Acceptable use policy

This Acceptable Use Policy (“AUP”) defines the terms under which customers (“Customer”) engage with HostUp AB, corporate number 559290-1325 (“HostUp”), regarding the subscription service (“Service”) provided by HostUp. Non-compliance with this policy may result in limitation of resources or suspension of services.

If we discover a violation, we will typically give you ample warning so that you can address the issue without service interruption. This does not apply to intentional activities, such as those related to crypto/blockchain, or in cases where we confirm that your virtual machine has been “hacked” and is carrying out attacks or other intentional malicious activities on a large scale. In those cases, we will suspend your service immediately to protect our platform.

Prohibited activities on our platform

Crypto/blockchain activities: Engaging in mining, staking, validation, or other blockchain-related activities that cause abnormal server load is prohibited.

VPS resource usage (disk DWPD):

We strive to maintain optimal performance and longevity for our storage infrastructure, so that most customers enjoy high speed and reliability. We therefore enforce a 1 DWPD (Disk Writes Per Day) limit. This is sufficient for 99% of all users and helps protect our systems from excessive wear and tear.

The rule is simple: on average, you may write — and read — as much data per day as your VPS has storage. For example, a VPS with 200 GB of storage may write up to 200 GB per day. Short bursts above this are fine: you can temporarily write up to three times your daily allowance at full speed, and your allowance refills continuously.

If you frequently exceed this limit (e.g., large log files, crypto, or extremely disk-intensive workloads), our automatic limiter will reduce read/write speeds. This does not suspend your VPS, but your system may slow down until you fall back under the threshold. Reaching the limit is rare under normal usage and usually indicates heavy disk-intensive or blockchain-related workloads.

Data redundancy: Your data is mirrored across three servers, so although the total capacity used is 3 DWPD, your effective allowance is 1 DWPD.

VPS resource usage (CPU): While RAM and storage are dedicated, CPU is under a fair-usage policy. Brief spikes to 100% are fine, but not continuously 24/7. If your service blasts 100% CPU for days or weeks, we’ll automatically limit you to ~50%—the typical dedicated share—to ensure fair use. You remain online, but performance may decrease until you address the issue.

VPS resource usage (bandwidth): If you use up all bandwidth, your virtual machine will be suspended unless you have an agreement (e.g., a cloud account where you pay hourly & per GB bandwidth) that is charged based on total usage instead of a fixed quota. You can purchase more bandwidth in the client area at any time to reactivate the service. A notification is sent out when you reach 80% usage with information on how to purchase more.

VPS resource usage (DDoS protection): Every VPS includes network-layer (L3/L4) DDoS scrubbing and SYN-flood protection (SYN cookies) at no extra cost. You can activate the scrubber yourself at any time in the client area. This protects against common network-layer floods, but it does not include mitigation of large volumetric or UDP-based attacks. Protection against such attacks is not included by default and requires a separate, paid agreement — contact us if you need it.

Using VPS to send mass mail: On our VPS platforms, all outgoing mail is relayed through Mailchannels for spam filtering and delivery assurance. You must not exceed 10,000 emails per month.

Sending mail without using relay: By default, we require you to use our mail relay service. This means you cannot send mail directly to recipients unless it’s relayed through us. This is to filter out spam and comply with email regulations. If you wish to send mail directly from your VPS, we can allow this after reviewing your account. Contact us so we can remove the block! Note that Port 25 outgoing is blocked by default to protect the IP reputation of legitimate senders on the same subnet. This means you won't be able to send mail without using the relay or asking us to remove the block.

Having a weak root password: We set a relatively strong default root password. If you change it, you must ensure it remains strong. In cases of weak passwords, brute force attacks are almost guaranteed to succeed, allowing attackers to use your VPS for malicious activity against other networks.

General rules and prohibited activities

Support volume: Access to support is fair-use. This means that the number of support cases you are allowed to open cannot drastically exceed the average.

Support area: We are happy to help you fix problems if possible, but we cannot help with things that are outside our support area. If the problem is not related to our services (e.g. a problem with a wordpress plugin) we cannot help with the problem. However, we can refer you to 3rd party support for a fee if it is not possible to contact the developer directly.

Ordering process: Please disable your VPN or proxy before placing your first order so your account can be reviewed properly. Once your account is approved, you may place future orders with a VPN enabled.

Accurate account and payment details: You must provide accurate and truthful details (name, address, etc.) when ordering. For all orders, we cross-check the cardholder name and other details reported by the bank or card issuer against the details on your account. If, after a detailed investigation, we find that intentionally false details were provided (e.g., ordering with someone else’s card or identity), we will close your client profile and bar you from future purchases. Honest mistakes — such as a typo or a card in a family member’s name — are not treated as fraud; we may simply ask you to verify your details.

Illegal activities: The Service may not be used for illegal contests, lotteries, gambling, pyramid schemes, chain letters, unsolicited bulk email (spam), or any duplicative or unsolicited messages, whether commercial or otherwise.

Harassment and abuse: Users must not defame, abuse, harass, stalk, threaten, or otherwise violate the legal rights of others (including privacy and publicity rights).

Objectionable content: Publishing, posting, uploading, or otherwise disseminating defamatory, obscene, or unlawful material is prohibited.

Intellectual property violations: Users must not upload, post, or otherwise make available any material that infringes on others’ intellectual property rights (e.g., copyright, trademark) without proper authorization.

Malicious software: Uploading files containing viruses, Trojan horses, worms, or other malicious programs that could harm another’s property is strictly prohibited.

Service interference: Users must not disrupt other users’ access to the Service, including methods like overloading, flooding, spamming, mail bombing, or crashing the Service.

Privacy violations: Users must not harvest or otherwise collect information about others (e.g., email addresses) without their consent.

Legal compliance: All activities conducted through the Service must comply with applicable laws, rules, and regulations.

Fraudulent conduct: Creating a false identity or otherwise misleading others is prohibited.

Network integrity: Unauthorized access, network probing, or port scanning is prohibited unless you have explicit authorization from the owner of the network or host.

Unauthorized usage: HostUp customers may not deploy services to facilitate or offer DOS/DDOS mitigation as a service.

TOR, VPN and proxies: Running a private VPN for your own use is allowed — for example, so that you, your household, or your organization’s staff can connect securely through your VPS. However, it is not allowed to buy a VPS in order to sell, rent out, or otherwise provide VPN, proxy, or anonymization services to outside users — whether for payment or for free. This includes, among other things, commercial VPN services, VPN reselling, public proxy servers, and TOR exit nodes. In short: a personal VPN is fine; VPN as a service to others is prohibited. The purpose is to protect our IP reputation and to avoid situations where, for example, Google forces reCAPTCHA on all our customers because of a single abusive user.

Resource limiting and violation handling

In most cases, we will not immediately suspend or terminate a VPS if we detect issues. Instead, we do the following:

• Initial warning or resource limit: We send you an email or open a support ticket explaining the problem. For high CPU usage (100% for days/weeks), we apply a 50% CPU limit until you fix it. If you reach your disk write limit, our system automatically throttles disk performance without taking you offline.
• 72-hour acknowledgment window: Once notified, you have up to 72 hours to confirm you’re aware of the issue and plan to address it. If you don’t reply or take corrective action within that time, we may proceed with further limitation or suspension.
• Severe abuse cases: Immediate suspensions can occur for proven illegal activity, hacking, spam campaigns, or other malicious activities that threaten our platform or other networks.
• Intentional abuse — client profile closure: If, after investigation, we determine that a violation is intentional (e.g., deliberate crypto activities, selling VPN services to outside users, fraudulent payment or identity details, or repeated abuse after a warning), we may — in addition to terminating the affected service — close your entire client profile and bar you from future purchases. Such a decision is never made automatically or lightly: we investigate every case carefully and individually before taking action.

Reporting abuse

If you suspect another user of malicious or prohibited behavior, please send full details to [email protected]. We investigate every report, but we may not always respond directly. We only suspend or terminate services when we confirm the abuse or receive a valid court order.

For any other questions or uncertainties about what’s allowed, feel free to open a support ticket.