All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Hetzner is cancelling all of our servers without reason
I founded a 501(c)(3) non-profit called Unredacted, which operates services and infrastructure that help people evade censorship and protect their right to privacy.
Today we received a notice that Hetzner is cancelling all of our servers, and without any prior warning. They do not give a reason, and their decision is final. We've always paid our bills on time and have never received an abuse report.
Edit: To be clear, we are not operating any open proxies or censorship circumvention services on Hetzner IPs.
Most of our critical infrastructure runs on top of Hetzner, and this will disrupt our important work while migrating everything to another provider.
In the spirit of transparency, it's important to know why critical infrastructure is being pulled out from underneath us. We'd like an explanation from @Hetzner_OL at the very least.
We understand that they can terminate an account for any reason, but this is not typical of most providers to do for an account in good standing. If this can happen to us, it could happen to you as well.
Comments
Did you receive any abuse complaints? If so, I guess this is a reason why Hetzner decided to cancel your servers.
We have never received any abuse report from Hetzner.
@Lunar, I see that you are running public XMPP service. Have you heard of this case?
It is dangerous to store valuable files on their new storage. Only backups that can easily reproduce.
Yes, we wrote a blog post regarding that https://unredacted.org/blog/2023/11/what-were-doing-in-response-to-the-jabber-ru-mitm-attack/
We have closely monitored our infrastructure since.
I cannot speak as to why your account was cancelled but you received a month of prior notice which is very generous imo
I can agree with that, the month notice is generous. However, we have a lot of servers with Hetzner. The migration will be a significant effort, taking a long time.
It's down to the nature of the services you operate.. If I had to guess, it would also be related to high bandwidth use over many months/years combined on your account. I feel like I've read in the past about Hetzner kicking off large Tor/proxy user accounts.
At least they gave you plenty of time to migrate your whole setup off of them, but they're a huge company, they aren't going to budge for you. They don't care. It's really not down to abuse though. I've had plenty of abuse on their network, and I've never had a problem with them, they're understanding.
Have you asked Hetzner for a more specific reason? Which part of their AUP did you violate?
I'll be happy to help you with what I can, if you'd like. PM me what you need.
For no reason “no censorship services”. Who are we fooling? Certainly not let community. Of course low end lawyers will rush in!
Are your servers plugged in correctly?
tor relays, socks, etc
Running public proxies, censorship evasion tools, etc., is most likely a violation of Hetzner's ToS. You should find a bulletproof free speech supported provider.
I think most hosting providers will have an AUP clause about "no open proxies".
Not sure what hetzners stance on the things you claim to be doing is. But they potentially have some issues with things your services may be getting used for.
[insert bike fall meme]
given hetzner's policies it's likely related to the fact that you're running tor relays and bridges. they tend to be strict about what services you host so that seems like a probable cause. it's just speculation though since the exact reason could be something else entirely (which they typically don't disclose)
I think transparency is key here, even if we are unable to use their services for X or Y reason, it would be useful to know how and why we were in violation of their terms/AUP.
We're left in the dark here
We are waiting on a response from them currently.
Just to be clear, we are not operating any open proxies or censorship circumvention services on Hetzner IPs.
Hi,
from my experience, hosting business critical things is not a good idea with hetzner.
We had rented a rack there once. They nullrouted a whole /24 network because one IP got one spamabuse... at least a phone call later they turned it on again fastly after i made clear that this is business and not some private fun clown show.
On another time they asked us to reduce the PPS on the port. After we asked them how the customer is supposed to tell the adobe streaming server to do the job with less PPS they didnt answer anymore...
For private stuff, for sure nice and cheap. For business stuff... maybe better another provider that is more ready for business customers and their needs.
I've edited the initial post for clarity.
We are not operating any open proxies or censorship circumvention services on Hetzner IPs.
But they are not saying you were violating anything, they just don't want to do business with you (if you were violating anything, they would have kicked you out with no notice).
the email comes from blacklist@, you should know better what you made on their infrastructure. you bought servers for idleing?
We have never received a spam complaint, and we don't host public email services.
Than you hiding real reason. Because you definitely know what are you doing with hetz servers. Tor exit nodes, proxy traffic etc. traffic is traffic.
Guys, Hetzner runs a metric shit-ton of Tor Exits. Just see: https://metrics.torproject.org/rs.html#search/as:AS24940
They're one of the largest networks on Tor, pushing over 11Gbps of active traffic at the moment across nearly 500 active servers / relays.
OP running some Tor relays as part of a privacy service and some XMPP servers is hardly an issue. This isn't 2010 anymore, ISPs don't need to be afraid of Tor. Just run common sense exit policies and carry on.
did you checked your IP for reports? eg spamhaus, abuseipdb, etc. maybe your boxes was hacked? Did you changed your default MAC?
I advise you to be transparent next time, they can see your traffic.
Port 123
Port 3478
etc..
Yes, we are not on any blacklists. No, we did not change the default MACs.
The use of NTP and STUN is not violating Hetzner's terms. We are quite transparent about our services.
They allow NTP amplification DDoS attack?