How do you actually prevent your account get banned / null routed by the upstream ?
Disclaimer : I saw the maxKVM saga.
Few years ago, I offer cpanel webshoting. A lot of people abused the service, most like, it's not their intention. Most of the time, their site get hacked.
The thing is most of the time, upstream just straight up null routed your server after you take care of your shit. Which means downtime for your other customer. Multiple offense, perma ban for you.
Which is why right now , I only offer managed hosting, where I take care of my customer shit. So I got no one to blame except me if something goes wrong. I still offer shared hosting for few client I know.
So, how exactly a shared hosting provider works ? How to they handle malicious client with ill intent ? Let's say there are 50 malicious client signup your service, sending spam, and create phising websites and shady stuff. Don't you as the provider get the ban hammer from your upstream ?
Comments
Simple really. Respond to complaints. Do your part as a customer.
It's extremely important to know that the world does not revolve around you. They don't care what you host. They are not gonna take a peep. As long as you do your part, they won't bother you. - Which is why I don't waste money on VPN.
MackVKM saga ain't really a saga. They blatantly, repeatedly, ignored warnings and literally asked their customers to doax their upstream provider in the unholy name of "Free speech" without actually providing any sort of context.
That is a kid's move.
If you let 50 spammers sign up, you deserve to be gone. That's my take on it.
♻ Amitz day is October 21.
♻ Join Nigh sect by adopting my avatar. Let us spread the joys of the end.
For shared hosting, it is harder to prevent issues as you are usually sharing one single IP. The first line of defense would be screening your customers and making sure that you secure your system in order to avoid abuse (for example, using a mail relay so you don't get in trouble for spam). You also need to make sure that if you do receive complaints, you respond in a timely manner, but it depends who your upstream is and how lenient they are, as some will just nullroute you until you fix it.
Also, I've never had an issue with shared hosting, but VPS seems to attract more reports. We've had individual IPs nullrouted for DDoS attacks and the like.
As always the solution is surprisingly simple. Talk to your upstreams:
I figured this stuff was common sense...
★ MyRoot.PW ★ Dedicated Servers ★ LIR-Services ★ Web-Hosting ★
★ Locations: Austria + Netherlands + USA ★ [email protected] ★
Relating to the saga, one of my concerns as a provider is having all eggs in one basket. Yes, you can set extremely strict anti fraud barriers and I think BuyVM is a good example of this. They can be very strict with their policies, but always reasonable. But even then, I’m sure you’ll still get a few bad apples on the network, hence spread your eggs, ideally have a backup infrastructure to switch to (at least another IP pool) if shit hits the fan and as others mention be responsive to reports, be honest, polite, sincere. If you really want the provider to know you’re sorry for the oversight and want to improve things you can always ask them about their own procedures or advice to prevent that specific report category from happening again. (Obviously don’t ask them to revamp your procedures for a $2/ye service).
Michael
You cannot expect budget providers to have a backup plan.
♻ Amitz day is October 21.
♻ Join Nigh sect by adopting my avatar. Let us spread the joys of the end.
You can’t, and I didn’t live up to my own standard either. But to be a reliable provider..
Michael
What hosts need to do more is add a button called "disaster recovery plan" to their CP that does absolutely nothing.
♻ Amitz day is October 21.
♻ Join Nigh sect by adopting my avatar. Let us spread the joys of the end.
I'll leave you with this - this is more than just an upstream issue.
Nothing stops google from disabling your business or account. Every software provider you use can terminate you at any time.
I've had a big software company accidentally lock my entire development team 2 hours before a deadline because some sales guy checked the wrong box and flagged us as breaking a ToS.
The only way to stop any of that is to self host, and run your own actual servers. Remove every penny pinching middle manager and try to go as direct as you can. You should, at the end of the day, terminate at the DC. And your main goal should be to break free and get your own DC. That's the only way to stop someone from removing you from existence at the click of a button.
Also, I've heard of shady upstream providers do that (find any reason to close a growing provider under a ToS) just to poach their users. And we see that all the time in the software industry with providers, even publishers and financers... Always be cautious and prepare a plan B.
XR Developer | https://redironlabs.com
Also the way to prevent it is to have a good established relationship with your DC or upstream provider. React within guidelines. Any surprise is a bad surprise - so let them know in advance and make them feel like they are part of the solution so they will defend you should something happen.
XR Developer | https://redironlabs.com
I own my own network, including Core-Routers. i have x-connects to other DCs.
I can spin up other upstreams if one Upstream isnt fine.
Even some servers seized here and there in recent years.
Contact of Verfassungsschutz, LKA, BKA, German/Dutch Police, or whatever happened in last years.
Once we where ordered by court to give out SSDs of some Dedi, so we copied them Live with their allowance. The Server contiunes to operate even today.
I dont get nulled. And wont.
Authorities know where they can reach me.
My Upstreams know where they can reach me. Even its rare that someone complaining contacts upstreams.
Also upstreams dont just shutdown you :-)
If you dont have own Network and all, its different case. MaxKVM does use Hivelocity network. And we do not know what happened bethind the scenes between MaxKVM and Hivelocity and how strict they (Hivelocity) are.
I would prefar to hear full story.
The whole thing sounds fishy to me yet.