HostNexus 1 year review – Major security problems

Big on Hosting. Unlimited Space & Unlimited Bandwidth

I have been through my share of good and bad hosts over the years, and I usually don’t write a review, but I thought that this warranted one.

A bit over a year ago, a client of mine who had some very old sites that needed fixing contacted me to update them. Since they were written in ColdFusion, I looked for a host that provided ColdFusion and based on the positive reviews on WHT, I chose Prices were decent, so I sent in a 1 year payment and my client set the DNS of his domains over to the hostnexus servers. Setting up was a breeze. Support always answered my queries relatively fast and accurately (usually by Anoop, who was always great). As far as I noticed there has not been any downtime for any of the 3 sites hosted there over the past year. In October, the hosting had expired for the account and I didn’t realize that I had selected a recurring payment with PayPal, so I immediately requested that they reverse the charge because I wasn’t going to be needing their hosting anymore, and they sent it back within a day or two with relatively few questions. So far not a single complaint.

However, the reason I didn’t need their hosting anymore gets a bit complicated. I ran into an issue with my client since he basically ran out of money and couldn’t pay me for the last 3-4 months of working part-time on his sites. I informed him that I would give him a chance to pay me, but when his 1 year hosting expires, I wasn’t going to be making any further payments to renew the hosting because that would be out of my pocket. When the hosting finally expired in October 2013, I noticed that the site stayed active. I assumed that since someone had to manually revert the charge I sent by PayPal that they must have forgot to cancel the hosting through the account. I tried to log in to Plesk to manually disable the accounts only to notice that the username and password didn’t work and neither did the recovery. I just assumed that they must have disabled the login and forgot to push the “off” switch for the accounts, so I decided that I would just give my client a bit more time to pay me until the hosting actually got shut off.

A couple of months go by and the site is still up and my client still hasn’t paid me for the updates, so I contacted their support and told them to just delete the sites (to hopefully give my client further incentive to get it paid), and I was informed by their support team that they were taken offline. However my client noticed his site was down and sent in an email to hostnexus support asking for them to bring it back online and carbon copied me in the email, and lo and behold it went back online the very next day. I was busy so I didn’t have time to figure out why they had allowed someone else to bring sites from my account online, but a few more days later I was contacted by a friend of my client by telephone and apparently my client had stiffed him for a large sum of money as well and that at one point my client had requested that the friend send a payment in to hostnexus for the hosting so that it wouldn’t expire. My eyes bulged out of my head at that point. It turns out, they allowed someone else to submit a payment for my account and did not even inform me of it. So I emailed hostnexus support to figure out what was going on, and it turns out that not only had they allowed someone to submit a payment for my account, they had also transferred ownership of it to my client! They changed the password and the registered email to my client’s email because he made a payment (again, without even notifying me of the ownership change) and when I emailed them telling them that that’s what they had done, this is the reply they sent me:


Your client is now a HostNexus client. You are no longer a HostNexus client. Please stop trying to access this account.

HostNexus Sales
Empowering Websites Worldwide

Since this, they have been ignoring my emails.

Absolutely unbelievable! Someone else made a payment for my account, and they get to take it over, having complete administrative access to all files, databases, emails, etc! HostNexus was great for everything else, but this lack of security and the fact that they don’t even care about it is just unbelievable.

This entry passed through the Full-Text RSS service — if this is your content and you’re reading it on someone else’s site, please read the FAQ at


You can skip to the end and leave a response. Pinging is currently not allowed.

Leave a Reply