DO Ideas 2

Let Customers Know That You Suspend Service At the Mere Receipt of An Abuse Report

I think many customers should know that DO will shut service down at the mere receipt of an abuse report. In other words, DO does not verify if the report is true first - even for reports that would be trivial to verify. Many aspects of DO's services is great... until they shut you down... in my case in error. Upon further inquiry into the matter, it became clear that all it takes is an email to shut service down for a DO customer - they do not verify reports. I think this policy should be communicated to customers - since it is not in the DO Terms/AUP. Had I known this, I would not have signed up for DO service - I think it is misleading of DO to not let customers know of this policy.

You may like DO service, just as I used to, but keep in mind that all it takes is an email claiming you are hosting something bad and your server instances will be powered down - they do NOT even verify if your server are in fact hosting what was reported (that's right - they do not even load the URL).

They should let their customers know this could happen to the,

  • Michael
  • Sep 11 2018
  • Shipped
  • Attach files
  • Anonymous commented
    September 11, 2018 18:22

    I can relate with your situation. Unfortunately, many host-oriented bloggers don't see the other side of the argument.

    A customer sb56637 signs up for a cloud vps account (may be cheap but not free). No matter what the provider's TOS says, they should never shut people down without notice. We're talking about human courtesy here. What if SB had thousands of eager/angry users unable to tolerate the downtime? Now, this defeats the advantage of cloud hosting (vs traditional shared hosting) and SB is not the only one who's been a victim to this.

    I looked into my little crystal ball and I can see - DigitalOcean is a re-incarnation of iPowerWeb in the cloud hosting era. At first, it's awesome, good technology and customer service at low/affordable price, then customers come flocking in, then it's no longer about customer satisfaction anymore, but just business and money making. And then, BOOM! everyone is screwed!

    My advice to anyone out there who so much as considers DO, it's only suitable for personal blogs. Don't try to host your customers, social network, or site with members, otherwise you're in for a big disappointment.

    I pulled this out from their TOS and it's scary, especially when you combine it with their Privacy Policy (You cannot hold these guys accountable for anything, no matter how they chose to screw you with or without reasons):

    This Chinese-Adopted Sheddy Style of Doing Business is one reason I say: No, thanks, I'll stick with my arcade hosting plans.

    12. Termination and Access

    12.1 DigitalOcean reserves the right, in our sole discretion, to terminate your access to all or any part of the Services at any time, with or without notice, effective immediately, including but not limited to as a result of your violation of any of these Terms of Service or any law, or if you misuse system resources, such as, by employing programs that consume excessive network capacity, CPU cycles, or disk IO. Any such termination may result in the forfeiture and destruction of information associated with your Account. DigitalOcean may provide prior notice of the intent to terminate Services to you if such notice will not, in DigitalOcean's discretion, run counter to the intents and purposes of these Terms of Service. Any fees paid hereunder are non-refundable and any fees owed to DigitalOcean before such termination shall be immediately due and payable, including any liabilities that may have been incurred prior to termination such as DigitalOcean’s costs for collection (including attorneys’ fees) of any such charges or other liabilities. Upon termination, any and all rights granted to Subscriber by this Agreement will immediately be terminated, and Subscriber shall promptly discontinue all use of the Services. If you wish to terminate your Account, you may do so by following the instructions on the Website or through the Services. All provisions of these Terms of Service which by their nature should survive termination shall survive termination, including, without limitation, licenses of User Content, ownership provisions, warranty disclaimers, indemnity and limitations of liability.

    7. Limitation of Liability

    7.1 IN NO EVENT SHALL WE, NOR OUR DIRECTORS, EMPLOYEES, AGENTS, PARTNERS, SUPPLIERS OR CONTENT PROVIDERS, BE LIABLE UNDER CONTRACT, TORT, STRICT LIABILITY, NEGLIGENCE OR ANY OTHER LEGAL OR EQUITABLE THEORY WITH RESPECT TO THE SERVICES (I) FOR ANY LOST PROFITS, DATA LOSS, COST OF PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES, OR SPECIAL, INDIRECT, INCIDENTAL, PUNITIVE, COMPENSATORY OR CONSEQUENTIAL DAMAGES OF ANY KIND WHATSOEVER, SUBSTITUTE GOODS OR SERVICES (HOWEVER ARISING), (II) FOR ANY BUGS, VIRUSES, TROJAN HORSES, OR THE LIKE (REGARDLESS OF THE SOURCE OF ORIGINATION), OR (III) FOR ANY DIRECT DAMAGES IN EXCESS OF (IN THE AGGREGATE) OF FEES PAID TO US FOR THE PARTICULAR SERVICES DURING THE IMMEDIATELY PREVIOUS ONE MONTH PERIOD, EVEN IF DIGITALOCEAN HAD BEEN ADVISED OF, KNEW, OR SHOULD HAVE KNOWN, OF THE POSSIBILITY THEREOF. SUBSCRIBER ACKNOWLEDGES THAT THE FEES PAID BY HIM OR HER REFLECT THE ALLOCATION OF RISK SET FORTH IN THIS AGREEMENT AND THAT DIGITALOCEAN WOULD NOT ENTER INTO THIS AGREEMENT WITHOUT THESE LIMITATIONS. SUBSCRIBER HEREBY WAIVES ANY AND ALL CLAIMS AGAINST DIGITALOCEAN ARISING OUT OF SUBSCRIBER'S PURCHASE OR USE OF THE SERVICES, OR ANY CONDUCT OF DIGITALOCEAN’S DIRECTORS, OFFICERS, EMPLOYEES, AGENTS OR REPRESENTATIVES. YOUR SOLE AND EXCLUSIVE RIGHT AND REMEDY IN CASE OF DISSATISFACTION WITH THE SERVICES OR ANY OTHER GRIEVANCE SHALL BE YOUR TERMINATION AND DISCONTINUATION OF ACCESS TO OR USE OF THE SERVICES.

  • Ashton commented
    September 11, 2018 18:22

    Just wanted to let people hear another side of this. I obviously can't speak to issues that other people have had, but I can speak to the experience that I just had which completely contradicts the above reports.

    Today I submitted an abuse report regarding a Digital Ocean IP address that was attacking our server. DO responded and asked that I send them two log files from the attack to confirm before they took action, which is exactly what they should do. After reviewing and confirming the log files, they disabled the user's network access to halt the attack, and notified them so that they could correct the issue.

    I am very happy with how they responded, and believe that it serves both their clients and victims of attacks very well.

  • Tien commented
    September 11, 2018 18:22

    It's very easy to kill a website on Digital Ocean hosting:
    1. Invite 5 friends to send email to: abuse@digitalocean.com
    2. Send each email per 30 mins. Do this in a day and enjoy the dead of your enemy site :D

  • EMolinare commented
    September 11, 2018 18:22

    DO should ABSOLUTELY allow customers a 48 hours window to file a counter-notice.
    Everyone does this (RackSpace, SingleHop, etc.).
    Knowing this, I would probably never moved my server here. Damn.

  • Michael commented
    September 11, 2018 18:22

    You also have to put yourself in DO's shoes too though. I help run an abuse desk at http://www.namesilo.com so I am somewhat familiar with what can go on there. You have people using fraudulent cards, people hacking accounts, people hacking servers, etc. - so DO is constantly in the position of "is this account fraudulent"? "is this even the real customer who has contacted us"? etc. It can be a lot of work... and keep in mind (we are a low cost provider too) that DO does not make much money on $5 servers - it costs time/money to investigate abuse complaints... so the economic incentive exists to just shut it down and send an email on receiving abuse complaints for accounts without "history" - to what extent this is actually acted upon by DO is up for debate - I am sure they will say it is not often (its 100% in mine). That being said, after corresponding with DO - I find that they are reasonable people. I like the fact that they take abuse very seriously... even if their policies on alerting customers are flawed.

    Drawing from my experience in offering digital services with fairly low margin (probably lower than DO's) coupled with responding to abuse of those services - I would offer the following advice: 1) please be transparent (the goal of this thread to begin with) - let customers know in your TOS that there is some period of service each account must have before they have "history" and that before your account has history, you run the risk of being shutdown without notice if DO receives an abuse complaint - customers should at least have the chance to know these risks before signing up 2) offer some standardized means to perhaps allow accounts to speed up getting history (kind of like a "verified" paypal account) to allow customers for whom that risk is too large to still work with DO 3) setup a system that can text customers (they can store their cell number in the account profile) because if my account has an abuse complaint, email is too slow... I want to be texted... in triplicate... so I can get on top of that right away 4) let customers know that you will try to give them X hours notice after their account has history if they get an abuse complaint (our NS TOS tells customers that we will try to give them 72 hours notice upon receiving a valid abuse complaint) and 5) realize that to some extent, the customer of your customer is your customer... often the case with hosting - it wasn't me that set up the 301 redirect... it was a customer of ours... and that customer, when contacted had no idea about the iframe js exploit being distributed via the ad network (its possible even the ad network didn't know) - he removed the ads when he found out - I point this out simply to illustrate the importance of getting some notice of a problem, DO customers, upon getting notice, have to then notify our customers.. and so on - it takes time... which requires reasonable notice.

  • Michael commented
    September 11, 2018 18:22

    I thought I would chime back in on this thread since I was the one who started it. After begging/pleading/explaining/etc. with DO on the issue that sparked this whole thread, they have marked my account as one which should be contacted/alerted of an abuse report BEFORE shutting the server down. So it is possible to get notice... but that is not the default state of accounts from what I can tell. The default for accounts is that if DO receives an abuse complaint that your server will be powered down (unless you have "history" with DO - which I believe means you have been a customer for a long time). Therefore, my advice is to open a support ticket and explain your business, what your servers are used for, give DO your phone number, your important email address that you check often, etc. - and politely ask that you get notice of an abuse complaint before shutting down the server (they can do this) because, by default, they have accounts on pretty much a hair trigger to shutdown servers.... until your account has "history".

    By way of more details on the specific events that resulted in this incident (so that you can compare your situation to mine to weigh in on the risk this policy might pose to you), my affected DO server was serving a http 301 redirect to a customer's site on blogger. The blogger site issued another redirect to different sites, and one of those those sites used an ad network that served up an ad that was an iframe exploit (trying to exploit browsers). So there was a valid abuse concern (active browser exploit); but keep in mind that my customer had my server at DO only issue a single 301 redirect, to a site that redirected to another site, that had some JS that loaded an ad from an ad network that sometimes loaded an iframe exploit - which in my mind is a pretty large degree of separation from DO (I had to reload the site like 30 times in google chrome to get the malware warning). The entity that reported the abuse to DO is some scanning service "CleanMX" which uses a 3rd party to do automated URL scanning (VirusTotal) - so basically there is some automated scanning bot which follows URL redirects that if they find a virus/exploit/something-bad that is even related to your DO server in some way (does not have to be hosted by your DO server - i.e. 2 redirects back), they send an email to DO abuse, and if your account does not have "history", DO pulls the plug... and then emails you.

  • Moisey Uretsky commented
    September 11, 2018 18:22

    Hi Guys,

    If anyone has had an issue where they feel that their account was suspended from a single abuse complaint please email me directly : moisey @ DO dot com.

    I've looked up the user who opened this request and did not find an account so I can not review what happened with this account, nor would that be appropriate to be discussed in a public channel such as UserVoice nor do we reveal customer information as dictated by our Privacy Policy.

    We do power off a server in specific cases such as where continued and prolonged activity of leaving the server online will be determintal to other customers.

    Such as the cases of UDP flooding, we will not leave a server online if we have detected that there is an outbound UDP flood.

    We do not suspend accounts from a single abuse complaint, and if anyone feels that they have had this happen to their account I would ask you to please contact me directly so I can resolve this.

    If anyone would like more clarity on our official policies please let me know.

    Thanks,
    Moisey

  • Jean-Philippe Ansel commented
    September 11, 2018 18:22

    Unfortunally it looks like DO is not meant to be used as a production environment.

  • Dominic Watson commented
    September 11, 2018 18:22

    This scares me a little. If I have a production environment running and some unhappy customer of mine reports me, will everything go offline?

    What kind of reporting are we talking about, so I can better protect myself in case something like this happens?

  • michael commented
    September 11, 2018 18:22

    "However please note that we do not "suspend" or "terminate" an account for a simple abuse complaint the most immediate action that can be taken is that a server maybe powered off and the account locked until we can establish a channel of communication."

    wat? oh good, you don't suspend or terminate an account on an abuse complaint, you just power off and lock. good to know.

  • Jean-Philippe Ansel commented
    September 11, 2018 18:22

    Knowing that you can power off the server and lock the account before contacting the customer is, in my opinion, a deal breaker.

    It means that we should never use our droplets for anything serious other than development.

    We should never host any serious customers, serious web stores, and any customers at all on a droplet.

    And we should backup our data on external servers instead of using DO's backup feature.

  • Mattias commented
    September 11, 2018 18:22

    I absolutely agree with Tuan, you could pass the abuse notice to the customer, leave 48 hour timeframe to fix the problem and leave an answer. Then the reporter could accept the fix or report the problem again. And then the problem would reach your staff who needs to take some action. You could call this just your "policy".

  • Moisey Uretsky commented
    September 11, 2018 18:22

    Unfortunately running a public cloud means dealing with a lot of potential abuse and we do our best to ensure that we stay on top of all abuse complaints and forward those over to the user.

    This becomes tricky when there is a new customer and we do not have enough of an account profile to distinguish if they are a legitimate customer and just got into a simple erroneous situation or if in fact it is something systematic and in need of more direct action.

    Given that there are abuse complaints that are for everything from SPAM, to botnets, to UDP floods, to DMCA/Copyright complaints and so forth we do our best to process these issues.

    Please note that we do all abuse processing manually meaning it is always reviewed by a member of our technical support staff and not just passed off to an automated backend.

    This is done because a level of human interaction helps to determine the legitimacy of an account, however, unfortunately it is not fool proof and occasionally an assessment of the level of action that is necessary can be harsher than perhaps warranted.

    However please note that we do not "suspend" or "terminate" an account for a simple abuse complaint the most immediate action that can be taken is that a server maybe powered off and the account locked until we can establish a channel of communication.

    If there is anymore clarification that I can provide please let us know.

    Thanks!

  • Salvatore commented
    September 11, 2018 18:22

    Some sites allow user uploads. When a site is really big you can't check each file being uploaded. So, if an abuse report comes, user should be notified, so that he can delete the file or backup the data and leave. But suspending the account immediately is not acceptable.

  • Harlock commented
    September 11, 2018 18:22

    This says a lot about the company, they need to take better care of the abuse reports and how they handle them!.

  • Razvan commented
    September 11, 2018 18:22

    did they at least save and give access to your data?

  • Tuan Anh Tran commented
    September 11, 2018 18:22

    DO should allow customers at least 48 hours to file a counter-notice.