Web applications which permit a remote user to set an arbitrary recipient allow spammers to send junk mail on your behalf. Spammers have automated methods to easily detect and exploit such vulnerabilities.

It is easy for us to track down accounts that have been used to relay spam even through web applications, since our mail system will always record the user ID of programs that have sent mail in a way that cannot be tampered. If spam is ever relayed in this way, we will disable the responsible script. For simple mail forms, we recommend this supported application over third-party scripts.

CGI/PHP scripts with the sole purpose of counting page hits are abusive, unnecessary, inaccurate and will slow down the loading of your website. We strongly recommend using real server access logs instead.

Avoid using CGI/PHP applications for handling HTTP errors (such as 403 or 404). FastCGI applications are acceptable, as long as they do not establish database connections at every hit. Note that errors are already logged to your HTTP error-log file.

Whenever possible, we recommend that you test and debug experimental software on another system before deploying it on the master server. In some cases, it can be convenient to use a backup server to test experimental software. Since we provide redundant servers, you always have access to one or more backup server containing a mirror of your files.

A wealth of tools are available to help debugging and testing, such as top, ps/ pstree, gdb and valgrind. For C and C++ applications, use of the -g flag is recommended even for production binaries (the added debugging information is not loaded into memory on execution - it only uses disk space).

Applications that execute persistently on our servers must use some method to insure that CPU is not being wasted unnecessarily when the program is not doing any useful work. Usually, synchronous I/O multiplexing is used:

• The select(2) and poll(2) interfaces.
• The kqueue(2) interface (*BSD servers only).
• The libevent library.
• The Perl POE framework (select() and poll() are also usable from Perl).
• The liboop library.
• GLib's main event loop.

Server-side software is our speciality, so don't hesitate to contact our technical support department if you need assistance.

IRC bots such as eggdrop are not allowed on the main server arrays. However, we do have servers that are available for this purpose at no extra cost. If you would like to use a bot, please send a request to our technical support department and we will provide you with shell access on such a server.

We allow web-based IRC clients such as CGI:IRC under our IP-based packages (minimum Budget), but the list of allowed channels must be restricted. The user must not be permitted to join arbitrary channels. Your script must also bind to your own v-host IP address. In CGI:IRC, we would therefore require the following settings in cgiirc.config:

vhost = your-vhost-ip
allow_non_default = 0

Users are not allowed to run any type of server-side daemon which forwards connections to arbitrary remote hosts, without explicit approval from us. We are constantly monitoring connections made from our servers to remote locations, and this allows us to detect proxy activity very quickly. We will immediately suspend accounts which are found to run proxy software without our permission.

We have very quick and efficient methods of detecting spam originating from accounts on our servers. Our policy is to immediately suspend accounts responsible for spamming, unless the spam is a result of a security breach in some user application (for example third-party PHP script), and we can to easily disable the specific application and contact the owner about it.

Network scanners such as nmap, scanners for security vulnerabilities or exploits are proscribed on all of our servers, regardless of their intended purpose. If you want to use our servers to perform very specific security audits against your own equipment, you must contact us about it.