Bulletproof hosting


Bulletproof hosting is a service provided by some hosting (such as cloud, dedicated, domain or web hosting) firms that allows their customer considerable leniency in the kinds of material they may upload and distribute, or the activities that they can engage in with their purchased host without getting taken down as a result of complaints and (formal) abuse reports. Spammers,[1] cybercriminals, blackhat hackers and providers of online gambling or illegal pornography are amongst the users of such hosting companies, knowing that they are more suitable for the persistence of their activities than regular hosting.[2]

Most regular service providers have terms of service that do not allow certain materials to be uploaded or distributed, or the service to be used in a particular way or for certain (malicious) activities. They will take action if their infrastructure is used for illicit, malicious or illegal purposes, and may suspend hosting service to the customer after complaints or abuse reports, both to minimize the risk of their IP subnet being blocked by anti-spam filters using Internet Protocol (IP) address-based filtering, and to avoid facilitating malicious, illicit and illegal activities on the internet. Additionally, some service providers may have ethical concerns that underpin their service terms and conditions.

In contrast to regular service providers, a bulletproof host allows a content provider (their customer) to bypass the laws or contractual terms of service regulating Internet content and service use in its own country of operation, as many of these 'bulletproof hosts' are based 'overseas' (relative to the geographical location of the content provider). Usually, hosting providers that are known (by the webmaster and internet community) as 'bulletproof hosting' are so informally, which means they are usually not advertising being part of this market. However, the nature of their services attracts customers that are spammers or cybercriminals, as the core of what they provide is either completely ignoring all abuse reports and complaints about the activities of customers, or not handling them properly and constructively, which means their goal is not having to take action (and not taking action) on such filed abuse reports and complaints, no matter the report's standard of evidence. When it is taken even further, bulletproof hosting, due to its values, will sometimes also attempt to not obey (execute) court orders until it is forced either through authorities entering their datacenters, or through action from their upstream providers. The use of a so-called 'bunker' to illustrate these objectives, has been characteristic for multiple bulletproof hosters worldwide. However, due to the dependence on upstream provider and underground power lines, it is no more than illustrative.

All of these efforts combine to provide their customers the service of being able to quite literally do whatever they want, without the nature of these (usually illicit) activities presenting a risk to the continuity of their hosting services. Altogether, this makes the hosting provider suitable for cybercriminals and providers of illegal content/content that isn't legal in jurisdictions with its target audience.

Many if not most 'bulletproof hosts' are in China,[1] other parts of Asia, and Russia/Russia's surrounding countries, though this is not always the case.[3] For example, McColo, responsible for 2/3rds of the world's spam when taken down, was US-based.

Bulletproof hosting providers have a high rate of turnover, as many shut down, whether by choice or by being forced to, if their alternative would be to compromise client freedom (as this is their main selling point).[4]

The presence of bulletproof hosting providers is a thorn in the side of the web hosting and internet services community, as they can be targeted by threat actors and spammers operating from such a hosting provider. This community therefore shares advice on blocking such providers to prevent damage, and gathers opinions on which hosting providers to declare as bulletproof: generally those with a reputation for not dealing with constructive abuse reports and complaints, with sufficient evidence of instances of abuse and illicit activity coming from a customer. Only the upstream provider of a bulletproof hoster has the power required to bring along change. Movements that started with, or passed by, upstream providers (e.g. those that understand a certain firm is a bulletproof hoster, engaged in activities they want to distance themselves from, or when they are ordered to suspend or alter their services to a certain customer by a court or legal authorities) subsequently have led to the shutdown of known bulletproof hosters, some of which are listed below under "Notable closed services".

  1. ^ a b "In China, $700 Puts a Spammer in Business: It's a great deal, if you're a spammer.", CIO, 2009-05-08.
  2. ^ "McColo referred to as 'bulletproof hosting'", The Washington Post
  3. ^ Real World Fast-Flux Examples, the Honeynet Project
  4. ^ Shahzad, Sunil. "Bulletproof Hosting". BlueAngelHost. Retrieved 25 July 2016.

Powered by 654 easy search