Please tell me if you think Aplus.net has lied to me - register_globals

[Aldebaran]

Hi,

Here's my story - please tell me what you think of it.

 

I use a file called phpinfo.php that contains one line of code that has phpinfo(); in it to tell me what PHP version and configuration are on my client's websites. It's a great tool.

 

I needed to turn register_globals "OFF", as it was showing as "ON".

 

So I used their awful online chat, and eventually turned it off via their control panel.

 

But the file still showed it as being "ON". The support person said it would take 2 hours.

 

The next morning (today) I checked again, still showing "ON". Refreshed my browser cache just in case, checked on a different browser, still said "ON".

 

Called Aplus.net phone support, after 16 minutes on hold, they said it was now fixed. I refreshed my browser, and indeed, it now said register_globals was "OFF".

 

But they went on to say, that the issue was with my file. They said that because I used a secondary FTP user, it wasn't working. I asked how this possibly made sense, and they kept repeating the same thing.

 

So I tested it, I re-uploaded the same file, same USER, and it didn't revert back to "ON", it still showed the new setting of "OFF".

 

I think Aplus.net's control panel is crap, but if one of you PHP experts can explain to me how their story is possibly true, I'd really like to hear it.  I've written an article on my blog about this, and I'd love to hear your opinions as well.

 

http://aldebaranwebdesign.com/blog/aplusnet-customer-service-another-poor-online-chat/

 

I just really want to know how their explanation could possibly be true... ???

[AndyB]

I just really want to know how their explanation could possibly be true... ???

 

In a parallel universe, maybe?

[Aldebaran]

LOL. But you agree...it doesn't make any sense, right?

[tomfmason]

I had several servers hosted with them for about a year and never really had a problem. Maybe you just got some retarded support reps or something. Their dedicated server support always seemed knowledgeable and had quick responses to my support requests.

[Aldebaran]

Granted my experience is only with shared hosting. But every single time I contact them, I come away frustrated. Does is sound like the shared hosting people are in Russia? That's what the shared hosting technical support folks sound like.

[tomfmason]

It is a family owned company and they are originally from Bulgaria. I think everyone that works there is related in one way or another.

[Aldebaran]

UPDATE:

 

I was still getting the security warning message from the content management tool...even though register_globals was showing as OFF. I emailed the content management tool folks, and they said to put my PHPINFO file inside the content management tool directories.

 

I did this, and to my astonishment, the register_globals was still ON. So the Aplus.net control panel isn't a site-wide setting?!

 

Now I have to call them back again.... for the third time!

[Daniel0]

Try this:

 

In .htaccess:

php_value register_globals off

[Aldebaran]

Do I need to put this at the root level, or every single folder on the whole site?

J

[Daniel0]

Just put it in your document root.

[Aldebaran]

Nope, that just caused an INTERNAL SERVER ERROR on the entire site. It's not compatible with how Aplus.net has it configured. Thanks for suggestion though.

[steelmanronald06]

Hmm...I'd suggest a change in hosting.  ace-host.net, webhostfreaks.com, serverpowered.com  All three are good, reliable hosts.

[Aldebaran]

Oh, if I could only change hosts....my client doesn't want to change, so I'm stuck. But I agree 100%. I typically use DreamHost, and these issues are non-existent.

[redbullmarky]

Nope, that just caused an INTERNAL SERVER ERROR on the entire site. It's not compatible with how Aplus.net has it configured. Thanks for suggestion though.

 

hmm that would imply that the .htaccess file is being recognised, as far as i'm aware. getting a 500 internal server error would normally occur if you've not spelt something correctly in the file itself.

 

instead of php_value, try php_flag:

 

php_flag register_globals off

[Aldebaran]

Aplus.net is now claiming that indeed register_globals is off, but that there is some permissions error with the FTP user that I'm using. They are now claiming that you can't have two users access to the main html directory. So they're saying that when THEY upload a file with phpinfo(), it shows register_globals as OFF, but when I do it, it shows it as "ON".

 

Now, I've been using this FTP user the entire time, no issues have surfaced, and when you create new FTP users, it says nothing about not giving them access to the same directory.

 

Groan. What file permissions could prevent register_global from correctly detecting it's status?

J

[Daniel0]

Nope, that just caused an INTERNAL SERVER ERROR on the entire site. It's not compatible with how Aplus.net has it configured. Thanks for suggestion though.

 

hmm that would imply that the .htaccess file is being recognised, as far as i'm aware. getting a 500 internal server error would normally occur if you've not spelt something correctly in the file itself.

 

instead of php_value, try php_flag:

 

php_flag register_globals off

 

If they're running the CGI version of PHP then those directives do not exist. That might be the case here.

[Aldebaran]

And another strange item:

 

When I look at the file I uploaded (with phpinfo()) and the file they uploaded (same function), the permissions are identical. But what's different, is the Configuration File (php.ini) Path. They are different for the file they've uploaded, and the file that I've uploaded (to the exact same directory).

 

How does the particular php.ini path get chosen via the FTP user?

 

J

[floraview]

Sorry, I know this has nothing to do with your question, but Aplus.net sucks. It may possibly be the worst web host. They lie about downtime and the reasons it went down. They can't manage servers at all, if something fails, they don't know why or how to fix it. Their support sends you no emails saying you should expect downtime, and when you contact them about it they say it will be back up within hours. Two weeks later they send out a email to all users saying it may take weeks to get it back to normal.

 

Don't use Aplus.net.

[rondog]

Sorry, I know this has nothing to do with your question, but Aplus.net sucks. It may possibly be the worst web host. They lie about downtime and the reasons it went down. They can't manage servers at all, if something fails, they don't know why or how to fix it. Their support sends you no emails saying you should expect downtime, and when you contact them about it they say it will be back up within hours. Two weeks later they send out a email to all users saying it may take weeks to get it back to normal.

 

Don't use Aplus.net.

 

x2

 

My boss bought them as a new host a few weeks ago. I was getting 500 Internal Server Errors all over the place on previous files that worked perfectly on another host. Their support is hardly support at all because they know absolutely nothing. One guy tried telling me my script wasn't working because it had a .php extension rather than a .sql..I just laughed at that point and switched hosts.

[Aldebaran]

I've got an blog article about this...if any of you  want to add your awful Aplus.net stories to help warn others, it would be wonderful.

 

Here's the article:

http://aldebaranwebdesign.com/blog/aplusnet-customer-service-another-poor-online-chat/

 

J

[Aldebaran]

And as final note, the original issue has been finally resolved by using a different FTP user account and deleting all the files are reuploading them. Why a FTP user account would be set up to use a different ini file, is beyond me. But this is how we finally fixed it. What a waste of time.