At EuroVPS, security is not optional. Protecting our infrastructure, our customers, and the digital ecosystem is a core operational responsibility.
Cyber threats such as phishing, spam, malware, account compromise, bot-driven abuse, and denial-of-service activity continue to increase across the hosting industry. In this environment, hosting providers must take fast, firm, and responsible action when abuse is detected.
Cyber threats such as phishing, spam, malware, account compromise, hacking attempts, bot-driven abuse, denial-of-service activity, credential theft, financial fraud, and the theft of sensitive personal data continue to increase across the internet. In response, EuroVPS enforces a fast, firm, and responsible approach whenever abuse, compromise, or malicious activity is detected.
That is why EuroVPS maintains a strict enforcement policy against malicious activity, compromised services, and any misuse of our platform.
This approach also reflects the broader security direction established by NIS2, which reinforces the importance of risk management, incident response, operational resilience, and stronger protection of network and information systems across Europe. While NIS2 applies at an organizational and regulatory level, its principles are clear: providers must take security seriously, respond to threats quickly, and reduce risks that may affect customers, partners, and the wider digital ecosystem.
This policy applies to all new and existing customers.
Strict Enforcement Against Abuse
EuroVPS does not tolerate any activity that threatens the confidentiality, integrity, availability, stability, or reputation of our services.
If we detect abuse, compromise, or malicious behaviour that presents a security risk, we may take immediate protective action, including suspension of the affected service, account, website, mailbox, or server.
This is not a symbolic policy. It is an operational requirement.
When a service becomes a source of abuse, delay increases risk. Immediate containment is sometimes necessary to protect other customers, preserve service stability, maintain IP reputation, avoid blacklist escalation, and reduce harm to third parties.
Activity That May Trigger Immediate Suspension
EuroVPS may suspend or restrict services immediately where we detect or reasonably suspect:
- Malware or webshell detection
- Hacked or compromised websites
- Spam or bulk mail abuse
- Phishing or malicious content hosting
- Unauthorized system access
- Suspicious outbound traffic
- DDoS or service attacks
- Customer account compromise
- Forged mail headers
- Open SMTP relay behavior
- Any other activity that threatens platform security or internet safety
Whether the abuse is deliberate or the result of a compromise does not change the immediate risk. If a service under your control is endangering others, we will act.
Why NIS2 Matters
NIS2 reflects a higher security standard for digital infrastructure and service providers operating in Europe. Its direction is clear: organizations must improve cyber resilience, strengthen incident handling, reduce systemic risk, and ensure that security failures are addressed quickly and seriously.
For a hosting provider, this means abuse handling cannot be passive. Known phishing pages cannot be left online. Outbound spam cannot be ignored. Compromised accounts cannot be allowed to continue operating without intervention. Malicious traffic cannot be tolerated when it threatens other users or damages trust in the network.
At EuroVPS, our abuse-prevention and incident-response approach is aligned with that reality. We aim to operate responsibly, reduce preventable risk, and maintain a secure hosting environment for all customers.
Spam, Blacklisting, and Responsibility
EuroVPS is strongly against spam and any infrastructure misuse related to unsolicited bulk email, phishing delivery, forged mail activity, or open relay abuse.
Spam does not only affect recipients. It can damage IP reputation, disrupt legitimate mail delivery, trigger blacklist listings, create upstream issues, and negatively affect other customers sharing the same ecosystem.
Customers are fully responsible for mail sent through their accounts, websites, scripts, applications, servers, and credentials.
Where spam activity results in an IP address being blacklisted, a minimum €75 cleanup fee may be charged in accordance with our Terms of Service and Acceptable Use Policy.
We reserve the right to suspend or terminate any account involved in spam-related abuse.
Compromise Is Not an Excuse for Inaction
We understand that not every incident is intentional. In many cases, abuse is caused by stolen passwords, vulnerable plugins, outdated CMS installations, insecure scripts, or neglected applications.
However, once a service is compromised, it becomes a live security risk.
A hacked website can host phishing content. A stolen mailbox can be used for spam. A compromised account can generate malicious outbound traffic or be used to attack others. For that reason, hacked or abused services may still be suspended until the issue has been contained and properly remediated.
Customers must not leave services unattended. Websites, applications, email accounts, and servers must be maintained, patched, and monitored appropriately.
Our Responsibility and Yours
EuroVPS is responsible for protecting the platform and acting when abuse threatens service integrity or public internet safety.
Customers are responsible for securing the content, applications, credentials, and systems under their control.
This includes, at minimum:
- keeping websites, CMS platforms, plugins, and themes updated,
- securing email accounts and SMTP usage,
- using strong passwords and multi-factor authentication,
- removing unused or obsolete software,
- monitoring for signs of compromise,
- and responding promptly to abuse or security notifications.
Where our managed service scope allows, we may assist with server-side hardening or provide best-effort guidance. However, customer websites and applications remain the customer’s responsibility unless explicitly covered otherwise.
EuroVPS has already ended support for all outdated and end-of-life operating system versions. More details are available in our FAQ : EuroVPS End of Support for Outdated Operating Systems.
What Happens If Action Is Taken
If EuroVPS suspends or restricts a service for abuse or security reasons, the client will receive a notification outlining the relevant details available after our basic investigation.
Depending on the incident, restoration may require confirmation that the threat has been fully removed and that the root cause has been addressed. This may include:
- malware cleanup,
- phishing content removal,
- password resets,
- patching vulnerable software,
- mail configuration correction,
- access review,
- or other security remediation steps.
- Service restoration will depend on risk being adequately contained.
Our Final Position
EuroVPS will not permit its infrastructure to be used for abuse, phishing, spam, malware delivery, unauthorized access, or any form of malicious, fraudulent, or unlawful activity.
Where abuse or active security threats are identified, EuroVPS may suspend the affected service immediately and investigate further as part of containment measures. You will also be notified of the relevant details. This is necessary to maintain a secure, reliable, and professionally operated hosting environment. Please note that once the notified deadline has passed, EuroVPS will not restore outdated or end-of-life servers, ports, services, or software versions back online.
We understand that security incidents can sometimes occur without the customer’s knowledge. In such cases, EuroVPS remains available to assist, provide guidance, and support the necessary corrective actions to help secure the affected service.