
Brent Stinski: How Yahoo shut down my business, and how it could happen to you - cwan
http://venturebeat.com/2010/06/21/blocked-how-yahoo-shut-us-down-and-why-it-could-happen-to-you/
======
ck2
_but I always had higher priorities than switching_

Well they solved that procrastination problem for you the hard way.

Sounds like my friend who still used AOL for their email for a decade until
this year they got blocked by abuse when someone made a fake complaint about
some usenet posting (they don't even know what usenet is!) That solved their
procrastination problem too as they could never reach a human being. (They got
a call several MONTHS later from AOL offering their account back, lol).

But doesn't ICANN prevent registrars from taking away access to your domain
(not the hosting, the domain) like that ? Once you own a domain, registratrs
can't touch it short of a URDP.

~~~
gxti
Is Yahoo actually a registrar, or did they simply register the domain on his
behalf? If the former then yes they would be compelled to let him transfer it
elsewhere. If the latter then Yahoo technically owns the domain and can do
with it as they please.

Always, _always_ control your own domain registration and do so at a reputable
registrar. Don't use your webhost and don't use a company that does anything
but domain services.

Companies that do registration on the side or as a bonus to hosting packages
tend to do things like automatically re-register your domain even after
billing fails without notifying you, then submit the whole $20 to a bill
collector without notifying you, keep the domain operating for an extra 6
months so you have no idea that anything went wrong, but kill it after said 6
months with another 6 months left on the registration with no way to make any
changes to the domain because they refer any support requests to the bill
collector -- because this definitely did not happen to me and it definitely
didn't happen at a company called 1&1 Internet Inc. because that would be
totally absurd. _cough_.

------
tzs
Here's the trick to getting Yahoo abuse to listen to you--go through your
advertising rep. We had a problem where our mails to Yahoo email addresses
were being bounced for "policy reasons". All the abuse people would tell us is
that it means a link in the email is bad. This was stopping Yahoo customers
who purchased our products from receiving their receipts, software activation
instructions, or email tech support.

We were making no headway getting this cleared up.

This was particularly galling because many of those customers came to us
through our search advertising at Yahoo. We pay them a ton of money to send is
leads, and then they are blocking us dealing with those customers!

So our search guy called up his Yahoo rep and explained the situation. The
Yahoo rep conferenced in the abuse or IT guys (not sure which) and told them
this was not acceptable and our sites need to be taken out of the blacklist or
whitelisted or otherwise made to not be blocked.

The problem was fixed within 5 minutes, before we were even off the phone with
the ad rep.

------
fierarul
The future of everything automated where no human will care or know about your
issues.

------
Terretta
The common use case is to back up your office to the cloud. This story shows
why you should back up the cloud to your office.

------
synnik
"...a weakness in an old install of WordPress...allowed the jerk to set up a
phishing scam under my domain. I learned all of this from Bluehost, which
hosts the WordPress portion of my site."

When you log into Bluehost's control panel, and go to your installed apps, it
immediately informs you whether or not you are up to date with the latest
versions/patches. It has automated scripts to do the updates for you.

Either this author completely disregarded application security by not staying
up to date, or he customized it so much that automated updates were not
possible, but then did not maintain his own code.

Either way, and whether or not you agree with Yahoo's actions, the author
needs to own his own responsibility for his apps.

~~~
earl
Or, perhaps the author was tired of random wordpress updates breaking stuff
and declined to install updates to a working system. Further, the wordpress
people can't be arsed to indicate which updates are for security and which
updates are for more stupid features. so unless you go through the release
notes line by line for the software and all your plugins, it's very difficult
to tell.

More and more, the solution seems to be static files and disqus.

~~~
synnik
That is true, but that is exactly my point.

If you choose to use a product like Wordpress, then you should also accept the
maintenance that goes with that choice, tedious and annoying though it may be.

Installing a product, running a business on it, but ignoring patches and
updates is flat out unprofessional.

------
duck
After reading this and the other scary stories (Paypal and even Google come to
mind) - this seems like a perfect area for a new startup that has
"connections" to the inside of each of these service providers and can help
you restore or at least get answers. You pay them a flat fee and have some
strict timelines that they can guarantee.

~~~
reitzensteinm
Woah, no way would that arrangement last for any amount of time. "I couldn't
get my money back until I bribed a third party company" would be a PR disaster
of epic propotions, and the fallout would involve cutting of ties. You can
insure yourself well enough by having a good network or being part of a
community such as this one, but making the deal explicit would never work.

Anyway, isn't the option of lawyering up and suing basically equivilant and
available today?

~~~
duck
Well, I am basically thinking a type of arbitration which I am sure in some
ways is available today. Instead of suing though, it is more like avoiding
that since you never win even if you do win.

Probably not a great idea either way though and the better way to do it is to
_always_ be ready to move to another service/cloud provider. It is just
another form of a disaster and should be included in your recovery plans.

------
snorkel
Tyranny of the cloud. Never trust it.

~~~
sprout
Basically the same thing could happen to anyone. I own two domains with my
name in them, both of which host my blog and a few random projects. Either
registrar could hold my domains hostage and make me unable to receive mail for
a week, just as easily as Gmail (which is actually where all my email is
received at the moment, though I'm contemplating taking the plunge the other
way.)

~~~
nske
I have not researched this but I am under the impression that the registrars
could not legaly do so, if you only use them as registrars and not as DNS
service providers.

I think they could refuse to provide DNS service, if you hosted your domain on
their own DNS servers, but I don't think they could legaly on their own i.e.
change the name servers that you have defined as authorative for your domain
on the registry.

------
earl
Yahoo apparently believes in the Google customer support (fuck you assholes
for using our service) method. We'll see if bitching on high traffic sites
gets customer service from yahoo.

------
famfam
All you need to know is that they were running an unpatched Wordpress
instance.

~~~
code_duck
That was mistake #2 (second to not having decided to run the business on a
more professional platform than Yahoo Small Business and a shared host like
BlueHost), but regardless, the issue is still Yahoo's incredibly poor customer
service.

