OVH Community, your new community space.

Abuse Policy


AlbaHost
09-04-2015, 15:50
Quote Originally Posted by alvaroag
Not exactly a full reinstall, but some times they will put the server in rescue mode and tell you to solve the issue before letting you reboot the server in normal mode. Of course, when you can not determine the cause of the problem, the only option would be to reinstall the OS.

On what reffers to IRC, it is forbidden by TOS: https://www.ovh.com/us/support/terms...ted_server.pdf



Not exactly forbidden, but omr eilkely to result in a termination if used without prior consent from OVH.
Not exactly a full reinstall: But enought to lose all your data!
Not exactly forbidden: But they will sooner of later tell you to suspend them, or maybe they will give the autherization and after some time they will revoke and say you will not be authorized to run irc servers anymore. As it stated in their ToS...

alvaroag
09-04-2015, 15:12
Not exactly a full reinstall, but some times they will put the server in rescue mode and tell you to solve the issue before letting you reboot the server in normal mode. Of course, when you can not determine the cause of the problem, the only option would be to reinstall the OS.

On what reffers to IRC, it is forbidden by TOS: https://www.ovh.com/us/support/terms...ted_server.pdf

7.5 For security reasons, OVH can proceed with the immediate suspension (without notice) of any server on which would be offered paid or free public proxies, such as IRC, VPN, TOR for which OVH have knowledge of misuse, fraudulent or unlawful use.
Not exactly forbidden, but omr eilkely to result in a termination if used without prior consent from OVH.

Andy
09-04-2015, 13:10
Often they will force a full reinstall of the server even on minor issues. It's not worth the risk in my opinion and I have seen many people move away from OVH for this reason. I guess it's your choice if you can live with that on occasion vs the price being unbeatable.

Fearghal
09-04-2015, 11:24
Thanks for all the responses.

I do have anti-fraud measures in place and the order will not be accepted automatically unless the billing information they supply matches the card details.

I think from now on I will purchase OVH servers rather than SYS.

Also - I was unaware that IRC was against the AUP. I read the AUP and didnt see any mention of it on SYS. Although it is against my own AUP, can someone link to where they read this just incase I have missed anything else please?

Thanks

AlbaHost
09-04-2015, 11:09
Both of you aint to answer "how many companies over the world require scan id" Another question is, even if the client pass all those steps and his account get hacked etc so you are gona to do what? I have mentioned before there will allways be risk about hack/abuses the main purpose is to try to fix it and not to shutdown the whole server.
As per our abuse case before a month ago, which ovh failed to provide concern logs about so called abuse and told us to suspend all our irc chat clients without any reason, this is one more wothless ovh action too which it tell that ovh is not really for real business.

alvaroag
09-04-2015, 01:16
An important purpose I see for checking customer's identity is to perform a real ban. If you don't check your customer's identity, and the customers make some kind of TOS violation, you ban the customer's email address. Circumventing that ban could be as simple as creating another email, and so on. IF you check your customers' identity, you can really ban the customer, because its legal identity will not change(theorically).

Performing an automated or manual fraud check is a good alternative, depending on what tests are included.

BTW, I share Criot's criteria. If a customer doesn't wants to identify, it's more probable that customer will make a misuse of the service.

Criot
08-04-2015, 22:50
Quote Originally Posted by AlbaHost
How many companies over the world require scan id etc? Less then 20% especially mirco companies. And in many countries requesting ID scans etc it's prohibited by its law. I'll do the same thing for my security reason i will not provide my ID to some new companies or mircro companies which in couple days/month will shutdown their website/or get hacked and all my personal info (with ID) will be used for bad thing, so welcome in real world. It's understandable that we need to be carefull with such stuffs, but there will always be risk from hack/abuse etc which ovh must understand. In many companies if any ip address is in trouble they just nullroute it that ip and not stopping the whole server which is really bad at all...
If you're not willing to provide your hosting provider with legitimate information and prove that if necessary, why would you trust them with your data? A high majority of the time, customers who provide fake information have bad intentions, and therefore they shouldn't pass your fraud check systems.

We use asking for ID/Proof of address as a last resort, we very rarely do it, however, our standard automated and manual fraud checks throw out a lot of the bad clientele before they're even able to make a payment. Basic fraud checks are essential for preventing abuse, simple as.

AlbaHost
08-04-2015, 22:30
Quote Originally Posted by Criot
Who said anything about checking a customers identity 'in Google' - You can request proof of ID, or do something basic like making sure the information they provided you matches the information on their payment gateway account, eg, PayPal account. Have automated fraud checks for ensuring a client provides their real address and doesn't use false information, have manual fraud checking through something like FraudRecord.

These are basic things which most companies should be doing anyway, if you're not, you will be once you realise that these basic things can prevent you losing money to chargebacks from fraudulent customers.
How many companies over the world require scan id etc? Less then 20% especially mirco companies. And in many countries requesting ID scans etc it's prohibited by its law. I'll do the same thing for my security reason i will not provide my ID to some new companies or mircro companies which in couple days/month will shutdown their website/or get hacked and all my personal info (with ID) will be used for bad thing, so welcome in real world. It's understandable that we need to be carefull with such stuffs, but there will always be risk from hack/abuse etc which ovh must understand. In many companies if any ip address is in trouble they just nullroute it that ip and not stopping the whole server which is really bad at all...

Criot
08-04-2015, 21:59
Quote Originally Posted by AlbaHost
Your recommendations are really worthless, do you mean you will find customers identity in google assuming every hosting company have their abuse/email contact form in their website, so if someone will complain they use abuse email from IP whois which is ovh, nowhere is mentioned if the ip which you bought from ovh belong to you or not but its ovh ip which it can be find i.e whatismyip.com etc.
Who said anything about checking a customers identity 'in Google' - You can request proof of ID, or do something basic like making sure the information they provided you matches the information on their payment gateway account, eg, PayPal account. Have automated fraud checks for ensuring a client provides their real address and doesn't use false information, have manual fraud checking through something like FraudRecord.

These are basic things which most companies should be doing anyway, if you're not, you will be once you realise that these basic things can prevent you losing money to chargebacks from fraudulent customers.

AlbaHost
08-04-2015, 20:19
Quote Originally Posted by alvaroag
As Criot says, you'd better use OVH servers. SYS servers are oriented for personal use, not enterprise usage, and the technical support is better with OVH.

About the abuse policy..... For what I see on this forum, it's probable OVH will terminate a server/account with frequent abuse claims, or for not responding or taking action on one.

Some recommendations:

- It can be a good idea to check your customers identity, so you can really ban a bad customer.
- On your website, and anywhere you can, put a contact form or other means of contact so you can receive abuse complaints directly. That way, you can take action before OVH know about it.
Your recommendations are really worthless, do you mean you will find customers identity in google assuming every hosting company have their abuse/email contact form in their website, so if someone will complain they use abuse email from IP whois which is ovh, nowhere is mentioned if the ip which you bought from ovh belong to you or not but its ovh ip which it can be find i.e whatismyip.com etc.

alvaroag
08-04-2015, 20:12
As Criot says, you'd better use OVH servers. SYS servers are oriented for personal use, not enterprise usage, and the technical support is better with OVH.

About the abuse policy..... For what I see on this forum, it's probable OVH will terminate a server/account with frequent abuse claims, or for not responding or taking action on one.

Some recommendations:

- It can be a good idea to check your customers identity, so you can really ban a bad customer.
- On your website, and anywhere you can, put a contact form or other means of contact so you can receive abuse complaints directly. That way, you can take action before OVH know about it.

AlbaHost
08-04-2015, 20:00
Quote Originally Posted by Fearghal
Hi,

I am currently in the process of setting up a new VPS provider and would really like to use SYS for this as the prices are unbeatable.

Some associates have raised concerns that OVH have terminated / suspended accounts without warning due to abuse. Obviously if I am hosting multiple different clients, and one client violates the AUP, I would not be wanting all clients on that node (or worse all my servers) being shut down.

I have a very strict AUP policy, stricter than SYS so any clients violating them would be terminated by me. I'm just wondering what would happen if someone complained to OVH directly instead of me. Would OVH forward the complaint to me or would they take action against my servers thus shutting down my entire business?

Thanks
Well as i have stated in another thread OVH is not a good option to use for real business, according to our abuse thread here regarding irc complain which OVH fail to provide concern/logs that our ips was a part of this abuse( which it was not even an abuse but someone advertised his website in complainer chat server, and the complainer mentioned our ip in abuse ticket ) abuse departmend decided to stop all our clients irc chat servers otherwise they will terminate our servers. And said that OVH doesn't allow irc related services on their servers, if you check there are plenty of them which they use ovh in most cases for illegal content/botnet etc and ovh don't do anything about this. Now we are with hydra communication ltd because they use voxility ddos protection, and we are really happy with them. Btw, use ovh at your own risk

Criot
08-04-2015, 18:55
Best not to use SYS for your business but use OVH directly. I believe that they will give you time to resolve issues depending on exactly what it is, but in some cases yes they might not have a choice but to disable the whole server until its resolved. With OVH you are responsible for ensuring that all clients abide by their terms of service, so if one doesn't, it's you who is held liable by OVH.

Fearghal
08-04-2015, 17:32
Hi,

I am currently in the process of setting up a new VPS provider and would really like to use SYS for this as the prices are unbeatable.

Some associates have raised concerns that OVH have terminated / suspended accounts without warning due to abuse. Obviously if I am hosting multiple different clients, and one client violates the AUP, I would not be wanting all clients on that node (or worse all my servers) being shut down.

I have a very strict AUP policy, stricter than SYS so any clients violating them would be terminated by me. I'm just wondering what would happen if someone complained to OVH directly instead of me. Would OVH forward the complaint to me or would they take action against my servers thus shutting down my entire business?

Thanks