Acceptable User Policy

CompuWeb Communications Services Ltd trading as CWCS Managed Hosting, henceforth CWCS, provides Internet hosting Services. By using the Services provided by CWCS, Customers agree to comply with the Acceptable Use Policies outlined in this agreement and to indemnify CWCS against any claims by third parties arising from violation of this Policy.

CWCS reserves the right to make changes to this Acceptable Use Policy at any time, and any changes will be effective immediately upon posting to CWCS website: www.cwcs.co.uk. CWCS’s Customers are responsible for regularly reviewing the Policy. Continued use of the Services following any changes shall constitute acceptance of the changes.

This policy recognises the fundamental fact that no one owns or controls the Internet. CWCS cannot monitor or control all the activities of our Customers. We do not intend to actively screen, review, censor, edit or take responsibility for the activities or content of our Customers. The Customer, not CWCS, assume all responsibility relating to their Internet activities including, but not limited to:

• Aspects of the Customer’s business.
• Content and data provided by or through a Customer for use with the Services.
• Decisions about Customer’s computer and communications systems needed to access the Services.
• Results obtained from using CWCS Services.
• Compliance with all applicable laws and governmental regulations regarding Customer’s business or use of the Services.
• Use of the CWCS services by Customer’s end users.
• Compliance with this Acceptable Use Policy by the Customer and the Customer’s end users.

Activities conducted on the Internet are subject to many of the same laws and regulations applicable to the offline environment. Customers must exercise a high degree of judgement and responsibility with respect to their use of the Services, including the responsibility to comply with this Acceptable Use Policy. Customers will violate this Policy when they or their affiliates engage in any of the following activities:

Using the CWCS network or other CWCS resources in any way that adversely affects other CWCS Customers is strictly prohibited. This includes but is not limited to:

• Gaining or attempting to gain unauthorised access to servers or services. Such attempts include “Internet scamming” (tricking other people into releasing their personal information), password robbery, security hole scanning, port scanning,
  probing, monitoring or testing for system or network vulnerabilities.
• Introducing viruses, Trojan horses, trap doors, back doors, Easter eggs, worms, time bombs, packet bombs, cancel bots or other computer programming routines that are intended to damage, detrimentally interfere with, surreptitiously intercept or expropriate
  any system, data or personal information.
• Intentionally omitting, deleting, forging or misrepresenting transmission information, including headers, return addressing information and IP addresses. Using IP addresses which were not assigned to them by CWCS.
• Maintaining an Open Email Relay/Open Data Relay or allowing any data to be sent through one’s server by an unrelated third party, including, but is not limited to, via open email gateways and open proxy servers.

Accounts may be terminated that include content or which have links to content that:

• Is unlawful or is considered offensive by the web community. Promotes injury or physical harm against any group or individual.
• Promotes or teaches illegal activities.
• Exploits or depicts children in a negative/sexual way.
• Infringes on copyright, patents, trademarks, trade secrets, or other intellectual property including pirated computer programs, cracker utilities, warez and software serial numbers or registration codes.
• Violates any law, statute, ordinance or regulation governing the Customer’s business or activities, including without limitation the laws and regulations governing export control, unfair competition, false advertising, consumer protection, issuance or sale of securities, trade in firearms, privacy, data transfer and telecommunications.

CWCS has zero tolerance for the sending of SPAM or Unsolicited Commercial Email (UCE) over our network. CWCS Customers cannot send UCE and cannot host sites or information advertised in UCE. Customers are also responsible for the actions of their clients and must take all reasonable precautions to secure their servers and sites against SPAM exploits (e.g. open email relays and insecure PHP scripts).

• The sending of bulk emails, defined as the sending of the same email, or emails which are substantially the same, unless recipients have agreed to double-opt in to the mailing list. Proof may be required of the subscription opt-in process. CWCS does not permit the sending of bulk email to recipients whose details have been obtained from third-party sources.
• Hosting content on a CWCS server which is advertised or linked to by a bulk e-mail campaign, even if this campaign is not run from a CWCS server.

Violating our UCE or SPAM policy will result in penalties. Upon detection or notification of a violation of our UCE policy, CWCS will initiate an immediate investigation. During this time, outgoing mail may be suspended from the offending IP address to prevent further violations. If a client is found to be in violation of our UCE policy, CWCS will impose penalties and/or, at its discretion, restrict or terminate the offending account and the Customer’s access to our network. Repeated or serious violations may result in the immediate termination of the account. SPAM is a very serious matter. PLEASE DO NOT SPAM. EDUCATE YOUR CLIENTS and TAKE ALL PRECAUTIONS against SPAM EXPLOITS.

To facilitate network/server management, inventory and related activities, all CWCS Servers include a CWCS administrative account and password and/or a CWCS daemon. All reasonable precautions are taken by CWCS to maintain the security of these tools and the privacy of client data. Customers must not tamper, hinder, delete, or in any way change the functioning of these tools. To do so intentionally or otherwise is grounds for the immediate suspension of Customer’s hosting account.

For some shared resources, we require that customers do not continuously use an unreasonable excess of those resources (using them in a burstable fashion is, of course, entirely acceptable). Examples of an excess might include continuously & actively using swap on VPS rather than upgrading RAM, cryptocurrency mining (excluding colocated servers), running software that uses all available CPU constantly or continuously using many times the base-allocation of unmetered bandwidth. In such circumstances, we reserve the right, at our discretion, to request that the client cease such activities or be forcibly upgraded to a more suitable package or, in the case of excess use of unmetered bandwidth, be moved to a metered bandwidth connection.

This Acceptable Use Policy (AUP) is not exhaustive. CWCS has the right to refuse service to anyone at any time WITHOUT WARNING OR PRIOR NOTICE. No refunds of fees paid will be made if account termination is due to a violation of the Acceptable Use Policy as outlined above.

From time to time CWCS’s customers may be targeted by DDoS Attacks. In this scenario, CWCS will take reasonable endeavours to mitigate the impact of the attack. CWCS reserves the right to implement the use of “null routes” and/or remotely triggered black holes on targeted IP addresses in order to prevent attack traffic impacting CWCS’s network.

CWCS will notify customers who have been blocked in this situation, and customers must take steps to mitigate against further attacks by using DDoS mitigation services for hosted sites such as Cloudflare, Akami or Incapsula before replacement IP addresses will be issued.

CWCS reserves the right to permanently disconnect customers who are repeatedly targeted by high volume DDoS attacks.

CWCS will forward abuse complaints to customers with the expectation that they are handled promptly and the offending sites are removed. CWCS may act to block or disconnect websites or servers hosting malware or phishing sites in order to reduce harm to internet users. Websites using legacy technology or known vulnerable code that is being used for malicious intent, we will disable until it has been either secured or upgraded to the latest stable release.

Servers which are identified as being compromised at the root level (e.g. by detection of a root kit) will be immediately disconnected from our network and cannot be reconnected until restored to a known good state (by formatting and reinstallation of the OS). CWCS will work with customers to retrieve data from the server prior to this, however it is important to note that blindly restoring websites without fixing the root cause of the problem which allowed the server to be compromised in the first place will only result in the server being “rooted” again.