Some mornings, it's not worth chewing through the leather straps.

-- Emo Philips
Page:  1 2 3 4 [5]
Why I ask for IDs on questionable orders when doing anti-fraud reviews2010-Apr-13
Posted by Douglas, @BearlyDoug

On July 3rd, I posted my "Laugh of the day" on a fake ID. Last night, I had a potential customer throwing a pissy fit over the fact that I ask for IDs on questionable orders. His order was as questionable as they get (IP routed to Boulder, CO, while listing a California billing address... not to mention the fact that I can easily pick up on US versus non US typing styles).

This potential customer apparently had the impression that we were a new company, and very small... and said that no one asks for IDs on any online purchases anywhere, and that it was silly for me to ask for it. Even said that I should just provision any and all orders that come in and worry about the fraudulent crap later.


I hit him back with the stuff below....
If there wasn't a cost factor involved (Chargebacks, licensing fees, all the work required to get a customer set up initially, etc), then maybe I could see where your argument would hold up very well.

The simple fact of the matter is that there's a lot more that happens behind the scenes when a hosting provider (doesn't matter if it's shared, VPS, dedicated, cloud, SaaS type hosting) sets a customer up.

There's more anti-fraud reviews that go on than many people realize. Some providers just do a quick once over, while other providers (like us) scrutinize every order that comes in from a new customer. Existing customers are spot checked to make sure they have no past due balances. Past customers are checked to ensure they left and came back on a good note (for example, not owing any money from their last tenure with their hosting provider).

This isn't an uncommon practice, for both Solar or myself, personally. Solar has been around for over five years now and has always required ID on questionable orders. I've been in the online sector for nearly 15 years and handling anti-fraud reviews logn before I even joined the web hosting industry in 1999. One of the reasons I was brought on is because of my ability to sniff out fraudulent orders. In the past 13 years that I've been doing anti-fraud reviews, only 20 (previously legitimate) orders have come back as fraudulent.

When I worked for DedicatedNOW, I was performing anti-fraud reviews for them, and requesting IDs then.

Simple fact of the matter is this: As long as there are people on the internet, using credit cards to make purchases, there will be a plethora of fraudulent orders coming in.

If we had allowed these orders to come in first, provisioned them, and they ended up being fraudulent... how much money do you think a hosting provider would lose?

Take Solar, for example... we get between 20-50 fraudulent order attempts a week.

Chargebacks typically cost each provider between $10 - $35 per instance.
Let's not forget payment processing fees ($0.50 - $5.00 per instance).
Licensing fees? Between $3.75 - $15.00 per customer.
Labor costs in provisioning an order can range between $2.00 - $25.00

You can do the math on this.

As long as I am in charge of the sales and provisioning teams, we will continue to request IDs whenever there is a questionable order coming in. It makes for good business practices, not to mention the fact that I'm also protecting our potential customers from being victims of Fraud.

There's no way in hell that I am going to move away from how we do reviews... Ross has entrusted me with a majority of the day to day operations of Solar... I'm not going to do anything that will cause financial damage to the company. I will do whatever I have to do to ensure that Solar's assets are completely protected. :D

0 CommentsJoin the Discussion!
cPanel MySQL - Moving from one system to another? Check this out!2010-Apr-04
Posted by Douglas, @BearlyDoug

In my last tutorial, I described how I managed to get a site moved from one server to another and have DNS update immediately. This tutorial takes a bit of a different approach and lets you run your site across two separate servers while you wait for DNS to propgate throughout the world.

In this tutorial for handling MySQL connections where a website/DNS is sitting on a different server, I'm going to show you how to allow your MySQL Database on your cPanel system to be allowed for external usage. Please note that this tutorial assumes that you've already created the MySQL database and have imported the data into your MySQL DB on your cPanel system.

First thing you need to do is get the actual IP address of the server where the website (not the database) is currently sitting. For many people, you'll need to grab the information directly from a "phpinfo();" call. Please see this entry on for instructions on how to do that.

Under the "Environment" section, locate the section called "SERVER_ADDR". In this tutorial, I'm going to use as the example.

Next, log into your cPanel's interface and select "Remote MySQL" in your Databases box. It'll ask you to plug in an IP, or to use a Wildcard ("%").

(Note: You should never do a wildcard access character, due to potential security issues, especially when sensitive data is involved).

Now, what you'll want to do is go ahead and change your script where the website is located at to utilize the MySQL database connection information on your cPanel system.

If you get a connection refused, or are running into errors... check to see where the problem is. Chances are that you might have CSF + LFD (or APF + BFD) actually blocking MySQL traffic via Port 3306. If that's the case, then contact your hosting provider to give you assistance with opening that port up (it's really easy, though).

Another step you can take (and one that I had to use while typing these instructions up) is to find out if you're connecting to the right system.

2. Create an empty file with a text editor and save it as mysqltest.php

3. Add the following to that file:
$link = mysql_connect('hostname','dbuser','dbpassword');
if (!$link) {die('Could not connect to MySQL: ' . mysql_error());}
echo 'Connection OK'; mysql_close($link);

(Replace the braces with HTML brackets)

Replace hostname with either a domain name or an IP on your new cPanel system, username and password with the details you have for your database. Thereâ??s no need to add the database name.

4. Upload it to where the website sits (not the database, but the old server). Call up the URL in your browser.

In my case, this helped me determine that I had my password wrong, and that I had to fix it (whoops!).

FYI, the above script is another great way to help you determine what your web server IP address is.

For those of us that just *love* database driven sites and want to keep them up, even with a transition from one provider to another, this tutorial will help you ensure that your baby stays operational while it moves.


0 CommentsJoin the Discussion!
I am SMF!2010-Jan-15
Posted by Douglas, @BearlyDoug


I am SMF.

I am the child of YaBB SE.

I am the grandchild of YaBB.

I am bigger than any single person with an agenda.

I am bigger than the kitchen where too many cook spoils the pot.

I am but a gleam in my creator's eye. (Tribute to [Unknown])

I am simple.

I am strong.

I am powerful.

I care for the smallest of sites.

I care for the largest of sites.

I am used for good.

I am used for bad.

I am an integral part of building your community.

I am a digital version of a coffee shop.

I will be around longer than many people who have contributed to me.

Yet, I am still a child, constantly growing and learning.

I do not care about gender, nationality, religious beliefs or financial stature.

I am wounded by a power struggle between people who care about my well being.

I care about the core foundation upon which I was founded upon.

I care to have my existence continued, in one facet or another, so long as I am continued.

People may come, people may go. I will continue to exist.

I am SMF.

I am not making this post to throw support for one side of the fence or the other, rather to remind people of the core principles that which we all initially embraced.

Carry on.

0 CommentsJoin the Discussion!
Please Log in or Register
It's BearlyDoug!
Already registered? Sign in NOW

Promoted Sites
The sites listed below make possible. Do me a favor and show 'em some love!

Latest Site Additions
07-Oct-2013 - Event Item
13-Nov-2012 - Site Update
13-Apr-2012 - Interactive Twitter Item
10-Apr-2012 - Site Update
10-Apr-2012 - Interactive Twitter Item
21-Mar-2012 - Event Item
21-Mar-2012 - Event Item
27-Feb-2012 - Site Update
25-Feb-2012 - Site Update
25-Feb-2012 - Site Update