Sign in
NoKycVPS acceptable use policy offshore anonymous VPS hosting guidelines
Acceptable use · Effective Jun 27, 2026

Run what you want.

We host things other providers won't. There is one line we don't cross, and a handful of network rules so the infrastructure keeps working for everyone else. That's it.

The short version Skip to the red line
In one paragraph

Anything legal somewhere is welcome here. We won't suspend a service because a foreign authority is unhappy with it, because someone filed a DMCA notice, or because another provider would have refused. The one categorical exception is child sexual abuse material. Beyond that, there are a few technical rules — spam, network abuse, scanning others — that exist purely so the network keeps working for everyone.

01

What you can run here

The kind of thing other providers will quietly suspend on a complaint, but that is perfectly legal in some jurisdiction somewhere on Earth. A non-exhaustive list:

  • Privacy and anonymity infrastructure: Tor relays and exits, I2P routers, mixnet nodes, VPN exits, anonymous remailers.
  • Cryptocurrency: Bitcoin and Lightning nodes, Monero nodes, validator nodes, RPC endpoints, block explorers, mixer-adjacent services, DEX backends.
  • Journalism and dissident publishing, leak archives, mirrors of news taken down for political reasons.
  • File hosting, image boards, paste services, IRC bouncers, XMPP servers, federated social media (Mastodon, ActivityPub, Nostr relays).
  • Adult content for consenting adults — legal porn, sex-work platforms.
  • Gambling, prediction markets, gaming servers, private trackers.
  • Harm-reduction and drug-policy reform sites, dark-net marketplaces' clearnet mirrors, controlled-substance research.
  • Speech that is legal somewhere but controversial elsewhere: religious dissent, political opposition, satire, criticism of regimes, of religions, of brands.
  • Self-hosted everything: mail servers, git forges, password managers, photo libraries, document signing, anything you'd rather not run on a US hyperscaler.

If a use case isn't on this list, that doesn't mean it's disallowed — it means we didn't think of it. Default rule: if it's legal somewhere and isn't a network-abuse pattern listed below, run it.

02

The one red line

Child sexual abuse material is the only content category we will not host under any circumstance.

This includes generated material depicting minors, "lolicon" or "shota" anime that depicts characters who are described or visually rendered as children, and indexes or distribution networks for the above. Discovery results in immediate termination without notice or refund, and we will surrender evidence to the relevant child-protection authority.

This is the only category. It is non-negotiable, not because we're contractually obliged to ban it, but because hosting it is something we won't do.

03

Network limits (so the infrastructure keeps working)

These rules exist because they affect other customers and the upstream networks we depend on, not because we have a moral objection to them.

  • No outbound spam. Bulk unsolicited email is the fastest way to get our IP space blacklisted, which hurts every other customer. We don't ban a single misconfigured mail server — we ban deliberate spam-cannon operation.
  • No port-scanning, vulnerability probing, or unauthorized intrusion attempts against third parties. Research scanners that respect scan-opt-out patterns and run rate-limited are fine. Bulk SSH/RDP brute-forcing isn't.
  • No DDoS origination, no booter / stresser-as-a-service. Same logic: it ties up our pipes and gets our networks null-routed.
  • No open recursive DNS resolvers or open mail relays. Run your own resolver / smtp, but bind to your own clients or to localhost. Open relays get abused within hours of going live.
  • No cryptocurrency mining on shared VPS hosts. CPU mining starves neighbouring VMs, and the unit economics don't work anyway. Dedicated servers can mine all they want — you have the whole machine.
  • No exploit of the host hypervisor. If you find one, tell us — you'll get six months free and we'll fix it. If you weaponise it, you get terminated and we keep the balance.

"No" here means "we'll throttle, null-route, or terminate the offending service if it's actively breaking the network for others." It does not mean "we'll proactively scan to find out." The detection is reactive — upstream complaints, traffic anomalies, our own monitoring.

04

Jurisdiction is your problem

Whether your particular content is legal where you live, or where your visitors live, is not a question we adjudicate. We host according to the jurisdiction our infrastructure sits in. You are responsible for whether running your service from there is sensible for you.

We will not pre-emptively suspend a service because a foreign government, a corporation, or a private complainant disapproves of it. We will act only on the conditions in the terms of service: a binding judicial order from a competent court, narrowly scoped, with advance notice to you.

05

How we enforce these rules

For the red line (section 02): immediate, unilateral termination. No notice, no refund.

For network limits (section 03):

  • First, we send an email describing the problem and the upstream complaint or traffic signature. You have 24 hours to respond and fix it.
  • If the abusive traffic continues, we throttle or null-route the offending IP or service until you've addressed it.
  • If a repeat pattern is established (same kind of abuse, multiple services, after warnings), the account is terminated and the balance is forfeit.

For everything else — complaints, DMCA, abuse forms, foreign police requests, demands from private actors, takedown notices — we don't act. Those go straight to the bin.