Please forgive me while I rant, but the Internet Troll inside of me is starting to leak out. It happens to the best of us.

So, I have been using Rackspace Cloud Sites for about a year now and there are a few things grating on my nerves about this service. We use it as a hosting solution for our customers. Before I begin explaining what is wrong, let me explain what is right.

It is (for the most part) really simple to use. You can easily create a new site with custom plans in just minutes. Everything is white label, including their billing integration and customer support. You pay a monthly fee for a certain amount of Bandwidth, Disk Space, and Compute cycles. You are able to break it up as many different ways as you want and offer your customers plans based on packages. It is really quite simple and really great for hosting small to medium sized business websites.

One of the greatest things about Cloud Sites and Rackspace in general is their support. They have GREAT customer support reps ( GREAT = really friendly). They also have multiple ways to reach their support, like live chat, phone, tickets, email, etc.

These aspects of Rackspace is why I continue to do business with them. Unfortunately, there are other issues that I have with Cloud Sites that frustrate me to no end. Here they are…

1) Cloud Sites does not support SSH. This is a HUGE let down in my opinion. In fact, it was number one on my list as to why we should not go with Rackspace. Luckily for Rackspace, the other pros outweighed this con. However, the cons are starting to pile up. SSH is majorily important for a SysAdmin, especially if you need to do complicated thing to files. Just about every shared hosting provider offers SSH access for Linux servers. Rackspace’s knowledge base claims, “Shell access (Also commonly known as SSH access) is not offered on Cloud Sites based primarily for security reasons.”

Really? What are the security reasons? Why do you allow FTP access (one of the most insecure protocols) but do not allow SSH (a secure encrypted protocol)?

2) Limited Special Characters in passwords. A few months ago, Rackspace Cloud Sites introduced new security measures to prevent unauthorized access to their systems, namely, a “security question”. Yet they do not allow special characters in their passwords and they do not allow Secure Shell (SSH)! What really got me, was that we use Rackspace Cloud Sites for business purposes, so we share a username/password for the business. A “security question” hardly applies to us, so we had to pick a generic question/answer that everyone in our company knew. Regardless, not allowing special characters in a password is not just a problem with Rackspace Cloud Sites… they have a number of systems that do not allow special characters in their passwords. Adding special characters to your password, as well as the length of your password, greatly increases the security of your password. Basically it should be long enough and random enough to be unbreakable. The fact that Rackspace does not allow all Special Characters to be used for a password is very concerning to me.

Now, for the straw that broke the camel’s back.

3) Rackspace Cloud Site’s implementation of SSL is not well thought out, at all. We recently had a client who needed an SSL Certificate installed on their site. Rackspace charges an additional 20$/mo extra to enable SSL on a Cloud Site account. That is not a huge deal, and somewhat understandable, since most SSL Certs require a static IP associated with the domain name. Instead of a shared IP address, which is quite common (and cheaper) for web hosting.

We enabled SSL on our account and tried enabling the SSL Cert on the account. This is where things get hairy, really really hairy!

First, if you are using a shared IP address, it must be changed to a static IP address once you enable SSL for a specific site. I know this, this isn’t the problem. The problem is, Rackspace doesn’t change the IP address to a static address until you actually upload an SSL cert! NOT when you enable SSL for the site.

At first, this did not seem like a big deal… however, we had a small issue… let’s chase this rabbit for a while. Our client already had an existing SSL certificate, so we just need to copy it over. The SSL interface for Rackspace has two fields you can fill in, the Certificate and the Key. However, they have the Key field set to “readonly=true” via HTML. This wasn’t a problem for me, because I used firebug to remove that restriction and was able to upload the customers current Cert and Key without a problem. (by the way, the fact I could do this is just insane – the fact that they try to prevent people from doing this is even worse).

Ok, great, we have the cert installed but the cert was about to expire, so we needed to update the cert a short while after installing it. I went in to the back end to see about updating the cert and noticed there was no way to get the current CSR. I decided to wait until it expired, removed the current cert, get the CSR and generate a new cert. Sounds like a half-way decent plan? Nope, not with Rackspace Cloud Sites.

You see, because the IP address is tied to whether or not the site has a cert installed, when I removed the cert they automatically changed the IP of the site to a shared hosting IP. Essentially taking down the site for 2 hours! What’s worse, when I added the new cert back into the site we got a completely different IP from the one we had previously. This is completely nonsensical!

I wrote a ticket to their tech support services about this issue. They replied “I apologize for the inconvenience, when is time to renew the SSL cert we usually recommend that you let us know about it so that we can update the certificate from our end . . . . If the certificate is removed then the IP will change.”

Brilliant.

Rackspace, you really need to fix these things… I am not sure how long I can live without secure shell access, secure passwords, or an SSL system that works properly. Sorry for being a troll…

I apologize for the inconvenience, when is time to renew the SSL cert we usually recommend that you let us know about it so that we can update the certificate from our end, looks like your SSL IP is 98.129.227.192 If the certificate is removed then the IP will change.