Me and my ex-colleague were sipping coffee at a Greek coffee shop in Reading, UK and discussing things we like the most – networks, computers, servers and datacenters. Somewhere in the middle of the conversation one of us mentioned that there’s a massive market gap for offshore hosting – web hosting services that ignore DMCA. Minutes later a plan was born.
SharkServers was started in April 2014 as Fat Shark Ltd, and the ownership was transferred to a new entity – SharkServers Ltd – somewhere in 2016. In those two years we’ve achieved a lot. We were called best offshore hosting by many of our customers, and we were proud of it.
When we started we had nothing – a couple of rented servers from Hetzner in Germany, and OVH in France. Not really offshore, is it? However, we had some very smart people on board with us, so we designed a system where anyone trying to find out the real location of our servers would be stopped in their tracks, and would only be shown an IP address that’s completely unrelated to the datacenters we were renting servers from. This worked for a while, but as our customer base grew, we needed a different approach as the connection was getting slower due to the tunneling involved in order to hide our physical location. So we went to the coffee shop again for some brainstorming.
The chat between me and my business partner ended up with an idea about our own datacenter. As many of you may know, it’s not an easy, nor cheap task to accomplish, but we were determined. SharkServers was doing so great so far, so it was only logical that we turn it into something bigger. You can have a look at our DIY Data center article to see how it went.
Now, our main place of advertising has always been BlackHatWorld SEO Forum. We tried other channels as well, but they didn’t seem to work. We had our own sales thread on BHW which brought in majority of our customers, so I can say for sure that BHW has a special place in my heart forever.
So What Happened?
First of all, I want to mention that this is in no way an excuse for what happened. I have none. It’s merely an explanation, so that you can understand why things went sideways.
Business was going great, and we were investing heavily to make it even better. However, as you gain exposure for your business, you also attract attention of unwanted elements, such as hackers, although I’d rather call them script kiddies. It almost seems like these people have nothing else to do than fire up their DDoS tools and just attack any website they don’t like. Another possibility is competitors – offshore hosting business is highly competitive, and businesses are constantly engaged in cyber warfare with each other.
Houston, we got a problem
We weren’t able to figure out if the issue they had was with us, or some customer of ours, as pretty much every IP address allocated to us got attacked.
The above image shows a tiny part of my inbox one morning, showing how our IP addresses got nullrouted one after the other due to a DDoS attack. I’ve had a good night out, and waking up to see this was something completely unexpected. It was around Christmas time, which meant that we had limited staff, as most were on holidays, so we had to use our limited resources to see what can be done about this issue, so I called up the datacenter, hoping that they can help.
Now, we’ve been customers of this particular datacenter for years, and normally had very good relationship with the management, so I was hoping that they can put some temporary solution in place until a more permanent one can be found. Unfortunately, they didn’t have the infrastructure to deal with the scale of this attack, so we were on our own. Furthermore, they told us that they will not be able to offer us their services anymore, and we need to move to another facility. I’ve decided to look for 3rd party DDoS protection, as well as a new datacenter facility in the Netherlands. As previously mentioned, this was around Christmas, so it wasn’t easy to do. Everyone, including myself, was away on holidays.
After considering several options for DDoS protection that appeared on Google, I decided to ask fellow hosting companies about what they use – it’s always best to know the opinion of people actually using the product. Relying on reviews found online is not always the best way to go, as some of the good ones may be fake, and the bad ones can be planted by competitors.
After considering what others were saying, we decided to go with Voxility, and haven’t regretted it at all. They haven’t let us down since, and is the only DDoS protection company I would recommend myself. Yes, they are quite pricey, but you still won’t find anyone cheaper. We certainly didn’t, and for the amount of IP space their protection covers, the price is justified.
Moving the Servers
So, we were asked to move out of the datacenter facility in Netherlands due to the inability of the datacenter’s network to handle the constant DDoS attacks we were getting. It didn’t matter to them that we now had DDoS protection from Voxility, and their network wouldn’t be affected. They just had enough and wanted us out on short notice. A certain datacenter offered their services. Whether I will name them or not will depends if the owner of it gets back to us regarding the issue I’ll be explaining later on. However, let’s move on to how it went down.
The new datacenter offered us to move servers from the old one. Great deal, as I was away in Thailand at the time, so having them do it for us was great. The two guys from the datacenter were granted access to our rack, went down there and removed the servers. Couple of hours later we were up and running in the new datacenter that we hoped to call home. However, things didn’t go so smoothly. About two months in, the servers went dark. Heck, the entire network went dark. I was frantically trying to call the owner of the datacenter to find out what’s going on, but got no response. All our customer servers were offline and we didn’t know what’s happening.
Fast forward to present day, and the datacenter has still not responded to repeated questions about the status of our hardware. As such, we have sued them, and are waiting for the outcome of the court case.
With all of the above said, we are now taking a very careful approach as to who we partner with. Backups are taken 2 times a day and are held off-site, and many other security measures have been implemented.
I would like to take the opportunity to apologize to our customers who suffered because of this issue. We would love to win you back, and we understand if you’re angry at us. However, let us tempt you by our 80% off offer. Your user account should still be accessible via our website. However, if it’s not, please create a new account and get in touch with us. We will be happy to offer you the best deal possible to show you how sorry we are for the trouble you’ve been put through.