End User Content Policy

End-user Content Abuse Policy/Unmanaged Dedicated Server/Colocation
(DEFCON 4 and DEFCON 5)

Our Prerogative

It is our intention:

• to deactivate at the Ethernet port, any FastServers.Net customer, for moderate to major end-user content-resultant abuse resulting in flooding, vengeance-based attacks, massive SPAM relay, scanning, or any other particular violation of our AUP, as determined by current Abuse Engineer or Technical Group Administrator
• to maintain a continuous assurance of networking health to our customer base.  "End-user Content" is hereby defined as server content uploaded by a customer of a direct client of FastServers.Net, including, but not limited to the following:  PHP modules (bulletin boards, forums, guest books, picture galleries, etc), installed P2P softwares, formmail or sendmail scripts, content uploaded via FTP, SCP, or web form to the server in question.
• to demonstrate that, according to our official AUP, aforementioned content is entirely within the jurisdiction of the FastServers.Net customer in question to maintain and assure the security thereof. 
  
  Regardless of the phases outlined below, permanent (irreversible) termination of any server profile may be required at any stage by a Technical Group Administrator, which corresponds with the FastServers.Net Official AUP and the protection of the health and efficiency of our critical network segments, regardless of situation’s parameters.  Extreme processes will only be instigated in warranted cases, of course, depending on severity of attack and/or depth of server intrusion, as we attempt to provide our customer a chance to rectify the situation with the following recourses:

Phase I - Deactivation/Quarantine
 
Initial Deactivation; (12 hours), cool down.  A ticket will be logged within Technical Support, and the server will be set to Abuse Quarantine status, within our internal records.  Any and all available data on the violation in question will be passed to the customer during this time.  Temporary access through a separate address, or a similar recourse, will be available to the customer during this time, in order to provide for repair, cleansing, and required security advancements in preparation for the end of the "cooldown" phase.  In the case that we, or an upstream provider, is actually required to black hole the server’s address space due to massive network connectivity issues, we may provide a specific IP to the customer for connecting to the server during the “cooldown” phase.
 
Reactivation will continue only after current Abuse Engineer and on-staff Administrator approve.  Attached monitoring and any other affected FS-provided services must be revived upon server reactivation.  Ticket details, resolution data, any helpful information WILL be logged to the permanent notes in the dedicated server profile in question.  After determining that the server is once again in an optimal and secure operating condition, the customer will be allowed to upgrade to higher DEFCON levels, pending an Administrator’s approval. 
 
Phase II - Administrative Hold
In the event of a second moderate to major violation of this nature **WITHIN 60 DAYS**, as determined by currently on-call Abuse Engineer or Administrator, the server in question will be semi-permanently deactivated, including all attached services & support pathways.  A ticket will be logged with the Administrative Staff, and the server will be set to Abuse Quarantine status.  The server will remain deactivated until an Administrator is satisfactorily convinced of the customer's ability to handle administration of end-user content going forward.  The customer in question will be required to sign a "Final Chance" clause, if approved for reactivation by an Administrator, which, if breached, will require a mandatory cancellation of services (WITHOUT RECOURSE) regardless of the circumstances involved. 
 
Stipulations to Administrative Hold & Expiring Violations
There is no required turnaround time, or preset cool down period, when a server is placed into Abuse Quarantine & deactivated for the second time within the 60 (sixty) or less days.  DEFCON upgrades will *not* be available during a quarantine phase, nor will the purchase of FastServers.Net "Advanced Support", as the policing of end-user content and all related situations are wholly the responsibility of the customer in question.  As previously eluded to, multiple violations are recognized within two month (60 day) intervals - beyond that, internally-noted Abuse violations may be deleted from the server’s permanent record.

End-user Content Abuse Policy Managed Dedicated Server/Colocation
(DEFCON 1/DEFCON 2/DEFCON 3)

Our Prerogative

It is our intention:

• To deactivate at the Ethernet port, any FastServers.Net customer, for moderate to major end-user content-resultant abuse resulting in flooding, vengeance-based attacks, massive SPAM relay, scanning, or any other particular violation of our AUP, as determined by current Abuse Engineer or Technical Group Administrator.
• To maintain a continuous assurance of networking health to our customer base.  "Enduser Content" is hereby defined as server content uploaded by a customer of a direct client of FastServers.Net, including, but not limited to the following:  PHP modules (bulletin boards, forums, guest books, picture galleries, etc), installed P2P softwares, formmail or sendmail scripts, content uploaded via FTP, SCP, or web form to the server in question.
• To demonstrate that, according to our official AUP, aforementioned content is entirely within the jurisdiction of the FastServers.Net customer in question to maintain and assure the security thereof. 

Regardless of the phases outlined below, permanent (irreversible) termination of any server profile may be required at any stage by a Technical Group Administrator, which corresponds with the FastServers.Net Official AUP and the protection of the health and efficiency of our critical network segments, regardless of situation’s parameters.  Extreme processes will only be instigated in warranted cases, of course, depending on severity of attack and/or depth of server intrusion, as we attempt to provide our customer a chance to rectify the situation with the following recourses:

Phase I - Deep Analysis & Cleansing.
Before Phase II - Deactivation is required by the acting Abuse Engineer or current Administrator, the customer in question will have the opportunity to purchase a package of "Advanced Support" as an *exception* (separate addition) to DEFCON hours:  this hour of Advanced Support (normal Administrative fee of $100.00/hour) is not tallied within our DEFCON structure, as the responsibility over end-user data is always the complete responsibility of the customer in question.  This hour (minimum) of "Advanced Support" will be utilized as an advanced cleansing and security procedure - including all regular criteria checks, though with a particular focus on the abuse of end-user application content:  elderly/outdated/vulnerable software builds, poorly-secured application interfaces, or any other possible modules that may allow unscrupulous behavior.  Deep analysis of webserver (or any other apparently compromised service), will transpire, and filesystem-wide sweeps for weak/manipulatable content will occur.  Once complete, details of the audit will be logged within the permanent notes of the server profile in question.  An 'official deactivation' will NOT occur in this case, though we may require a temporary Ethernet deactivation, depending on the severity of the issue, not to exceed the maximum time needed to bring the problem under control.  The customer will be informed of the anomalies that were present, and should be instructed on proper maintenance practices going forward, in lieu of assuring up-to-date applications (or any form of content), throughout their customer content hierarchy. 
 
Phase II - Deactivation/Quarantine.
Initial Deactivation; (12 hours), cool down.  A ticket will be logged within Technical Support, and the server will be set to Abuse Quarantine status, in our internal records.  Any and all available data on the violation in question will be passed to the customer during this time.  Temporary access through a separate address, or a similar recourse, will be available to the customer during this time, in order to provide for repair, cleansing, and required security advancements in preparation for the end of the "cooldown" phase.  In the case that we, or an upstream provider, is required to black hole the server’s address space due to massive network connectivity issues, we have IP ranges set aside for binding to the server temporarily.
 
Reactivation will continue only after current Abuse Engineer and on-staff Administrator approve.  Attached monitoring and any other affected FS-provided services must be revived upon server reactivation.  Ticket details, resolution data, any helpful information WILL be logged to the permanent notes in the dedicated server profile in question.  After determining that the server is once again in an optimal and secure operating condition, the customer will be allowed to upgrade to higher DEFCON levels, pending an Administrator’s approval. 
 
Phase III - Administrative Hold.
In the event of a second moderate to major violation of this nature WITHIN 60 DAYS, as determined by currently on-call Abuse Engineer or Administrator, the server in question will be semi-permanently deactivated, including all attached services & support pathways.  A ticket will be logged with the Administrative Staff, and the server will be set to Abuse Quarantine status.  The server will remain deactivated until an Administrator is satisfactorily convinced of the customer's ability to handle administration of end-user content going forward.  The customer in question will be required to sign a "Final Chance" clause, if approved for reactivation by an Administrator, which, if breached, will require a mandatory cancellation of services (WITHOUT RECOURSE) regardless of the circumstances involved. 
 
Stipulations to Administrative Hold & Expiring Violations.
There is no required turnaround time, or preset cool down period, when a server is placed into Abuse Quarantine & deactivated for the second time within the 60 (sixty) or less days.  DEFCON upgrades will *not* be available during a quarantine phase, nor will the purchase of FastServers.Net "Advanced Support", as the policing of end-user content and all related situations are wholly the responsibility of the customer in question.  As previously eluded to, multiple violations are recognized within two month (60 day) intervals - beyond that, noted Abuse violations may be deleted from the server’s permanent record.