Why is it impossible to add-on domains until bluehost.com has detected that you've changed the name servers? Given the hours, maybe days, it might take for them to detect my changes, downtime is inevitable.

So telephone technical support you say. Well I did -- reluctantly because it's an international call -- and after waiting in the queue for six minutes, the guy added the domain for me, only when I hung up, I discovered he'd pointed it at the wrong subdirectory. (No I can't change the name of the subdirectory to the one he chose for various reasons...and I couldn't change the one he'd configured due to cpanel limitations.)

So I open a ticket and put in a request. But guess what? It won't be dealt with until Tuesday.

With every other webhost I've been with, adding on domains is an automated task. Getting it arranged over the telephone is all well and wonderful if you're in the US and the technician actually does it properly. But if he doesn't, three days to get it sorted through a support ticket is just unreasonable.

Nine hours working on my web account, nine hours that should have seen all my transferred websites up and running on the new server, but apparently I need people in America to keep activating things for me. (Even SSH earlier, because the sales blurb completely failed to mention that Bluehost needed photo ID.) Doesn't this rather defeat the automated nature of a tool like Cpanel?

yes, i agree, i've had to have a relatively high amount of human-human communication to get things taken care of with bluehost. I'm also an international customer, and the key to dealing with bluehost is definitely skype (http://www.skype.com/). In my experience, dealing with technicians by voice is really pretty fast (compared to say, tech support for my hard drives). 10 minutes and you can get most things done (there's no way they can speed up things like DNS database propagation, but that usually only takes like 4-6 hours or so. just gotta plan ahead for that stuff).

Anybody know of anything similar to skype that can send faxes (fax-over-ip)? Then even the sending photo-ID wouldnt be a pain for us internationals.

The reason we make you change the name servers first is for security reasons. Let me give you an example. Say someone adds hotmail.com as an addon domain. Obviously they don't own it and can't change the name servers for it, but our system would then add name server entries for hotmail.com to point to one of our servers. Then, any script or any program on our system that tried to go to hotmail.com would go to the wrong place. It would break many things.

If you think people wouldn't add domains they don't own think again. There is a reason we put that check in, and it was because we got yahoo.com, hotmail.com, microsoft.com etc added all the time. We do this to HELP our customers and avoid problems, not to cause headache for them.

Thanks,
Matt Heaton / Bluehost.com

What's the big deal about changing the nameservers? :confused:

It only takes a minute to change them. Ok, it takes some time to propogate but that can be as little as a few minutes.

I did it the other day ... tried to add a domain but had forgotten to change the nameservers. Changed the nameservers, came back and added the domain. It really did only take a few minutes.

The reason we make you change the name servers first is for security reasons. Let me give you an example. Say someone adds hotmail.com as an addon domain. Obviously they don't own it and can't change the name servers for it, but our system would then add name server entries for hotmail.com to point to one of our servers. Then, any script or any program on our system that tried to go to hotmail.com would go to the wrong place. It would break many things.

If you think people wouldn't add domains they don't own think again. There is a reason we put that check in, and it was because we got yahoo.com, hotmail.com, microsoft.com etc added all the time. We do this to HELP our customers and avoid problems, not to cause headache for them.


Thank you for the explanation. And sorry if that message was a bit loud, ranty and grumpy but after so many hours working, transferring data, manually changing databases and code to reflect new paths, etc., etc., it was frustrating not to be able to add-on the domain. Moreso when the add-on was performed by a technician after a phone call and pointed to the wrong subdirectory. I'll get over it.

By the way, after I've changed the nameservers to ns1.bluehost.com and ns2.bluehost.com, and attempted to add-on the domain, it refuses on account that it still thinks the nameservers are pointed elsewhere, but then shows me a whois lookup it has performed and highlights the "erroeneous" nameservers. Guess what they are?

ns1.bluehost.com
ns2.bluehost.com

So the nameservers are correct and bluehost.com can even see that they are correct. Presumably if your "name server check" can rely on the whois data instead of waiting up to 48 hours for the changes to propagate through the internet's DNS, your customers won't have to ring your support team (freeing up your resources) nor will they need to risk downtime. There's no chance those nameservers are *ever* going to appear on the whois data of yahoo.com, microsoft.com or hotmail.com is there?

FTR, I risked downtime on one domain last night because waiting until Tuesday afternoon was less acceptable. I couldn't access my site (or my email for that domain) for 90 minutes because even though my own ISP saw the DNS changes, your own server didn't, and therefore wouldn't let me add-on the domain.

Done now though, and I must say I'm *very* happy with performance of the website compared to my last webhost. It's just a shame what had to happen in between.

Many thanks

What's the big deal about changing the nameservers? :confused:

No big deal whatsoever. That's the easy part.



It only takes a minute to change them. Ok, it takes some time to propogate but that can be as little as a few minutes.


And it can take as long as two days. It depends on numerous factors. My domains are hosted by my ISP in the UK. The nameserver changes occurred after a few minutes here, but (as just stated in another message) it took approx. ninety minutes for bluehost.com to see them. I couldn't do the "add-on" for ninety minutes, so therefore, my site was inaccessible to customers of many (but not all) ISPs for that period of time.



I did it the other day ... tried to add a domain but had forgotten to change the nameservers. Changed the nameservers, came back and added the domain. It really did only take a few minutes.

Some people stand at the bus stop and the vehicle arrives within minutes. Others find themselves waiting over an hour due to factors beyond their control. It's a random world. Two humans can perform identical tasks and be faced with entirely different consequences. I'm glad migrating domains was no big deal for you, but your experience isn't shared by everybody.

Anybody know of anything similar to skype that can send faxes (fax-over-ip)? Then even the sending photo-ID wouldnt be a pain for us internationals.

I really must get another headset. I broke my last one some time ago and because the novelty of Skype wore off, I never got another. Now is the time.

Do you have concerns btw, about sending photo-ID -- particularly if it's a copy of your passport? As far as I'm aware, UK passports are subject to Crown Copyright restrictions, and copying them for any organisation other than notaries, solicitors, banks and government departments is against the law.

Given that a passport is the only source of photo-ID many Brits have (we don't have identity cards...yet), this presents a bit of a problem.

And it can take as long as two days. It depends on numerous factors. My domains are hosted by my ISP in the UK. The nameserver changes occurred after a few minutes here, but (as just stated in another message) it took approx. ninety minutes for bluehost.com to see them. I couldn't do the "add-on" for ninety minutes, so therefore, my site was inaccessible to customers of many (but not all) ISPs for that period of time.
It comes with the territory, my friend. :)

90 minutes to propogate across from the UK isn't so bad at all.

I agree about the photo id thing. I don't feel comfortable that a picture of my driver's license is sitting around in the Bluehost office. I've already been a victim of identify theft. What's the reason for the id requirement?

It comes with the territory, my friend. :)

Actually it doesn't. I've used a number of hosts since 1996, and this is the first time I've come across one that requires international telephone calls if you want to get domains added quickly (in order to avoid downtime).


90 minutes to propogate across from the UK isn't so bad at all.

It is very bad if you've got to spend that ninety minutes continually hitting the add-domain button in CPanel in order to avoid down time. Also, I was lucky -- given that my own ISP is my registrar and name server changes are applied immediately. Others might not be so lucky because it *is* quite plausible for nameserver propagation to take up to 48 hours *after* the registrar can be bothered to make the changes. 48 hours is a long time to be sitting in CPanel, hitting the add-domain button just to avoid down time, don't you think?

Neither of my previous hosts (Modhost and Dreamhost) require this, so there was ZERO downtime when transferring domains.

I can understand the security reasons pointed out, but I don't understand why the server has to wait for propagation to occur -- why it can't verify the nameserver changes from the whois data that it actually displays.

I agree about the photo id thing. I don't feel comfortable that a picture of my driver's license is sitting around in the Bluehost office. I've already been a victim of identify theft. What's the reason for the id requirement?

And what use is a photo id when no face-to-face transaction took place?

From what I've been reading at Her Majesty's Stationary Office, the legal ramifications of copying and sending passport photo ID to companies in the UK (never mind those outside UK jurisdiction) are a bit scary. Identity theft insurance policies are also worthless if you volunteer a document that contributes to the cloning of your identity -- but only if the copying and distribution of that document was forbidden (as is the case with UK passports).

Do you have concerns btw, about sending photo-ID -- particularly if it's a copy of your passport? As far as I'm aware, UK passports are subject to Crown Copyright restrictions, and copying them for any organisation other than notaries, solicitors, banks and government departments is against the law.

Given that a passport is the only source of photo-ID many Brits have (we don't have identity cards...yet), this presents a bit of a problem.


I used to live in the US and I still have a US drivers license, so I just used that. The UK doesn't have faxable driver's licenses? Other than that, I'm afraid I can't help you =(

Why they require that is really beyond me. There's nothing you can do via ssh that you can't do with a little more tinkering via php or something like that... Except maybe abuse the CPU? But at least my box is slow enough, I don't think that's their concern. I think it's a misguided attempt to disuade us from using their servers to get them in trouble...

I used to live in the US and I still have a US drivers license, so I just used that. The UK doesn't have faxable driver's licenses?


Yes. But only a minority of UK citizens have driving licenses with photographs on them because they're a relatively recent format. Not all countries impose photographic ID on their citizens. Yet.


Why they require that is really beyond me. There's nothing you can do via ssh that you can't do with a little more tinkering via php or something like that... Except maybe abuse the CPU? But at least my box is slow enough, I don't think that's their concern. I think it's a misguided attempt to disuade us from using their servers to get them in trouble...

Well, I already have SSH access, so photo ID isn't really a problem. I was just drawing attention to the fact that bluehost.com might be unwittingly inciting international customers to break the law by asking them for copies of passport photos.

As for what you can and can't do via SSH: No, I don't relish the prospect of writing PHP scripts to untar websites I've transferred across, when I can do it in a few seconds with SSH. A service which of course is advertised without condition (I didn't see any footnotes) before we sign up.

Just my tuppence. I'm actually very happy with the speed and responsiveness of the server I'm on, and glad I transferred to bluehost.com now *almost* everything is working.

As for what you can and can't do via SSH: No, I don't relish the prospect of writing PHP scripts to untar websites I've transferred across, when I can do it in a few seconds with SSH. A service which of course is advertised without condition (I didn't see any footnotes) before we sign up.

You don't need to write your own php scripts, you can do a lot of command line stuff with phpshell (http://mgeisler.net/php-shell/), including, I believe, unpacking large files. I have used it for creating symlinks mostly, but you can use most shell commands.

There isn't a lot of security built in, so I just upload the file when I need to use it, and delete it when I'm done.

You don't need to write your own php scripts, you can do a lot of command line stuff with phpshell (http://mgeisler.net/php-shell/), including, I believe, unpacking large files. I have used it for creating symlinks mostly, but you can use most shell commands.

There isn't a lot of security built in, so I just upload the file when I need to use it, and delete it when I'm done.

I had no idea about phpshell. Thanks for the tip. :)

Yes. But only a minority of UK citizens have driving licenses with photographs on them because they're a relatively recent format. Not all countries impose photographic ID on their citizens. Yet.
I suppose when you're already deploying a camera survelliance network to log all vehicle movements (http://news.independent.co.uk/uk/transport/article334686.ece), putting drivers' pictures on their licenses does seem a little redundant, doesn't it?

(yes, i realize cameras aimed at licenses plates might have a hard time capturing passenger faces, but, still, i think it's amusing ^^



Well, I already have SSH access, so photo ID isn't really a problem. I was just drawing attention to the fact that bluehost.com might be unwittingly inciting international customers to break the law by asking them for copies of passport photos.
good point

Well, PHP itself still has some built-in security restrictions by default that will prevent a lot of abuses that would be possible with shell access.

It would be much easier to attack both Bluehost themselves and use them as a launching point for other attacks by having SSH access. This is much harder to do with a PHP script (in fact, it can be almost impossible if PHP is configured properly).

By being able to have confirmation of your identity, it ensures that Bluehost is exercising the due diligence that is required of them should a law enforcement agency ever want to track something back to it's originator.

I'm sure most Bluehost customers would certainly not want to see all of their services shut down because Bluehost found itself on the wrong end of a search-and-seizure warrant.

I suppose when you're already deploying a camera survelliance network to log all vehicle movements (http://news.independent.co.uk/uk/transport/article334686.ece), putting drivers' pictures on their licenses does seem a little redundant, doesn't it?

(yes, i realize cameras aimed at licenses plates might have a hard time capturing passenger faces, but, still, i think it's amusing ^^


good point

Indeed. I believe Staffordshire (where I live) has more speed cameras than any other county, and it's fairly easy for the authorities to track people from one end to the other, provided they have their license plate details. Outrageous really. We are sleepwalking into a dictatorship, but then our government uses the same excuses for it as the US: Terrorism.

And drifting back on-topic...thank you so much for that info JDH. I'm still a little surprised about the photo-ID though. Somebody with bad intentions could easily fax a fake photoshopped passport-photo to match his stolen credit card information.

Provided a government issued proof of identity is required, I just don't see why the photo is relevant. A driving license should suffice. (Not all contain photos,)

And drifting back on-topic...thank you so much for that info JDH. I'm still a little surprised about the photo-ID though. Somebody with bad intentions could easily fax a fake photoshopped passport-photo to match his stolen credit card information.
While I certainly can't speak for Bluehost, I am somebody who has a fair bit of experience with IT policy, security, and law enforcement issues.

I think what it comes down to is simply due diligence and liability. By requiring photo ID, Bluehost is exercising due diligence and thereby reducing their liability in the event that their systems were ever misused. Nobody can expect the staff at Bluehost to be experts in forensic analysis of photo identification, but by having something on file, there is generally at least a starting point for the authorities, and by requiring that it be photo ID, they are enforcing a stricter standard of compliance.

If you think about it, it's very similar to how things would work with a bar or a nightclub... Checking photo ID is certainly not a foolproof means of ensuring that nobody under age ever enters the premises or is served alcohol, but an establishment that did not do this would likely find themselves with a far greater liability burden if an underage patron were to commit a crime after imbibing at their establishment.

You are more then welcome to send an email to support@bluhost.com and inform them of your primary domain and the addon or parked domain you want to add and confirm the account password or the last 4 of the CC. and they will be more then happy to force it on to your account.:cool:

:) Here are some helpful tips I received from BH during my transition.

1. Upload all the files for your website to the servers here and make sure they are running properly. Also set up your email accounts.

2. Change the DNS settings on your domain to ns1.bluehost.com and ns2.bluehost.com. You should be able to do this through your old hosting company if they have given you access. If they have not you can usually call them or the current registrar for the domain and have them do it for you. This change to your DNS can take 24-48 hours to propogate through the name
server system all over the world.

3. Don't cancel your old hosting for at least 2 days after updating your DNS settings.

In following this format I found that, you'll lose no customers activities on your web-site. It took nearly 3 days while the changes are taking place.

From Italy using Telcom slooooooow dailup connection.