrote myself a bare-bones web server program. Because of its total simplicity, it was robust and invulnerable. I could fire it up to listen for requests on Port 80 and it would serve my HTML files upon request. Search engines were not too prolific in those days so I had to tell people what was there and email the appropriate links to them. Running a web server from my computer back in the 1990s was impractical. I needed a web hosting service. I signed up to a free offer to readers of Computer Weekly. This was good but only provided 10MB of web space.
Consequently, I signed up with the UK hosting service ClaraNet. This worked well for 5 years. Then, without warning, my website was cut off. Up until then ClaraNet sent me a renewal invoice each April for the annual subscription, which I promptly paid. Then, in the 5th year, no invoice came. I enquired as to where my invoice was several times but nothing transpired. When I asked why my site had been cut off I was told by a technical operative it was because of non-payment. At the time, I was updating people in Brazil via my web site. I considered ClaraNet's action to be so arrogantly irresponsible that I did not contact them further.
Fortunately, I was running my site in parallel, for free, on an American web host called '20m.com'. I converted to a paid subscription to get rid of the intrusive advertising. This worked well for 20 years. Occasionally, I forgot to update my card details when my bank issued me with a new debit card. I would get a polite email from a human being in their accounts department saying that my card had been declined and that would I please log into the administration area to update the details, which I always did. Thus the problem was always immediately resolved. It happened once when my bank did a random check and withheld payment pending verification from me. I explained to the '20m.com' accounts person asking him to put the debit through again and it would be OK. Resolved. Simply.
However, in April 2023, when I checked to see if the annual payment had gone through, it looked to me as if it had. But apparently it hadn't. The way the data was presented was not sufficiently clear. Two months later, at the beginning of June, I discovered that my web site had gone 'off the air'. In its place was a short message:
Site Disabled: This site has been disabled. If you are the site owner please call 1-800-396-1999 between 9am and 9pm EST or login and update your information to resolve this issue.
During that two months I had received no communication from '20m.com' about any billing problem. The phone number didn't work from where I am and the login link simply took me back to exactly the same message. My login user name and password no longer allowed me to log into the admin area to update my Visa card details. The suspending of my '20m.com' website had also locked me out of my '20m.com' email account. So I was unable to see if the '20m.com' accounts admin had sent me an email about the suspension.
I had given '20m.com' an alternative email [a Hotmail account] through which to contact me in case I ever became locked out of my '20m.com' email account. I therefore logged in to my Hotmail account. But it wouldn't let me in. It said that it had detected an irregularity with the email account [the '20m.com' account] that I had given in case I were ever locked out of my Hotmail account. I tried to answer, as best I could, the rather large number of questions it threw at me for me to try to prove to it that 'I' was indeed 'me'. But all to no avail. The Hotmail algorithm would not accept that I was who I am.
One must bear in mind, when answering questions asked by an algorithm or AI [Artificial Intelligence], that it is necessary to assess accurately the extent and scope of the AI's knowledge. I answered all the questions correctly but the AI obviously didn't know the correct answers in my case. So I could proceed no further.
The upshot was that I became locked out of both email accounts. I could find no way to contact an actual human being at Microsoft [perhaps they don't have them any more]. I could find no other means of communicating with the '20m.com' web hosting service provider. Both email accounts are therefore simply giant ever-growing Internet puss-balls of emails that can never be accessed or read. One needs a minimum of 3 fully inter-referenced email accounts to avoid the possibility of becoming locked out in this way.
Note: I do not regard 2FA [Two-Factor Authentication] via a cell phone to be a secure solution at all. If one's phone is stolen one is again locked out completely. Where I live in Brazil 1680 cell phones an hour are stolen, usually at gun point. Besides, if I need to access my hosting service when in another country, my cell phone won't work there. So I would not be able to gain access anyway.
The above situation has significant implications regarding laws in some jurisdictions that assert that a recipient is deemed to have received an email if it has been delivered to his inbox; that is, the sender did not receive a non-delivery notification from the receiving postal server. This is wrong. Both email accounts are now outside my access and control. One cannot be rightly deemed to be responsible for what is outside one's control.
There was nothing further I could do except, after having subscribed to their service for over 20 years, simply abandoning my web site and signing up with another web hosting service. The sudden change of behaviour on the part of '20m.com' suggests to me that their polite and helpful billing department people must have been replaced with an ignorant algorithm.
In retrospect, this was all probably for the best. Over the years I had noticed that '20m.com' suffered from an ever-worsening IP address reputation. Indeed, many of the replies I sent to emails that people had sent me were rejected by the recipients' email servers, which returned to me increasingly abrupt and impudent rejection messages implying that I was some kind of email menace. In fact, my name had been placed, for no good reason, on publicly visible rejection lists. So perhaps it was an appropriate time to seek a more reputable web hosting service provider.
Consequently, I had to seek a new web hosting service. My web site is strictly non-commercial. It is personal, with intellectual content comprising an e-book and essays amounting to over 1·3 million words, with 86% in English and 14% in Portuguese. It is directly authored by me in HTML. Its just over 6000 files occupy about 350 MiB. It is a low-traffic site. I would prefer secure FTP access to my web space to upload and update files. Serving my site by HTTPS would be useful only from the point of view of search engine acceptance but is not necessary for viewer security. I would like to pay for my web hosting annually in advance.
I am, however, aware of growing concern — much inspired by the Edward Snowden revelations — about the accelerating deterioration in personal privacy, especially within US and UK jurisdictions, by agencies of the State. It is not that I have any wrong-doings to hide. Surveillance operatives — especially young ones — can easily take what is said or written out of context and thereby get hold of the wrong end of the stick, so to speak. I want to be free to speak, including criticisms, without the fear of having my site blocked for saying or writing something that is true but out of line with mainstream opinion or simply misunderstood.
It is for these reasons that I am seeking a hosting service provider that is based inside — and which operates servers and data centres only within — the jurisdiction of the European Union's General Data Protection Regulation. However, I must distinguish between two kinds of data here. The content of my website is for public view. Hence it can be served from anywhere. My personal credentials kept by the hosting service are private data. They must be protected.
I spent a full week deeply researching the current web hosting market after which I decided to try a Lithuanian company called Hostinger. Lithuania is in the European Union, so that is fine. It also serves websites from many data centres throughout the world, and I am able to choose the one from which my site is served. So I approached Hostinger.
The first great difference I experienced with Hostinger was that I did not have to wade through a labyrinth of bland forms and fields in order to sign up. They had a wonderful option called email through which I could actually converse with a helpful and attentive human being. I specified in my own terms the kind of hosting I needed and sent it as an email. I got an immediate reply from an operative, Bundra, who said that she [I am guessing here. I am not familiar with Lithuanian names] would examine my request and look for a plan that matched my requirements. Bundra wrote again the same day with details of a plan which I examined and found to be a very good match and was a very reasonable price. Her email contained all the links necessary to take be straight to all the information I needed in order to make a purchase decision.
I then decided to ask people I know from Poland, Switzerland, the UK and Canada what they thought of the plan. This took a little time. I then asked Hostinger about the best location for my site to be based since, although I am located in Brazil, 86% of my site is in English. I received a quick reply from Nicholas, who sensibly suggested that the Eastern US would be the best place and that I could select myself the location for my site to be served from within Hostinger's hPanel page. I decided to sign up to the plan.
A very significant plus-point here is that Hostinger offers not just the normal international payment methods like credit cards but also a variety of other methods, many of which are unique and specific to the particular country you are in. In Brazil, for instance, where I am currently located, I was offered the option to pay by Pix or Boleto. Pix I avoid like the plague but a bank Boleto is the method I prefer. The payment is made via ATM and no card, account or other details pass over the Internet or are stored on the vendor's site. So I chose the Boleto method.
An operative called Reyza asked me to confirm the details of the Boleto I had paid, which I did. Then I received an email from Rodrigo [from Customer Services] in Portuguese saying that payment by Boleto could take up to 3 days to clear. I don't know where Rodrigo was based but the Portuguese gave me a sense of connection. I feel sure that this whole thing could have been done in Portuguese if I had wanted it. Hostinger confirmed receipt of payment the next day and activated my web hosting account.
To my surprise, I found that I took to the Hostinger hPanel immediately. Within less than an hour I had relocated my web space to a data centre in the US, uploaded the over 6000 files of my website via the hPanel file browser and got my web site up and visible. I decided not to bother enabling SFTP for the moment. Perhaps later. I had a brief hiccup in that I did not realise that I needed to put all my website files in the 'public_html' directory [folder]. I emailed Hostinger about this and got an immediate reply from Ricardo in English, although his name suggests that he, like Rodrigo, could be located in Brazil.
All Hostinger's Customer Services people passed the Turin Test. The moral of this story is never try replacing human beings with artificial intelligence. It doesn't work and never will.
There is a foolproof solution to avoid getting locked out of one's web space. But it must be implemented by the hosting service: the user can't do it alone.
The hosting service must provide a means whereby the user can change his contact email address, even when locked out of his web space for any reason such as a missed payment date or out of date credit card details. In other words, he must never be barred from signing into his web hosting service's change of email address facility, using his original user name and password.
If the user has become locked out of his original email address [the one registered with his hosting service] and has become locked out of his web space and its administration area, he can re-establish communication with his hosting service by proceeding as follows:
Sign into his hosting service using his user name and password. This will give him access only to the hosting service's change contact email address function. There he enters his new email address.
The hosting service then sends a verification code to the user's new email address. He then accesses his new email account, notes the validation code, and enters it into a field provided on the hosting service's change contact email address web page.
Finally, before leaving the hosting service's change contact email address page, the user must validate that he is who he says he is by entering his password for his hosting service account.
The hosting service should then re-send any emails it sent to his old email address, since he became locked out of his web space, to his new email address. He may then contact them by reply email to resolve any administrative problem that may be pending. For this reason, a web hosting service should always provide the means whereby a user [client, customer] can converse with a human functionary at the web hosting service. Artificial Intelligence does not possess the semantic faculties necessary for fulfilling this role.