Those who follow my rants on Twitter, can’t possibly have missed it. The past few weeks, I’ve had my share of hosting woes. Clients with cheap hosting which broke Ninjaboard, Unsafe setups, poor customer support – I’ve seen it all. So, for therapeutic reasons I present to you our new series: Hosting From Hell. This section will be dedicated to terrible hosting experiences.
Call to action:
Got your own negative, terrifying or dramatic hosting experiences? Send me a mail (See: Contact), and I’ll publish your story.
‘Joomla! Hosting’ from hell
You can’t ignore that Joomla! (and WordPress and Drupal) are the cat’s meow (borrowed from @nikosdion). Hosting companies know this, and many try to sell their hosting as “Joomla!” hosting. The main actor in this story takes it a step further: If you order “Joomla! hosting” from them, they’ll setup your site for you. Sounds like a sweet deal, right? What could possibly be wrong with this?
I was alarmed when we tried to deploy our own ‘Distribution’ on another package by the same guys. Akeeba Kickstart alarmed me that a bunch of folders were unwritable. Once I managed to setup the site anyway and I started to work on the site a bit, I noticed that all the folders were unwritable because we had set the folder permissions properly.
How not to setup permissions
This made me wonder. If I had no problems, how was it possible that we had no problems with another site – one where they had installed for my boss?. Using the always usefull Akeeba Admin Tools, I checked on the folder permissions they configure for their install. I’ve made a screenshot to share the joy with everyone interested…
That’s right. They install the site, and then set all folder permissions to 777 to make Joomla! “usable”. Once you use AdminTools to set the permissions to safe settings, the site breaks into a thousand pieces – because all folders are now unwritable.
Virtually all folders are “Onschrijfbaar” or unwritable (except one, with perm’s set to 777 to test)
I’m well aware that you can use the FTP layer, if needed, but you shouldn’t have to. Hosting companies should know better than to recommend users to set their folder permissions to 777 or – even worse – set them to 777 theirselves. Why, you ask? You can read this excellent post by the developer of Akeeba.
We’re still waiting for their reply, to our support request in which we asked why we’ve got permission problems despite “setting the standard folder permissions.” No reply so far… 😉
Note: I left out the name of this company because I don’t want yet another PR person to call me, asking “you mad at us, bro?”
A “correct” hosting configuration, in my opinion
1. suExec and suPHP installed – so that all processes and file uploads run under the account owner
2. mod_security installed – so that no folders or files can be set to 777
3. All files and folders owned by the account owner
4. Folders 755, files 644, configuration.php 444
5. FTP layer turned off
This configuration ensures that the site never ends up with mixed file ownerships.
I encounter many host providers who don’t even have 1 and 2, and don’t know how to configure the server for 3,4 and 5.
Brendon
Brendon, thank you for your input. I dont know what is worse: that some hosting companies dont know these things or deliberately dont implement them for “performance reasons”…
Pingback: Hosting from Hell: “Joomla! Hosting” in Action