Years ago I read a book by our own @KuJoe (proprietor of SecureDragon) in which he discussed the finer points of running a hosting company. One of the things he mentioned was scanning user files, and I think he may have shared some scripts.
This was within a decade of the breakout of Napster, and providers were a little on-edge about people having .mp3 files in their public_html directories. Of course, there are plenty of legitimate cases where someone might be serving up mp3s, but if a provider saw some named “Famous Band – Popular Song.mp3”, they’d throw a flag.
So far, so good. After all, these files are publicly hosted, so the user has an expectation that the public will see everything in that directory. To use a U.S. legal phrase, there’s no “expectation of privacy” when you put something on a public-facing webserver.
Provides also sometimes scan for .tar.gz files or .zip files which are clearly backups. Particularly if they are offering unlimited disk space. I remember Dreamhost, who offers unlimited disk, having a policy that said that anything you host had to be for the purpose of offering it to the public as part of a normal web surfing experience. What they’re trying to avoid is someone signing up for a $7.99/month hosting account, and then uploading terabytes of personal backups behind a password wall. That’s storing backups, not hosting web files, and is a violation of the provider’s TOS.
And Then Came the 500GB of Porn
Recently, a LowEndTalk user, @bdspice, shared a tale on LowEndTalk:
last month i got notification that i won 500gb FTP storage from CharityHost_org.
I though i can store some personal data and clear some space on my storage server. so i transferred 500gb pron to keep it as a cold storage. after one month, i got an email from CharityHost that my server is suspended due to AUP violation.
I won’t get into the ethics of (a) consuming porn, or (b) downloading 500GB of it, which is impossible without copyright violations. Rather, the community’s concern was around CharityHost scanning people’s directories.
In the above situations where providers were scanning for mp3s and backups, they were scanning public files. Now imagine Google Drive scanned content hosted on your account for copyright claims. See the difference?
CharityHost’s AUP does prohibit porn, but the community erupted in furor that CH was scanning something on private FTP space. Of course, FTP can be made public (anonymous FTP, or by creating and sharing accounts). In this case, @bdspice stated he was not sharing the data, only using this FTP space as a private backup.
I can almost guarantee what happened was that CH was scanning for common porn-related words, to enforce their AUP. However, instead of limiting the scans to a public_html (or whatever hosting directory they use), they scanned the entire account.
It’s a bit of a grey zone, because CH doesn’t know if the FTP space is truly private, and even if it is, @bdspice could turn it into a multi-user share at any time.
Still, the community didn’t like it. It’s a spicy read.
Related Posts:
The Uncharitable Website About Charity Host: The Scandal Escalates
Want to Know the REAL Low-Down on LowEnd Hosts? Some Examples
It's the Season of Giving and CharityHost Has Deals for You!
Charity Host Ain't Just For Charities: 3GB RAM for $3.50/Month in Houston, TX!
CharityHost: Not Just for Charities! Great Deals on VPS and Shared Hosting Service in Texas!
Friday Was National Popcorn Day and We Had Some Drama
Raindog308 is a longtime LowEndTalk community administrator, technical writer, and self-described techno polymath. With deep roots in the *nix world, he has a passion for systems both modern and vintage, ranging from Unix, Perl, Python, and Golang to shell scripting and mainframe-era operating systems like MVS. He’s equally comfortable with relational database systems, having spent years working with Oracle, PostgreSQL, and MySQL.
As an avid user of LowEndBox providers, Raindog runs an empire of LEBs, from tiny boxes for VPNs, to mid-sized instances for application hosting, and heavyweight servers for data storage and complex databases. He brings both technical rigor and real-world experience to every piece he writes.
Beyond the command line, Raindog is a lover of German Shepherds, high-quality knives, target shooting, theology, tabletop RPGs, and hiking in deep, quiet forests.
His goal with every article is to help users, from beginners to seasoned sysadmins, get more value, performance, and enjoyment out of their infrastructure.
You can find him daily in the forums at LowEndTalk under the handle @raindog308.
Well in fact this is not true. The porn was in public_html so you have the facts wrong.
You sit on a throne of lies CharityHost.
Prove it, because you cannot, simply because you are lying.
This here Raindog308 is not factual.
“CharityHost’s AUP does prohibit porn, but the community erupted in furor that CH was scanning something on private FTP space. Of course, FTP can be made public (anonymous FTP, or by creating and sharing accounts). In this case, @bdspice stated he was not sharing the data, only using this FTP space as a private backup.
I can almost guarantee what happened was that CH was scanning for common porn-related words, to enforce their AUP. However, instead of limiting the scans to a public_html (or whatever hosting directory they use), they scanned the entire account.
It’s a bit of a grey zone, because CH doesn’t know if the FTP space is truly private, and even if it is, @bdspice could turn it into a multi-user share at any time.”
The FTP Accounts on our hosting have a public_html folder that is like any vhost www docroot. Except it is for static assets like html, js, css, images, videos etc. No php or mysql or db enabled. Like a content distribution site.
@bdspice may have added the content he uploaded into public_html perhaps unknowingly that it was a docroot, although we make it clear it is public www docroot vhost.
That was not the end of it when we suspended and reverted the AUP violation fine., we asked the customer to complete his complaint with a commment on his complaint that the issue was resolve amicably after all. This customer was very demeaning and belittling to staff in private support tickets and public forum at LET. That is an AUP violation as well for us. You can complain all you want, but the boundary is crossed when directing clear foul insults.
You have troll attacks problems on LET. Foul insults, and all that, that’s trolling. You have a serious problem moderating Trolling on LET. Please get a handle of that on LET.