Banned by xhosts web hosting for typing 'sudo' command once

Comments

• MikeA Member, Patron Provider

  March 2025

  What a pointless thread. Props to Xhosts.

  Thanked by 4xHosts gbzret4d RapToN Frameworks
• Atilla Member

  March 2025

  Find new provider bro
• KeqingWangy Member

  March 2025 edited March 2025

  /usr/local/bin/composer2
  
  Please do not use 'sudo' or leave your home directory.
  
  Have a nice day!
  

  

  Thanked by 2Xrmaddness khalequzzaman
• sillycat Member

  March 2025

  @KeqingWangy said:
  /usr/local/bin/composer2
  
  Please do not use 'sudo' or leave your home directory.
  
  Have a nice day!
  

  That's what I also said before I went to jail for tax evasion.
• KeqingWangy Member

  March 2025

  @sillycat said:
  That's what I also said before I went to jail for tax evasion.

  

  Thanked by 1sillycat
• cmeerw Member

  March 2025

  @xHosts said: As proven here there are always a few who attempt to take things to the extreme in cases rather than make contact or feel they have the right to dictate how a provider implements their rules and polices.

  Rules and policies are one thing, using proper security features to isolate customer accounts is a different thing. Does this hosting platform implement state of the art security features as required by article 32 of the GDPR? (having to ask users not to leave their home directory doesn't sound like state of the art to me) Or is it not suitable at all to store any private data?

  Thanked by 2hyperblast Peppery9
• zed Member

  March 2025

  maybe "cd" gets you banned too lol
• gbzret4d Member

  March 2025

  This thread........
• taizi Member

  March 2025

  don't create verbal rules, but implement rules with code

  Thanked by 3borkedascii Void yoursunny
• ailice Member

  March 2025

  [@network said]
  So the user can read files in /tmp created by other users?

  In php-fpm scenario this couldn't happen on default configuration, perhaps xHosts could tried to test it for more information on 20i environment.

  I just more curious more how permission was handle on 20i right now.
• bdl Member

  March 2025

  @zed said:
  maybe "cd" gets you banned too lol

  sudo cd
• Saragoldfarb Member, Megathread Squad

  March 2025

  @wadhah said:
  You were told not to do it. You did it.

  This is called Fuck Around And Find Out.

  @xHosts

  

  +1

  Thanked by 1wadhah
• Pilzbaum Member

  March 2025

  I don't get the hate against xHosts regarding the security aspects. It seems many/all do not know what kind of security precautions have been set up, so to me that's just guessing. Going for "oh is this sudo scanning your ONLY security measurement? Haven't you heard about permissions?"
  I for myself believe they are just setup similarly to any other shared host environment security wise (with all their security flaws, hacks, workarounds and whatnot, but it appears to work for many hosts for decades even)

  How about the idea that this is just for some other type of abuse prevention? Every customer that runs scripts without understanding/reading/following shared hosting rules (and I certainly believe that they) might sooner or later a) (ab-)use the service for unintended purposes b) query a whole bunch of support tickets what's working and what's not and why c) leaving bad reviews because they didn't understand the products limitations.

  Since OP is allegedly trying to spin up some kind of VPN (at least he denied this topic publicly, giving it even more attention, but we will likely not know his ideas) I get the xhosts decision for just refunding and kicking off the customer, due to the misalignment between the needs and the product.

  I mean, OP didn't even lose anything (except for time), xHosts decided against them as a customer. Their decision, that's about it.

  Thanked by 2Dazzle lowenduser1
• hostnoob Member

  March 2025 edited March 2025

  Seems unreasonable to me.

  Just have a message saying "Sudo and leaving your home directory are forbidden"

  If the users tries to do either, give them the same warning and block the command. No harm done.

  If you're going to instantly suspend them, then have a warning that says "Your account will be suspended if you try to use sudo or leave your home directory"

  Thanked by 1yoursunny
• eguo Member

  March 2025 edited March 2025

  

  Sandwiched between them 🤣

  Thanked by 3nghialele borkedascii yoursunny
• Chellii Member

  March 2025

  This is total time wasting, you guys even not recognize which customer I am! just make up things a> @Kyz said:

  @Chellii said:

  @xHosts said:

  @hyperblast said:
  @xhosts, however, is intolerably silent on the subject of the security of its systems. this is frightening, if not downright discouraging.

  The platform is managed by 20i including SSH access.

  When a user first connections it advises do not use sudo or leave your home directory, that is a simple and clear warning, if you attempt do it is clear to anyone there will be some type of security that will kick in ain some way.

  @Chellii said:

  @kenjing789 said:
  TLDR: User wrong , xHost right if the story on xHost side is real (xHost was right at start tho)

  https://lowendtalk.com/discussion/comment/4366088/#Comment_4366088

  Well, I think I cannot proof anymore, I did not post "test what is allowed and is not allowed". Seems there no way for me to proof that.

  

  This edited reply. here

  Lets break this down

  You connect to SSH and read the warning do not use sudo

  You use sudo after reading that warning and also the thread here about another user who used sudo

  You state "And I still want to find what kind of operation are forbidden in this service"

  You had read about not using sudo in your own SSH terminal, you use it and it becomes blocked.

  You contact us about the block, we ask a few simple questions regarding the intended use, the reply is vague and evasive.

  At the time of these vague replies, you also post "I still want to find what kind of operation are forbidden in this service" which combined with a vague reply and the replies advising the policy that works fine for hundreds of our users and thousands of 20i customers because you cannot follow the simple rule of do not use sudo.

  As all businesses have the right to decide who they do and no not provide services to, your activity and general manner raised a number of red flags and it was decided the red flags out number the positives of providing a service to you, this decided we took a backup of your account, provided this in the ticket reply and issued a refund right away to allow you move on to a provider that can provide the service you need without the need to waste your time by becoming blocked over and over again as you have stated yourself "find what kind of operation are forbidden in this service"

  We have provided the information and will not provide you further responses of back and forth which is just going to be a waste of everyone involved time.

  We hope you are able to find a provider that can meet your needs going forward.

  You guys are unreasonable!!!

  I had said several times! You mix me and @letstayfree!

  I never post things like "And I still want to find what kind of operation are forbidden in this service". Did you see my reply or not!

  You guys just make up thing and not admit you Acknowledge the wrong person!

  interesting post. let me help OP point out, because it seems he didn't remember what he typed.
  this is you and this is your post, right?

  

  Sorry about that, the reason I didn't remember is, after @xHosts cut my word, the meaning has changed. I just want to find whats other type of ops are not allowed and what punishment will be executed. By this,it means find it in some kind of documentation or rules, not by doing it, it's different.
• Chellii Member

  March 2025 edited March 2025

  @Chellii said:

  @xHosts said:

  @hyperblast said:
  @xhosts, however, is intolerably silent on the subject of the security of its systems. this is frightening, if not downright discouraging.

  The platform is managed by 20i including SSH access.

  When a user first connections it advises do not use sudo or leave your home directory, that is a simple and clear warning, if you attempt do it is clear to anyone there will be some type of security that will kick in ain some way.

  @Chellii said:

  @kenjing789 said:
  TLDR: User wrong , xHost right if the story on xHost side is real (xHost was right at start tho)

  https://lowendtalk.com/discussion/comment/4366088/#Comment_4366088

  Well, I think I cannot proof anymore, I did not post "test what is allowed and is not allowed". Seems there no way for me to proof that.

  

  This edited reply. here

  Lets break this down

  You connect to SSH and read the warning do not use sudo

  You use sudo after reading that warning and also the thread here about another user who used sudo

  You state "And I still want to find what kind of operation are forbidden in this service"

  You had read about not using sudo in your own SSH terminal, you use it and it becomes blocked.

  You contact us about the block, we ask a few simple questions regarding the intended use, the reply is vague and evasive.

  At the time of these vague replies, you also post "I still want to find what kind of operation are forbidden in this service" which combined with a vague reply and the replies advising the policy that works fine for hundreds of our users and thousands of 20i customers because you cannot follow the simple rule of do not use sudo.

  As all businesses have the right to decide who they do and no not provide services to, your activity and general manner raised a number of red flags and it was decided the red flags out number the positives of providing a service to you, this decided we took a backup of your account, provided this in the ticket reply and issued a refund right away to allow you move on to a provider that can provide the service you need without the need to waste your time by becoming blocked over and over again as you have stated yourself "find what kind of operation are forbidden in this service"

  We have provided the information and will not provide you further responses of back and forth which is just going to be a waste of everyone involved time.

  We hope you are able to find a provider that can meet your needs going forward.

  You guys are unreasonable!!!

  I had said several times! You mix me and @letstayfree!

  I never post things like "And I still want to find what kind of operation are forbidden in this service". Did you see my reply or not!

  You guys just make up thing and not admit you Acknowledge the wrong person!

  @xHosts
  Sorry about that I didn't remember post about the"I still want to find what kind of operation are forbidden in this service", the reason I didn't remember is, after you guys cut my word, the meaning has changed. I just want to find what's other type of ops are not allowed and what punishment will be executed. By this,it means find it in some kind of documentation or rules, not by doing it, it's different.
• suyadi92 Member

  March 2025

  

  Thanked by 1sillycat
• Chellii Member

  March 2025

  @xHosts said:
  We have been selling 20i shared hosting since 2017 and had only a handful of issues although selling a number of monthly accounts in that time which covers the costs to allow us to provide these one time fee deals from time to time.

  The only time there appears to be issues would be when people attempt to be smart and test how far they are able to push a standard account before something happens.

  As most people would know standard SSH access on a shared platform is for such things as importing database, debug/test cron, edit or move files around standard directories.

  20i works differently to the likes of cPanel/Directadmin, the best suggestion no matter the provider, if you are unsure ask a question to get the information you need before either ordering or attempting what you intend to do, asking the question can avoid most issues.

  As proven here there are always a few who attempt to take things to the extreme in cases rather than make contact or feel they have the right to dictate how a provider implements their rules and polices.

  I have asked a lot of these questions directly to 20i to get some clear cut information

  This is the response so far

  ---

  To lay some groundwork, SSH on our shared hosting platform (which Reseller utilises) is intended for managing the files and database via common file operations, the MySQL CLI, and other applications such as WP CLI or Composer.

  The reason sudo is blocked rather than ignored is because on a simple level, this is the more secure option - it allows us time to investigate any potential threats or malicious use, such as ticket XXXXXXXXXXXX mentioned earlier in which your user was banned previously. As a secondary effect, it does force a ticket for it to be unblocked, meaning that we can go over the rules pertaining to sudo being a disallowed command on the shared hosting platform.

  If a user does require using such commands, Self-Managed VPS' are a better option, since they're wholly managed by the user themselves and can run these types of command without a block.

  I have confirmed with a colleague that writing to /tmp is allowed, and can be done without leaving the home directory, but it is monitored for security purposes in the same vein as other commands being ran - again, such as the commands used in the case of ticket XXXXXXXXXXXX.

  I've set this ticket to be reopened for tomorrow as per my colleague Marc's suggestion as well - we'll let you know ASAP once we have word back.

  ---

  I have redacted ticket/case numbers for security of the clients in question.

  I understand the reason 'sudo' cannot be used. but you cannot block my account due to once single world 'sudo' typed.

  I apologized for the incontinence that due to my poor English. I posted "I still want to find what kind of operation are forbidden in this service". But the sentence followed by "Is there any document to show that?"

  As a user, I just want to found the docs, like "you will be banned forever if you use 'sudo'"
• alexnjh Member

  March 2025 edited March 2025

  @Chellii said:

  @xHosts said:
  We have been selling 20i shared hosting since 2017 and had only a handful of issues although selling a number of monthly accounts in that time which covers the costs to allow us to provide these one time fee deals from time to time.

  The only time there appears to be issues would be when people attempt to be smart and test how far they are able to push a standard account before something happens.

  As most people would know standard SSH access on a shared platform is for such things as importing database, debug/test cron, edit or move files around standard directories.

  20i works differently to the likes of cPanel/Directadmin, the best suggestion no matter the provider, if you are unsure ask a question to get the information you need before either ordering or attempting what you intend to do, asking the question can avoid most issues.

  As proven here there are always a few who attempt to take things to the extreme in cases rather than make contact or feel they have the right to dictate how a provider implements their rules and polices.

  I have asked a lot of these questions directly to 20i to get some clear cut information

  This is the response so far

  ---

  To lay some groundwork, SSH on our shared hosting platform (which Reseller utilises) is intended for managing the files and database via common file operations, the MySQL CLI, and other applications such as WP CLI or Composer.

  The reason sudo is blocked rather than ignored is because on a simple level, this is the more secure option - it allows us time to investigate any potential threats or malicious use, such as ticket XXXXXXXXXXXX mentioned earlier in which your user was banned previously. As a secondary effect, it does force a ticket for it to be unblocked, meaning that we can go over the rules pertaining to sudo being a disallowed command on the shared hosting platform.

  If a user does require using such commands, Self-Managed VPS' are a better option, since they're wholly managed by the user themselves and can run these types of command without a block.

  I have confirmed with a colleague that writing to /tmp is allowed, and can be done without leaving the home directory, but it is monitored for security purposes in the same vein as other commands being ran - again, such as the commands used in the case of ticket XXXXXXXXXXXX.

  I've set this ticket to be reopened for tomorrow as per my colleague Marc's suggestion as well - we'll let you know ASAP once we have word back.

  ---

  I have redacted ticket/case numbers for security of the clients in question.

  I understand the reason 'sudo' cannot be used. but you cannot block my account due to once single world 'sudo' typed.

  I apologized for the incontinence that due to my poor English. I posted "I still want to find what kind of operation are forbidden in this service". But the sentence followed by "Is there any document to show that?"

  As a user, I just want to found the docs, like "you will be banned forever if you use 'sudo'"

  To be honest, regardless whether it is right or wrong it is within the provider's rights to decide if they want to do business with you and ofcourse that includes whether to close your account.

  Trying to justify here will not get you anywhere as xhost already decided not to do business with you as many had pointed out.
• lowenduser1 Member

  March 2025

  @Chellii said:

  @xHosts said:
  We have been selling 20i shared hosting since 2017 and had only a handful of issues although selling a number of monthly accounts in that time which covers the costs to allow us to provide these one time fee deals from time to time.

  The only time there appears to be issues would be when people attempt to be smart and test how far they are able to push a standard account before something happens.

  As most people would know standard SSH access on a shared platform is for such things as importing database, debug/test cron, edit or move files around standard directories.

  20i works differently to the likes of cPanel/Directadmin, the best suggestion no matter the provider, if you are unsure ask a question to get the information you need before either ordering or attempting what you intend to do, asking the question can avoid most issues.

  As proven here there are always a few who attempt to take things to the extreme in cases rather than make contact or feel they have the right to dictate how a provider implements their rules and polices.

  I have asked a lot of these questions directly to 20i to get some clear cut information

  This is the response so far

  ---

  To lay some groundwork, SSH on our shared hosting platform (which Reseller utilises) is intended for managing the files and database via common file operations, the MySQL CLI, and other applications such as WP CLI or Composer.

  The reason sudo is blocked rather than ignored is because on a simple level, this is the more secure option - it allows us time to investigate any potential threats or malicious use, such as ticket XXXXXXXXXXXX mentioned earlier in which your user was banned previously. As a secondary effect, it does force a ticket for it to be unblocked, meaning that we can go over the rules pertaining to sudo being a disallowed command on the shared hosting platform.

  If a user does require using such commands, Self-Managed VPS' are a better option, since they're wholly managed by the user themselves and can run these types of command without a block.

  I have confirmed with a colleague that writing to /tmp is allowed, and can be done without leaving the home directory, but it is monitored for security purposes in the same vein as other commands being ran - again, such as the commands used in the case of ticket XXXXXXXXXXXX.

  I've set this ticket to be reopened for tomorrow as per my colleague Marc's suggestion as well - we'll let you know ASAP once we have word back.

  ---

  I have redacted ticket/case numbers for security of the clients in question.

  I understand the reason 'sudo' cannot be used. but you cannot block my account due to once single world 'sudo' typed.

  I apologized for the incontinence that due to my poor English. I posted "I still want to find what kind of operation are forbidden in this service". But the sentence followed by "Is there any document to show that?"

  As a user, I just want to found the docs, like "you will be banned forever if you use 'sudo'"

  checkout tilde or sdf if you want to play or learn with limited shells
• aliveneko Member

  March 2025 edited March 2025

  @Mumbly said:

  @wadhah said: You were told not to do it. You did it.
  This is called Fuck Around And Find Out.

  Well, that's in our nature. You can't blame him, he's merely mortal. Saying "don't use sudo" is pretty much the same as saying "don't eat that apple" or "don't steal fire from gods". It's almost like an invitation to do it.
  I'd do it too! Who wouldn't?

  We know plenty of such occurrences, like opening Pandora's box, Icarus flying too close to the sun, or even the Monkey King stealing the peaches of immortality despite the warning.

  Just don't say "don't use sudo" if you actually mean it!

  RIGHT!!!
  There is a "Do not use sudo" text on my terminal. But I really want to use sudo command because of the text. Then I immediately closed the terminal.

  Curiosity killed the cat!
• letstayfree Barred

  March 2025

  They banned and refused to refund that's the actual problem guys just due to sudo
• letstayfree Barred

  March 2025

  @Chellii said:

  @Chellii said:

  @xHosts said:

  @hyperblast said:
  @xhosts, however, is intolerably silent on the subject of the security of its systems. this is frightening, if not downright discouraging.

  The platform is managed by 20i including SSH access.

  When a user first connections it advises do not use sudo or leave your home directory, that is a simple and clear warning, if you attempt do it is clear to anyone there will be some type of security that will kick in ain some way.

  @Chellii said:

  @kenjing789 said:
  TLDR: User wrong , xHost right if the story on xHost side is real (xHost was right at start tho)

  https://lowendtalk.com/discussion/comment/4366088/#Comment_4366088

  Well, I think I cannot proof anymore, I did not post "test what is allowed and is not allowed". Seems there no way for me to proof that.

  

  This edited reply. here

  Lets break this down

  You connect to SSH and read the warning do not use sudo

  You use sudo after reading that warning and also the thread here about another user who used sudo

  You state "And I still want to find what kind of operation are forbidden in this service"

  You had read about not using sudo in your own SSH terminal, you use it and it becomes blocked.

  You contact us about the block, we ask a few simple questions regarding the intended use, the reply is vague and evasive.

  At the time of these vague replies, you also post "I still want to find what kind of operation are forbidden in this service" which combined with a vague reply and the replies advising the policy that works fine for hundreds of our users and thousands of 20i customers because you cannot follow the simple rule of do not use sudo.

  As all businesses have the right to decide who they do and no not provide services to, your activity and general manner raised a number of red flags and it was decided the red flags out number the positives of providing a service to you, this decided we took a backup of your account, provided this in the ticket reply and issued a refund right away to allow you move on to a provider that can provide the service you need without the need to waste your time by becoming blocked over and over again as you have stated yourself "find what kind of operation are forbidden in this service"

  We have provided the information and will not provide you further responses of back and forth which is just going to be a waste of everyone involved time.

  We hope you are able to find a provider that can meet your needs going forward.

  You guys are unreasonable!!!

  I had said several times! You mix me and @letstayfree!

  I never post things like "And I still want to find what kind of operation are forbidden in this service". Did you see my reply or not!

  You guys just make up thing and not admit you Acknowledge the wrong person!

  @xHosts
  Sorry about that I didn't remember post about the"I still want to find what kind of operation are forbidden in this service", the reason I didn't remember is, after you guys cut my word, the meaning has changed. I just want to find what's other type of ops are not allowed and what punishment will be executed. By this,it means find it in some kind of documentation or rules, not by doing it, it's different.

  Stop your try to please them. Do you know why they refund you?? Just because i started a debate on PayPal after they denied to refund me after terminated my service without any kind of warning.

  You are a lucky one after trying sudo
• Mumbly Member

  March 2025

  @aliveneko said:

  @Mumbly said:

  Well, that's in our nature. You can't blame him, he's merely mortal. Saying "don't use sudo" is pretty much the same as saying "don't eat that apple" or "don't steal fire from gods". It's almost like an invitation to do it.
  I'd do it too! Who wouldn't?

  We know plenty of such occurrences, like opening Pandora's box, Icarus flying too close to the sun, or even the Monkey King stealing the peaches of immortality despite the warning.

  Just don't say "don't use sudo" if you actually mean it!

  RIGHT!!!
  There is a "Do not use sudo" text on my terminal. But I really want to use sudo command because of the text. Then I immediately closed the terminal.

  Curiosity killed the cat!

  Come on, we're human, we're explorers!
  Just think about Nikola Tesla, who was warned that transmitting electricity wirelessly was impractical and dangerous. Despite this, he conducted groundbreaking experiments that influenced modern wireless technology.
  Or Marie Curie, who was advised against working with unknown, potentially dangerous elements. Despite the risks, she discovered polonium and radium, paving the way for cancer treatments.
  Or Rosa Parks. In a society where segregation was enforced with violence and oppression, Rosa Parks was warned not to resist. She did it anyway, sparking the civil rights movement.
  Or the guy who stuck his tongue to a frozen pole – and survived to tell the tale!

  Next time, just do it if you feel that way. You've got this!

  Thanked by 3letstayfree hyperblast yoursunny
• raindog308 Administrator, Veteran

  March 2025

  @letstayfree said: They banned and refused to refund that's the actual problem guys just due to sudo

  @Chellii said: I received a forced refund.
• aliveneko Member

  March 2025

  @Mumbly said: Next time, just do it if you feel that way. You've got this!

  Then I will be banned by xhosts. XD
• itachikonoha Member

  March 2025

  @xHosts

  I think opposing argument is, why ban people for just one offense? To be honest, many people including I ran sudo (just because of this thread) in respective shared hosting providers.

  Throttle him or if multiple time occurs, make his account locked for x,y,z days following which, make it permanent. But ban due to one time seems a bit over aggressive.

  Thanked by 1anakara
• anakara Member

  March 2025 edited March 2025

  Arguing will get you nowhere.
  If the provider adds a message: User cannot use sudo, otherwise you will be banned.
  If the user is not curious to go beyond the limits of usage.
  It will be different.
  OP has nothing to lose but time, advice is to find a VPS if you want to try sudo.
  With xhost: You have the right to forbid users from using sudo, but if you don't give advance notice, it's your fault.
• anakara Member

  March 2025

  @itachikonoha said:
  @xHosts

  I think opposing argument is, why ban people for just one offense? To be honest, many people including I ran sudo (just because of this thread) in respective shared hosting providers.

  Throttle him or if multiple time occurs, make his account locked for x,y,z days following which, make it permanent. But ban due to one time seems a bit over aggressive.

  I think OP was banned for vaguely answering the purpose of using sudo in the ticket