New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
yeah... lots of complaints about alexhost and other DMCA hosts suspending accounts left and right!
Agreed - logically easy but how do you deal with VPN? I know other providers do this via the payment system - which we do not have.
@alexhost suspended the account because of IP spamming abuse - which is perfectly reasonable if their IP range is being polluted. Hopefully DMCA actions have nothing to do with FOSSVPS.
Thanks for the offer but i doubt i'd need it. I have to admit that i've been playing around a little yesterday evening. Chances are i'm not going to finish it but in any case the fact that your setup doesn't require dealing with a bunch of stupid fluff makes it kind of attractive.
As far as making the result open source is concerned: I personally wouldn't make some kind of scoring system like this public (even without revealing the exact weights it might still give people ideas how to artificially inflate their scores) but then i also don't have much of a problem slapping some OS license on it if i'm giving it away anyways. If i'm in a good mood it might even not be 4-clause-BSD just to piss the GPL fanboys off
I'd say look at FreeVPS' rules/requirements and implement them. That makes for a very easy filter to begin with.
Totally understood totally_not_banned
The offer is open if you need it and yes I can understand protecting algorithms etc as you say when they can be used to game the system. However if the params were in a user configured file then the levels etc could still be secret (perhaps).
Anyway have fun and if I can be of help lmk.
Mike
I agree with all of those rules and it is pretty much what we implement, although if I feel a potential client is deserving, they may be slightly relaxed.
I think a LET / LES referral rule will likely be added.
Block the access on registration page for high risk countries and for VPN. I assume this can be done.
In theory its pretty easy but practically it's tricky. There is a whole bunch of services that will tell you if IP X belongs to a DC but then there's also 1000s of open proxies on residential lines floating around and while those might be dead slow due to half the internet abusing them and likely going to die in like 30 minutes they are still perfectly fine for filling out a form.
Requiring the location of the IP to somewhat match payment info would drastically cut down on the available options but there's no payment info here. Also the big commercial VPNs are playing a constant cat and mouse game trying to not get their ranges flagged, so in the end the pretty easy solution would mostly just block people running a VPN on their $7/y VPS while people trying to avoid detection wouldn't have too much trouble doing so.
I guess it would be possible to somewhat limit the proxy loophole by checking various rather unrelated blacklists in hopes the open proxies would be listed quickly enough due the sheer volume of complaints they are generating or even portscan the connecting IP to see if there's any obvious signs of being an open proxy but in any case if such a system were to be even somewhat effective it would take quite some dedication to give it the required tuning. Just blocking high risk countries and accepting the loopholes might be a more pragmatic approach.
One can't achieve 100% protection, but one can filter a large chunk of potential abuses.
This is just a thought.
@default, I think once again @totally_not_banned nailed the answer. It is relatively easy using iptables and ipset to block countries however VPN is as mentioned, challenging. However little steps are the logical approach so that should be my next 'fix'. Of course I now need to decide on countries.
FOSSVPS is for developers and I 'guess' a lot of developers could be in the countries that I may ban as they also have more abusers - its a difficult decision......
Yeah, it could be a starting point to catch the low hanging fruit. I'm just not that much of a fan of blocking the $7 VPNs (since they are the easiest to detect due to regularly sitting in well known DC ranges) while giving the commercial VPNs (which are probably where the largest portion of abusers is) mostly a free pass.
There might be some clever things one could do with TCP fingerprinting though. Admittedly i've never made an effort to hide my VPN but https://browserleaks.com/ip accurately detects the connections as OpenVPN. They incorrectly assume my setup to be using TCP but its still quite impressive. Maybe something along those lines could be more effective than trying to keep up with the ever changing exit IPs of the big VPNs.
Edit: Browserleak's OS detection is far less impressive though. They think i'm using Android when i'm sitting in front of a Linux box and there's mix of BSD and Linux between me and their test lol
There are good people and bad people everywhere on the planet. Meanwhile there are way more good people out there than bad ones; so no matter your decision, some good people are bound to be affected.
I like to put it this way: when you walk on the street, most of the people don't want to harm you or kill you or offend you, instead they might want to greet you or understand you. But if there is a place in this world where people could be against you as majority for whatever ideological reason you might have, that is a risky place to have customers from, even though there might be good minded people there too.
Whatever you choose, it's hard to balance it, because each person is precious and unique.