Jay Grasmick Review of A2 Hosting
Not PCI DSS COMPLIANT! No one said a thing about i...
Not PCI DSS COMPLIANT! No one said a thing about it selling me the site. Miss lead me into thinking that the ssl, dedicated IP and the fast site was all good to go for what I said I needed it for. Well they left out some stuff. Good if you don't want to host your own cart or process cards on your site to uniquely fit with your unique business. This means you must use a third party to make any type of sale other than face to face cash or check forwarding your customer and the information off site to a third party site... No, the thing was a waste of my money for me, spent money. SSL and dedicated IP are useless if I can't process cards on my site. They had everything I needed except the most important part. Peed was great and it didn't have any issues as I was installing. Never the less the PCI DSS scan returned vulnerabilities that I wouldn't really classify as a business level security.
Update:
I was contacted back and was told they'd look at my fails from compliance, that usually they are not hard to correct. Then I was told that they were not critical fails and I need to upgrade to vps. Ok... OpenSSH Username Enumeration Vulnerability, Exim Remote Code Execution Vulnerability, Deprecated SSH Cryptographic Settings,
SSL/TLS Server supports TLSv1.0, Mail Server Accepts Plaintext Credentials. Just saying. So I gave them 3 stars instead of 1 just because until now it was a great experience. A pricey one but still. I just wish they had a PCI compliant option that wouldn't require me to pay $1000+ per month to run/launch my website. I get if I was google level or something but I am not. Funny how the difference is from $300 per year to about $1300 per year due to my storage needs. Skipping VPS and going straight to dedicated. It is a good deal! I just really wish they were PCI compliant. Hopefully that will change when I am ready to take the next step.
Comments: