Legal Document

Acceptable Use Policy

Clear rules for using freeVPS.it.com infrastructure. Written in plain English — not 40 pages of legalese that nobody reads.

Effective: January 1, 2026 Last Updated: January 1, 2026 Version 1.0

Overview

This Acceptable Use Policy ("aup.php") governs all use of virtual private server infrastructure provided by freeVPS.it.com ("we," "our," "the Service") — including free and paid tiers. By deploying a server on our platform, you agree to these terms.

We operate a shared infrastructure. One user's actions affect every other user on the same network and host node. This policy exists to protect the entire community — not to restrict legitimate use.

Plain language version: Don't mine crypto, don't send spam, don't attack other servers, don't host illegal content. Do those things and everything works fine.

Prohibited Activities

The following activities are strictly prohibited on all freeVPS.it.com servers, regardless of tier or plan type. Violation results in immediate suspension without prior warning.

1. Cryptocurrency Mining

Running any cryptocurrency mining software — including but not limited to Bitcoin, Ethereum, Monero (XMR), and all proof-of-work or proof-of-stake mining/staking operations. This includes:

  • Direct mining via CPU or GPU
  • Mining pool proxies or Stratum relay servers
  • Browser-based mining scripts (Coinhive-style)
  • Blockchain node operation for mining rewards
  • "Idle" miners that activate during low-usage periods
Zero tolerance. Crypto mining is the #1 reason free VPS providers shut down. Our automated systems detect mining processes within minutes. Accounts caught mining are terminated immediately with no appeal and no data recovery.

2. Spam & Unsolicited Bulk Communication

Sending, facilitating, or relaying unsolicited messages of any kind:

  • Bulk email (regardless of whether recipients "opted in" via purchased lists)
  • SMS spam or automated phone call systems
  • Social media spam, automated DMs, or mass follow/unfollow bots
  • Comment spam, forum spam, or guestbook flooding
  • Operating open SMTP relays or mail servers without proper authentication (SPF, DKIM, DMARC)

3. DDoS & Network Attacks

Initiating, participating in, or providing infrastructure for distributed denial-of-service attacks or any form of network attack:

  • Volumetric flood attacks (UDP, SYN, ICMP, DNS amplification)
  • Application-layer attacks (HTTP floods, Slowloris, RUDY)
  • Hosting DDoS-for-hire ("booter" / "stresser") services
  • Running reflected amplification attack infrastructure
  • Port scanning or vulnerability scanning of systems you don't own
  • Brute-force attacks against external services

4. Illegal Activities

Any activity that violates applicable laws in the jurisdiction where our servers are hosted (primarily United States and European Union), including but not limited to:

  • Distribution of child sexual abuse material (CSAM) — reported to NCMEC and law enforcement immediately
  • Fraud, phishing, or identity theft operations
  • Selling, distributing, or facilitating controlled substances
  • Hosting malware, ransomware, or command-and-control (C2) servers
  • Intellectual property infringement at commercial scale
  • Terrorist content or incitement to violence
CSAM: Any instance of child exploitation material results in immediate account termination, full data preservation for law enforcement, and reporting to the National Center for Missing & Exploited Children (NCMEC) and relevant authorities. No exceptions.

Network Abuse

Your free VPS server shares network infrastructure with thousands of other users. Maintaining clean IP reputation is critical for everyone.

Prohibited Network Activities

  • IP Spoofing: Forging source IP addresses in outbound packets
  • ARP Spoofing: Intercepting traffic on local network segments
  • DNS Hijacking: Operating rogue DNS resolvers that return modified results
  • Tor Exit Nodes: Running Tor exit relays on shared infrastructure (Tor bridges and middle relays are permitted)
  • Open Proxies: Running unauthenticated SOCKS or HTTP proxies accessible to the public internet
  • Traffic Amplification: Operating misconfigured DNS, NTP, or memcached servers exploitable for reflection attacks
VPN/Proxy Clarification: Running a private VPN (WireGuard, OpenVPN) for personal use is perfectly fine. Running a commercial VPN service or public proxy on the free tier is not — it disproportionately consumes shared bandwidth and attracts abuse reports.

Resource Usage & Fair-Share Policy

Free tier servers operate on shared hardware with fair-share CPU scheduling. You're entitled to the resources listed in your plan specifications, but sustained abuse of shared resources impacts other users.

Acceptable Resource Use

  • Running web servers, application servers, and databases
  • Compiling code and running CI/CD pipelines
  • Hosting game servers for small communities
  • Running background processes, cron jobs, and automation scripts
  • Using RDP or XRDP for remote desktop access
  • Streaming and media processing at reasonable scale

Unacceptable Resource Use

  • Sustained 100% CPU for 24+ hours — unless the workload is a legitimate, documented process (contact support if you have a genuine computational task)
  • Deliberate RAM exhaustion — fork bombs, memory leak exploits, or OOM-triggering scripts
  • Bandwidth abuse — operating high-traffic CDNs, public file mirrors, or torrent seedboxes on the free tier
  • Disk abuse — filling storage with random data to prevent the system from reclaiming space
  • Creating multiple free-tier accounts — one free VPS per person/entity. Duplicate accounts will be merged or terminated
Legitimate high-CPU workloads: If you're compiling a large project, running scientific simulations, or doing ML training — that's fine for reasonable durations. We distinguish between useful compute and wasteful abuse. When in doubt, open a ticket before starting the job.

Content Restrictions

You are solely responsible for all content hosted on, transmitted through, or served from your VPS instance.

Prohibited Content

  • Child sexual abuse material (CSAM) — immediate law enforcement referral
  • Malware distribution, exploit kits, or phishing landing pages
  • Doxxing — hosting personal information of individuals without consent for harassment purposes
  • Counterfeit goods storefronts
  • Piracy hubs operating at commercial scale

Content We Don't Police

We are not in the business of moderating opinions, political views, or legal speech. As long as your content doesn't fall into the prohibited categories above and complies with applicable law, we won't interfere with what you host.

Security Obligations

You are responsible for the security posture of your VPS instance. A compromised server affects the entire network.

Your Responsibilities

  • Keep software updated — unpatched services are the #1 vector for server compromise on our platform
  • Use strong authentication — SSH keys preferred over password-based login; disable root password login when possible
  • Configure firewalls — close unused ports; don't expose management interfaces to 0.0.0.0
  • Monitor for compromise — if your server starts sending spam or participating in attacks because it was hacked, you're still responsible under this policy
  • Respond to abuse reports — if we forward an abuse complaint to you, respond within 48 hours with corrective action taken
Compromised servers: If we detect that your VPS has been compromised and is actively participating in attacks or spam, we will suspend the instance first and notify you second. This protects the network. You'll receive instructions for remediation and reinstating service.

Enforcement Actions

When we detect a policy violation, the response is proportional to severity. Here's exactly what happens at each level:

Level 1 — Warning

For minor or first-time violations that don't actively harm other users. You'll receive an email describing the violation and a 48-hour window to correct the issue. No service interruption.

Level 2 — Suspension

For moderate violations or failure to respond to a Level 1 warning. Your VPS is stopped (not deleted). You can still access the panel and your data. Service is restored once the violation is resolved and you acknowledge the issue.

Level 3 — Immediate Termination

For severe violations including crypto mining, DDoS, CSAM, malware distribution, or fraud. Account and all associated data are permanently deleted. No appeal process. In cases involving illegal activity, data may be preserved and handed over to law enforcement.

Level 4 — Network Ban

For repeat offenders or extreme cases. All current and future accounts from the associated identity, email domain, and payment method are permanently blocked from the platform.

Violation Severity Reference

Quick reference table showing common violations and their enforcement level:

Violation Severity Action Appeal?
Cryptocurrency mining Critical Immediate termination No
Outbound DDoS attack Critical Immediate termination No
CSAM hosting Critical Termination + law enforcement No
Malware / C2 server Critical Immediate termination No
Phishing pages Critical Immediate termination No
Spam / bulk email Critical Immediate suspension Limited
Port scanning external hosts High Suspension + warning Yes
Tor exit node operation High Suspension + warning Yes
Public open proxy High Warning → suspension if ignored Yes
Multiple free accounts High Duplicate accounts terminated Limited
Sustained 100% CPU (24h+) Medium Warning → throttle if ignored Yes
Unpatched compromised server Medium Suspension until remediated Yes
Bandwidth overuse (free tier) Medium Speed reduction → upgrade suggestion Yes
Failure to respond to abuse report Medium Suspension after 48h Yes

Reporting Abuse

If you've identified abuse originating from a freeVPS.it.com IP address, report it immediately. We take every abuse report seriously.

How to Report

  • Email: abuse@freeVPS.it.com
  • Include: Offending IP address, timestamps (with timezone), log excerpts, description of the abuse
  • Response time: We acknowledge abuse reports within 12 hours and take action within 24 hours
DMCA / Copyright Notices: DMCA takedown requests should be sent to dmca@freeVPS.it.com with the standard DMCA notification requirements. We comply with the DMCA safe harbor provisions.

Policy Modifications

We may update this aup.php as our infrastructure and threat landscape evolves. Here's how changes work:

  • Minor clarifications: Updated without advance notice. The "Last Updated" date at the top of this page reflects the latest revision.
  • Substantive changes: Announced via email to all registered users at least 14 days before taking effect. Continued use of the service after the effective date constitutes acceptance.
  • Emergency changes: In response to active abuse campaigns or legal requirements, we may implement immediate policy changes. Users will be notified as soon as reasonably possible.

Contact Information

Questions about this policy, or unsure whether your intended use case is permitted? Ask before deploying.

Related Policy Documents