I want to share my recent terrible experience with NJALLA - eviltoast

I bought a domain from them about 3 months ago (luckily for one year). I decided to choose them because there were good references regarding privacy. So I started to point my self-hosted services (with proper certications and stuff) which were solely used by myself and my family, to the domain and subdomains. So far, so good.

Suddenly, my domains stopped working. I went to the admin dashboard and tried to click on “Manage,” but the button wasn’t working. I checked the button code, and it was labeled as “disabled.” So I contacted support, and I won’t provide much more explanation; I will just paste their response.

Domains not working

open - created 15 hours ago

Whats going on with my domain and its subdomains ? i cant even access to manage them anymore, why?

Replies:

[Reply #1] from Njalla - 13 hours ago

Your account is suspended.

[Reply #2] from you - 8 hours ago

May i have a reason ? What kind of answer is that? If i cant use the service i want my money back

[Reply #3] from Njalla - an hour ago

We don’t refund services, and your domain has been suspended for violating our terms of service, for among other things, being flagged as malicious by various browsers.

[Reply #4] from you - now

What terms did I violate and how? Do you have evidence? You are not even providing a notification, nor a reason, nor any evidence. And you just go ahead and suspend my domain??? What kind of service are you providing? Are you self-hosting the servers? For the record, I was just self-hosting my own services and was doing nothing wrong. I don’t even understand why this is happening. And if you can’t give me a clear reason, I will go ahead and spread everywhere what you did, including the fact that you are not even refunding me.

Edit: adding their “profesional” response. I assumed they just stole my money and my domain. I’m not able to even enter to manage my domain. They just disabled the button … wtf

[Reply #5] from Njalla - 3 hours ago

Why was your domain flagged by security vendors as malicious?

  • geography082@lemm.eeOP
    link
    fedilink
    English
    arrow-up
    5
    arrow-down
    1
    ·
    3 months ago

    Good possibility. I was actively checking the security and access violations or system changes. I was not able to see nothing strange. Even the only ips stains the services were always mines. Maybe I’m even unaware, but how to know if these people even tell me a thing.

    • taaz@biglemmowski.win
      link
      fedilink
      English
      arrow-up
      12
      ·
      3 months ago

      Run your ip through ip abuse databases to make sure there is nothing wrong perceived from outside.

    • sun_is_ra@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      5
      ·
      3 months ago

      I’d check https://transparencyreport.google.com/safe-browsing/search because most browsers including mozilla firefox rely on google safe browsing.

      The other thing to point out is that if an attacker somehow got root access, they could install a so called “rootkit” and what it does it replacing some of the basic commands like top, ps, … with altered ones in order to hide the malware activities

      • geography082@lemm.eeOP
        link
        fedilink
        English
        arrow-up
        2
        arrow-down
        1
        ·
        3 months ago

        Yep I figured out ot was google safe browsing . I have no clue why. Meanwhile these guys took over my domain .

        • MangoPenguin@lemmy.blahaj.zone
          link
          fedilink
          English
          arrow-up
          2
          ·
          3 months ago

          Njalla is more private because they own your domain and just allow you rights to use it, the downside is you have less control over things.

          Still would be nice if their support was better.

          Did your domain come up as flagged on google safe browsing?

          • geography082@lemm.eeOP
            link
            fedilink
            English
            arrow-up
            1
            arrow-down
            1
            ·
            2 months ago

            Yep I understand. Yes it was flagged by google safe browsing. But if they own the domain, and because of that they react like hysterical without investigating, their services are a “delicate” option.

            • MangoPenguin@lemmy.blahaj.zone
              link
              fedilink
              English
              arrow-up
              2
              ·
              edit-2
              2 months ago

              Probably due to their status as a privacy friendly way to have a domain they get a lot more fraud and scams using their services, they’re probably dealing with tons of this stuff daily. Being flagged by google safe browsing most of the time means something isn’t right, but I’m not sure what they would really be able to investigate on their end.

              Have you figured out why you were flagged? I’ve seen similar stuff from self hosters before where they have a compromised service exposed to the internet and didn’t realize it.