New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Not sure why people are surprised, they're called the Abuse Department, it's what they do.
It’s the same complaints about any busy abuse department at any large, affordable provider really. They all make mistakes. People also lie to try to social engineer results, and others accuse them of being wrong because they don’t know how to manage their compromised servers. There’s room for all of it, but the important thing to note is that the end user will present all of the above as the first case.
I’m using hetzner for 6 years now, and yes if you ignore notifications for months don’t expect your service to stay running, I got a lot of abuse reports and to be honest all of them were mistakes by the costumers or clients vps in my servers and they were all solved, hetzner will wait for you to explain what happened without taking a hard action but ignoring the abuse ticket will for sure case a problem and lead hetzner to false positive the ignored reports.
You have to check your email frequently for services notifications abuse tickets support tickets , black list etc, I don’t know why someone would ignore such emails.
I don't get it, why do some people get like @jorbox normal behaviour from them while others like me included get kicked by them even though I did react to abuse in under a hour. I mean if all would be to stupid to handle abuse that got kicked by hetzner they would have problems at other hosts too, but I don't and others are happy with the abuse handling of others hosts too?
What makes some people special in hetzners eyes so they get a fuck you treatment from them?
Have you read what we're complaining about?
Did I say that I'm against abuses or not taking action at all?
Let's just forgot what has been written here and I'll just give you an example of what we're complaining about.
There are a lot of penguins in Antarctica and sometimes they decide to ruin your business/servers just for some fun.
Those penguins write to Hetzner, saying that server IP stole their ice.
Hetzner abuse department takes each and every abuse message too strictly and forwards it to the owner of the server.
Asking Hetzner for the explanation that this abuse isn't related to your server doesn't help at all and they'll just ask you kindly "FIX IT".
Basically, you're writing that it has been fixed and hoping those penguins won't write it again otherwise you'd kicked up soon.
Hetzner doesn't give a shit about the content of the abuse message. Even if it's from penguins who wrote about some ice and not taking into account that those penguins don't have internet access lol.
I can accept if something "bad" was done from my server and ready to fix it but there are times that the abuse message is really fake or not related to the server itself at all.
Other providers won't even forward that fake abuse message and will just laugh at it.
Having One Question , we have to respond their mails time to time to avoid IP blocking ? is it?
Sir i haven't ignored any email for months.
I recieved an email blacklist abuse, i immediately taken action and sent an delist request to SORBS
I haven't replied anything to that because i thought it is a common email like Postmaster emails
After 4 Days, We received an email from Hetzner , hetzner said " we will manually check ".
I replied them that we already had reported to SORBS 4 days ago.
And after 1 hour, my IP got locked.
That is the issue, they shouldn't lock IP on just an blacklist. They should read reply first.
and after listing, they're strict like a devil teacher "ISSUE MUST BE FIXED FIRST" like we're a magician, we click and issue will be fixed -_-
You have to always respond to their forwarded abuse mails to avoid blocking
Well, I can even expand on this because the situation is even more complex. With regards to security I deal with app security mostly and because our company develops enterprise applications we also carry out outside testing with the use of 3rd party security companies (solid names)
What I have learned over the years is that once something is:
there will be always new vulnerabilities found in that third test.
So it's not only the knowledge or ignorance of average hosters that's the problem. And I mean for example our pro security tests can cost us far more then than development of small projects would for most. The nasty truth is that securing anything more than a very basic server is rather undoable for an average well skilled hoster - even if they try honestly. Of course I don't mean stuff like lack of 2fa, key-based authentication, closing down the ports - this would be pure ignorance indeed.
I believe that most environments don't get hacked not because they are well secured, but because they haven't been identified as a worthy target, yet. (But hey, I can be wrong
)
Sir, hosting personal projects and selling hosting are different.
If you're hosting personal website/project then you know what you're hosting.
But if you're selling hosting then you can't be able to check what your clients are hosting because there are thousands of websites hosted on our server and it's impossible to check every website every time.
We're using cPanel control panel, CLoudLinux OS, LiteSpeed webserver, CSF FIrewall, Imunify360, Outgoing Spam Monitor ( OSM ).
But these doesn't tell us what type of website our clients are hosting.
suppose, one of our client hosted a fraud website and we dont know. in case if someone reported to hetzner then we will be in big trouble because hetzner doesn't give more time to remove the account and in some cases maybe they will directly lock the IP
Some providers try to make good communication and business relationships between clients but Hetzner doesn't try to make any business relationship between clients, they're like :
If you like you can take server otherwise go anywhere else, if abuse report comes you will be kicked out.
Means they do not respect client, we thought to make a good business with datacenter but Hetzner doesn't care about their client's business. It seems hetzner want comfort like they do not have to face any problem and people give them money. They do not want any type of headache, any type of risk they just want money and if someone gives them headache they will kick you even you're paying them thousand euros like hetzner is in a relationship with comfort. Atleast care about your client's business.
I think it depends on the relationship between you and the company, if you have a good repetition they will help you.
The problem is that you replayed to SORBS and ignored hetzner for 4 days 😬
They can kick us in seconds, they can ignore our business , we're working with hetzner from more than 2 years and they ignore us , they don't care our business, and if we forget to reply then they lock our IP WOW i appreciate, also blocking IP exposes that they don't care about their data. OVH data lost due to burning, hetzner data will loss due to ignoring
You are working with Hetzner for more than 2 years still creating those silly threads? I highly doubt that.
What's wrong in that? a person who's working with Hetzner can't create silly threads? Check threads, i ask questions in public when i didn't get reply from hetzner. Nothing wrong in it.
Looks like this thread contains two types of a complaint related to Hetzner abuse.
I didn't have any issues with any blacklist even small ones.
The problem I described was related to fake/personal abuses not related to the server.
Again, Hetzner is too strict even if an abuse message comes from some penguin using Hotmail and blaming server IP for the issues he had even no activity was coming/outgoing from server IP itself at all.
Everything is wrong with it. You worked 2 years with Hetzner and don't know that they are very strict and BS when it comes to abuse reports. Abuse reports must be handled in timely manner wherever you are. You don't know that. Your statements conflict with your "experience".
Are you insane?
There are 100% criminal only used ISPs (i ran more than one.), if you force the abuse senders to include their actual data this would have helped me so much back then - to reverse the attack on them, and to give it to the customer for... use by their discretion (usually means Swating).
Also, nobody could verify the data entered anyway.
I have experience, i have handled everything correctly.
I am with hetzner from 2 Years, but this happened with me first time, they never blocked my IP like this because that time i have less customers for servers and less customers of hosting. I have replied to every email of hetzner till that time, but that time i was forget to reply. but i didn't know they will lock the IP
I don’t know what type of service you provide but they seems to be not liking it at all, so they catch any chance to say goodbye, opening another account is just waste of time, they will know and close it.
If you want another provider that will cover your back , try contabo if you got an Abuse they will ask you to pay 20£ And they will act like nothing happened.
That’s true I’ve always treated abuse complaints differently based on the customer. At first glance most would find it offensive but it’s pretty logical. Especially when you consider two hypothetical clients:
Intentionally copies copyrighted content and complies with removal requests.
Wordpress blogger compromised due to faulty plugin.
The first intentionally employs your abuse team to process complaints for them. They know that they’re doing and the resources they’re taking advantage of. The second made a mistake. The first gets a much shorter leash.
I don't know where you heard that, but this is not how we work with Abuse cases.
Yes sure you don’t 😉
You don’t take fees for abuse? so maybe I’ve mixed your service with an prnhb invoice.
yea, you mostly ignore abuse generally, we all know.
Well, we process 10,000+ abuse complains every month and most of them are just not well documented. And it's easy to use fake abuse report to, you know, abuse someone
That just means your customers are crap, even as cybercrime host i never managed to ignore more than a few thousand per month
Pssst. Don't ruin their business @William. They do work in a gray year which isn't always a crime lol.
You may have been with 100 servers at most, they on the other hand run multiple data centers each having thousands of servers, in which there are a lot of VMs