Skip to main content

Are you living in a bubble?

I've been trying to extract a domain from Namespro, a registrar. After (I hope) springing it from them, I gave them a little honest feedback. I'll provide their answer here verbatim, enough said. Okay, almost enough: I want to note that, considering the spelling mistakes, the support person who wrote this probably believed it. And for reference: my favourite registrar (hover.com) provides users the ability to generate auth codes themselves, not to have to search badly worded help systems to find the right invocation. In this case, it required a request via a hidden form, and a simple email request was ignored. After the invocation, they came back with an "are you really, really sure" reply to the ticket, which it took me a few days to notice as well. They provide no phone number to actually talk to a support person. In other words, unless you really know what you're doing and have a lot of patience, the chance of getting your domain out of Namespro is pretty slim.

Me:

If you really want an honest answer to your question: it's because of your policy of making it so hard to transfer anything our of your system. You appear to deliberately obscure the process of moving services out of your clutches. I'm not interested in doing business with a company that I don't trust to be upfront and honest.

Them:

Thank you for your reply and comment. The process of getting an Auth Code is not made public is because very few Namespro.ca users transfer out from Namespro.ca to another registrar to being with.

That being said, we have forwarded our suggestion to our management team for further review.

Popular posts from this blog

Confused by online payment processing? You're not alone.

In the old days during "polite" conversation, it was considered rude to talk about sex, politics, religion and money. You might think we're done with taboos, we're not (and I'll leave Steven Pinker to make the general argument about that, as he does so well in The Better Angels of Our Nature).

The taboo I'm wrestling with is about money - not how much you make, but about online payment processing, how it works, and what it costs. In this case, I think the taboo exists mainly because of the stakes at hand (i.e. lots of money) and the fact that most of those who are involved don't get much out of explaining how it really works - i.e. the more nuanced communications are overwhelmed by sales-driven messaging, and the nuanced stuff is either proprietary secrets or likely to get slapped down by the sales department.

In other words, if you want to really understand about online payment processing because you want to decide between one system and another, you'…

IATS and CiviCRM

Update, Nov 2009: I've just discovered and fixed a bug I introduced in the 2.2 branch for the IATS plugin. The bug was introduced when i updated the API files from IATS and failed to notice that the legacy method for C$ one-time donations was no longer supported.
If you're using a version greater than or equal to 2.2.7, and are using IATS for C$, non-recurring donations, then you're affected.
To fix it edit the file : CRM/Core/Payment/IATS.php, and remove the line that looks like this:

$canDollar = ($params['currencyID'] == 'CAD'); //define currency type The full fix removes a conditional branch based on that value a little further on, but by removing this line, it'll never actually use that branch. Drop me a line if you have any questions.
Update, May 2009: This post is still getting quite a bit of traffic, which is great. Here are a few important things to note:
The IATS plugin code is in CiviCRM, you don't need to add any code.You do still …

Me and varnish win against a DDOS attack.

This past month one of my servers experienced her first DDOS - a distributed denial of service attack. A denial of service attack (or DOS) just means an attempt to shut down an internet-based service by overwhelming it with requests. A simple DOS attack is usually relatively easy to deal with using the standard linux firewall called iptables.  The way iptables works is by filtering the traffic based on the incoming request source (i.e., the IP of the attacking machine). The attacking machine's IP can be added into your custom ip tables 'blacklist' to block all traffic from it, and it's quite scalable so the only thing that can be overwhelmed is your actual internet connection, which is hard to do.

The reason a distributed DOS is harder is because the attack is distributed from multiple machines. I first noticed an increase in my traffic about a day after it had started - it wasn't slowing down my machine, but it did show up as a spike in traffic. I quickly saw that…