New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Flop it out mate
Doubling your resources for life is actually quite a profitable promotion
I seem to recall that you told me I was fine to run Tor on your UK locations, just not Albania:
I then paid money for a VPS but could not activate because I could not log in. I was waiting until you unblocked Tor on your website, which you recently did. But now you're revoking the permission you explicitly gave me?
Nice chickens
They don't. Only Hetzner has that issue and those are internally-generated abuse complaints sent to their own customers based on their own internal traffic heuristics. I run 42 relays. Every single exit has pages upon pages of abuse reports. Every single middle relay contains zero reports on AbuseIPDB that IP during the time the relay is running.
Chances are, you've experienced someone running a middle and then abusing the VPS in hopes that they can blame it on Tor, and IP reputation databases will falsely flag it as a Tor issue.
But even if you want to stop people from running relays, blocking connections to relays is the wrong way to do it because that also blocks bridges, Snowflake, clients, HS websites, etc.
This is correct, even though I would not have used this vocabulary since it was not a formal contract, just a forum talk. I was told this change took place last year and I was pointed to this:
Prohibited Services & Activities
The following services and activities are strictly prohibited on our network:
The funny thing is they blocked the whole range of 9XXX ports, so a few non-Tor related apps stopped working and I had to change their port.
I actually saw that when I asked them. They had that in place and I was explicitly told it would only apply to their Albanian location, and that I was free to run a non-exit relay.
What...? That's crazy. But there are so many relays which don't even use 9001 anyway. Many use 443.
I can only guess this new change has happened recently, possibly before you asked.
Yes, this is a bit challenging to block on the port level
After I asked, you mean?
Yes, sorry, exactly that.
I mean it's a though situation, especially if you paid yearly. Maybe a refund for the remaining time would be fitting.
Can't blame a provider for changing up their terms, but obviously it sucks if you paid yearly with the expectation to do something that you now can't.
What's even stranger is that they were actually planning on adding an onion domain, so it's not like they're philosophically anti-Tor.
Probably money is the reason. 100 reddit customers v 3.5 tor customers.
Maybe a solution would be to have separate ASN for tor customers but again if there are 3.5 people, it won't justify costs. So, money again.
Well, there are couple of tor relays from their upstream, at least when i was using them there was. Also they have better specs, only thing is they accept crypto only. So if upstream dont have any problem with tor, neither should reseller imho.
Yeah, the upstream is fine with Tor relays (not exit). I run some in Kosovo and Macedonia with them.
The minus is they don't have ipv6 (yet?) and I had some occasional few hour downtime incidents in recent months (mostly in Macedonia). And, like mentioned they only accept crypto which can be a problem too.
Hmm not really. Often times downstreams/resellers have different policies and if they run things on their own ASN, it's completely up to them to set rules.
Think @HostDZire (doesn't allow Tor, reseller of leaseweb which doesn't prohibit it), @aluy @MannDude who allow Tor (even exits) - downstreams of @AlexBarakov (who doesn't allow it),
@NDTN prohibits Tor (using xtom/leaseweb network), @RIYAD who is reseller of many but doesn't allow Tor on H4F, and possibly many more...
Ultimately it's up to ASN/IP range owner to determine what they permit on their network.
Tor was hard blocked after that time - due to our ASN getting flagged, things being blocked, people complaining, and the explanation always being "Tor flag on ASN, VPN flag on ASN, IPs marked proxy" etc.
Please send in a ticket and we will refund you any money spent. We are not anti-Tor at all - we are anti-losing every customer due to 1000s of complaints because a few customers want to run nodes that flag entire ASNs.
We're happy to have anyone host something like i2p for example, which is not causing issues or getting our ASN banned everywhere.
I see what you're saying, but it's incorrect entirely. A single Tor relay even on your ASN gets the entire ASN flagged. Some automated abuse reporting systems (that I disagree with, myself) will then auto-report every attempt from any IP on that ASN.
As for the blocking relays meaning that it'll block bridges, that's entirely incorrect. There's a whole app, website page, etc for getting unlisted bridges to use for outbound access when Tor is blocked. The official list of relays are only public relays and exists, they are not bridges and other services used to access the network. They do not include any websites at all. And they are only blocked by BOTH IP:PORT combo, not whole IPs.
The port block is in process of being removed from our systems. Most servers this was already reversed. It was the "ORPort" that was being blocked, a common known Tor range. This was during the initial weeks of the block, as it killed all active nodes on our network instantly to get the flagging removed while better measures were implemented.
Money is not the only reason to care about ASN being flagged. But yes, there is no justification in causing all of our customers to have issues for a tiny minority to have the convenience to simply avoid using a bridge. When you operate a business, you can't screw over all your customers so that 1 or 2 of them can have preferential treatment. It would be a massive disaster. You have to always take into account what's good for the majority. It's about what's doing right by our customers, which means not letting our ASN being flagged on every database known to man so what, 4 total in our entire history, customers can have a node up? It just doesn't make sense when you balance the greater good.
Which upstream? And what reseller? We are not a reseller of anyone. We run our own ASN, Own IPs, have SEVERAL Upstreams (6 at present active with others on reserve status incase of issues). And upstream allowing something doesn't mean hosts do that use that ISP. An upstream = an internet transit provider.
All Tier 1s allow anything, even shady bulletproof hosts and all - that doesn't mean all their customers and their customers customers have to, does it? Your logic makes no sense at all to me here. Or am I misunderstanding something and you think we resell on someone else's node and IPs (which isn't the case)?
Are you running 195.144.24.0/24 there ?
That is the range used for our MK location, correct - which is announced and operated on our ASN on our node.
If your point is that the upstream owns the range there, that's correct. He's a friend and leases us the range. Many hosts operate using leased ranges on their own ASN and network.
Again, not getting your point. It's our ASN that gets flagged - it's our ASN it's announced on - it's our network it's on and we are responsible for it, regardless of who owns the range at the RIR level.
The range OWNERSHIP (legal forever ownership) and the one responsible for it (announced on their ASN) are not always the same person. Especially in today's economy where a range costs 8000+€ on RIPE to buy + LIR status at 2K a year.
So that was my logic about reseller part, you should not be mad about that.. it was just opinion. GL with sales.
Any promo for a lower spec vps with yearly pricing?
No no - not upset about it at all - just confused. That's not reselling.
Reselling is when you for example pay someone else to use their node, their IPs, their ASN, and sell on that server VMs on a node you do not manage or through an API they provide or something of that sort - which we do not. We manage our own network, hardware, IPs, etc. Are IP ranges leased, sure - that's common business practice. But leasing a range doesn't mean reselling at all mate - bit of a different thing.
When I hear reseller I think those selling on another provider, not someone managing their own nodes and network who leases IPs as a choice (you'd probably be surprised to know that even some of the largest and most well known hosts here rent ranges because it makes more financial sense until you get to a certain point - that point being hetzner, ovh, etc size).
Shoot us a ticket with your request, we may be able to accommodate.
Happy good bad day 😁
That has to be the most confusing sentence of today and made me laugh 🤣
Thanks for the smiles 😁
Welcome 😁 be happy and get happy . Happy bad day ! No it's not birthday what you just read !
But you can't run a bridge relay on your VPS if your VPS blocks connections to all Tor relays, as the bridge itself needs to connect to Tor (and you can't use a bridge over a bridge). Likewise, you can't operate an onion service. If you really do have to block Tor, you should simply have an alert that fires if one of your IPs is detected on the Tor consensus and not block connections to the Tor network. After all, what if someone wants to run
torsocks wgeton your VPS?Hmm, that's strange. I genuinely suspect something weird is happening because, with very few exceptions, I haven't seen a non-exit get flagged by any reputable (or even semi-reputable) IP reputation database, much less thousands of complaints. Is it possible that some people are either running exits (not middles), or are running middles while also abusing the service and trying to blame it on Tor? Because what you describe is out of the ordinary.
Do you have some examples of these 1000s of abuse complaints? I'm curious to figure out why that happens with your ASN so much more than others. I suspect there's more going on here than just excessive auto-reporting.
I only spent $10. I'm not a greedy person and I totally understand if this is a case of caveat emptor, but if you could instead donate it to the EFF or Tor Project, that would be better than refunding it to me.