Acceptable Use Policy

Effective Date: May 7, 2026 | Last Modified: May 7, 2026

1. Purpose and Scope

This Acceptable Use Policy ("AUP") establishes standards for use of CutVPS infrastructure and Services. All customers ("you," "your," or "User") agree to comply with this AUP as a condition of using CutVPS Services. This policy applies to all VPS instances, resources, and associated infrastructure. Violations of this policy may result in service suspension or termination without refund.

2. Prohibited Activities

You agree not to use CutVPS Services for any of the following prohibited activities:

2.1 Spam and Unsolicited Communications

Prohibited activities include:

• Sending bulk unsolicited emails (spam) or SMS messages
• Operating open mail relays or open SMTP servers
• Distributing spam through forums, comment systems, or other platforms
• Sending emails to non-consenting recipients without proper consent mechanisms
• Selling email addresses or contact lists obtained through spam
• Operating email harvesting or scraping operations
• Bypassing spam filters or authentication systems
• Conducting unsolicited advertising campaigns or mass marketing

2.2 Malware and Malicious Code

You shall not:

• Create, distribute, or execute malware, viruses, worms, trojans, or other malicious software
• Host malware distribution services or repositories
• Create ransomware or data encryption extortion schemes
• Operate botnet command and control (C2) infrastructure
• Distribute remote access trojans (RATs) or keyloggers
• Host or distribute code designed to exploit system vulnerabilities
• Create rootkits or privilege escalation exploits for distribution
• Engage in cryptojacking or unauthorized resource exploitation code

2.3 Phishing and Social Engineering

Prohibited activities include:

• Creating phishing pages or spoofed websites designed to steal credentials
• Hosting login pages that impersonate legitimate services
• Conducting social engineering campaigns
• Distributing phishing emails or deceptive communications
• Operating credential harvesting infrastructure
• Hosting man-in-the-middle (MITM) attack tools or services
• Creating fake SSL certificates for impersonation purposes

2.4 Denial of Service (DoS) and Network Abuse

You agree not to:

• Initiate, facilitate, or participate in Denial of Service (DoS) or Distributed Denial of Service (DDoS) attacks
• Send excessive traffic to third-party networks with intent to disrupt service
• Conduct SYN floods, UDP floods, HTTP floods, or other volumetric attacks
• Use your VPS to launch attacks against external systems or networks
• Participate in botnet attacks or coordinate DDoS through your infrastructure
• Exploit application vulnerabilities to cause denial of service on third-party systems
• Amplify attacks through network services hosted on your VPS
• Generate excessive traffic intended to congest third-party networks

2.5 Port Scanning and Network Reconnaissance

Prohibited activities include:

• Conducting unauthorized port scans of third-party networks or IP ranges
• Running network reconnaissance tools against systems you do not own or have permission to test
• Vulnerability scanning of external systems without explicit written authorization
• Fingerprinting or banner grabbing of services outside your infrastructure
• Conducting network enumeration or IP range discovery against third-party networks
• Mapping network topology of systems outside your control
• Probing for vulnerabilities in systems operated by third parties

2.6 Copyright Infringement and Piracy

You shall not:

• Host, distribute, or provide access to copyrighted works without authorization
• Operate torrent trackers, peer-to-peer (P2P) file-sharing services for copyrighted content
• Distribute pirated software, games, movies, music, or other copyrighted material
• Facilitate download of copyrighted content through streaming services
• Host cracked software or license key generators
• Operate forums or platforms dedicated to copyright infringement
• Bypass or circumvent digital rights management (DRM) systems for distribution

2.7 Cryptographic Mining and Resource Hijacking

Prohibited activities include:

• Unauthorized cryptocurrency mining (proof-of-work or proof-of-stake based) using your VPS resources
• Facilitating third-party cryptocurrency mining on your infrastructure
• Operating mining pools or mining proxies on your VPS
• Using your VPS to provide mining services to others
• Mining that exceeds your plan's CPU allocation or causes performance degradation
• Monero, Bitcoin, Ethereum, or other cryptocurrency mining without explicit plan provision
• Providing hosting for others' mining operations

2.8 Child Sexual Abuse Material (CSAM) and Exploitation

You absolutely shall not:

• Create, distribute, possess, or provide access to child sexual abuse material (CSAM)
• Operate platforms or services facilitating child exploitation or trafficking
• Host sites, forums, or services depicting minors in sexual situations
• Engage in child grooming or exploitation activities

CutVPS has zero tolerance for CSAM. Any suspected illegal activity involving minors will be immediately reported to the National Center for Missing & Exploited Children (NCMEC) and law enforcement authorities.

2.9 Illegal Activities and Content

You shall not use your VPS to:

• Facilitate any activity that violates applicable local, state, federal, or international law
• Host content that promotes or facilitates illegal gambling, particularly targeting minors
• Distribute controlled substances or facilitate drug trafficking
• Operate fraudulent schemes, scams, or confidence games
• Facilitate human trafficking, prostitution, or sex trafficking services
• Provide hosting for illegal weapons sales or explosives
• Host content related to terrorism or extremist ideologies inciting violence
• Operate counterfeit goods distribution services

2.10 Open Resolvers and DNS Abuse

You agree not to:

• Operate open DNS resolvers that respond to queries from third-party networks
• Host authoritative nameservers misconfigured to amplify attacks
• Participate in DNS amplification attacks
• Enable DNS recursion from untrusted sources on your nameservers
• Host NTP, SNMP, or other services configured as DDoS amplifiers

3. Resource Usage and Bandwidth Limits

3.1 Plan Resource Limits

Each plan includes the following resource allocations:

• General Starter ($20/mo): 2 vCPU cores, 4 GB RAM, 80 GB NVMe SSD, 3 TB bandwidth/month
• General Pro ($30/mo): 4 vCPU cores, 8 GB RAM, 150 GB NVMe SSD, 5 TB bandwidth/month
• General Business ($50/mo): 6 vCPU cores, 16 GB RAM, 250 GB NVMe SSD, 8 TB bandwidth/month
• Forex Trader ($15/mo): 2 vCPU cores, 4 GB RAM, 80 GB NVMe SSD, 3 TB bandwidth/month
• Forex Pro Trader ($25/mo): 4 vCPU cores, 8 GB RAM, 150 GB NVMe SSD, 5 TB bandwidth/month
• Forex Institutional ($40/mo): 6 vCPU cores, 16 GB RAM, 250 GB NVMe SSD, 8 TB bandwidth/month

3.2 Bandwidth Overage Charges

Bandwidth usage is monitored monthly. If your usage exceeds your plan's allocation, overage charges apply at the rate of $0.01 USD per gigabyte (GB) of excess bandwidth. These charges will be added to your monthly invoice.

3.3 Excessive Resource Consumption

You agree not to use your VPS in a manner that:

• Consistently exceeds your plan's CPU, memory, or disk allocation
• Causes resource exhaustion or denial of service to neighboring VPS instances on the same physical hardware
• Overwhelms the physical host's resources, impacting performance for other customers
• Continuously generates excessive disk I/O, consuming the hypervisor's I/O budget
• Runs memory leaks or processes consuming unbounded resources

CutVPS reserves the right to temporarily suspend or throttle your VPS if resource consumption impacts infrastructure stability or other customers' services. In cases of repeated or severe violations, we may upgrade you to a higher plan or suspend your account.

4. Network Abuse Monitoring and Detection

CutVPS employs automated and manual monitoring systems to detect network abuse, including:

• Traffic analysis and pattern recognition for DDoS-like behavior
• Port scanning detection across the network
• Outbound connection monitoring for botnet C2 or malware communication
• Spam detection systems monitoring email and outbound SMTP traffic
• Honeypot and malware detection infrastructure
• Third-party abuse notifications from ISPs and victims
• DMCA takedown notice analysis and correlation

If suspicious activity is detected, we will notify you and may investigate your infrastructure. You agree to cooperate with investigations and provide evidence of legitimate use when requested.

5. DMCA Takedown and Copyright Compliance

5.1 Takedown Process

If we receive a Digital Millennium Copyright Act (DMCA) takedown notice alleging copyright infringement on your VPS, we will:

• Notify you of the allegation with details of the infringing content
• Provide you with a copy of the takedown notice
• Provide you an opportunity to file a counter-notice within ten (10) business days
• Disable access to the allegedly infringing content unless a counter-notice is filed
• Reinstate content only if the copyright holder withdraws the notice or fails to pursue legal action

5.2 Counter-Notice Procedure

If you wish to contest a DMCA takedown, you may file a counter-notice with CutVPS including:

• Your signature (physical or electronic)
• Identification of the affected content
• Statement that the content does not infringe copyright or was removed in error
• Consent to submit to jurisdiction of federal court (for your location)
• Verification that the complaint was issued in error or that you have a valid license

Submit counter-notices to support@cutvps.com with "DMCA Counter-Notice" in the subject line. CutVPS will consider your counter-notice and may reinstate the content if we determine the counter-notice has merit.

5.3 Repeat Infringers

Accounts with repeated DMCA takedowns or copyright violations may face suspension or termination at CutVPS's sole discretion.

6. User Content Responsibility

You are solely responsible for all content on your VPS, including ensuring compliance with applicable laws and third-party rights. CutVPS does not pre-screen, monitor, or endorse content on customer VPS instances (except when investigating abuse reports or security threats). By hosting content on CutVPS, you warrant that:

• You own or have the legal right to distribute all content
• Content does not violate applicable law or infringe intellectual property rights
• Content does not violate CutVPS's terms or AUP
• You will indemnify CutVPS for claims arising from your content

6.1 Security Responsibility

CutVPS provides unmanaged VPS hosting with full root access. You are solely responsible for the security of your VPS instance, including but not limited to:

• Keeping your operating system and software up to date with security patches
• Configuring firewalls, SSH access controls, and authentication mechanisms
• Securing all passwords, API keys, and credentials used on your VPS
• Monitoring your VPS for unauthorized access or compromise
• Backing up your data regularly

CutVPS is not liable for any data loss, security breach, or service disruption caused by your failure to adequately secure your VPS. If your VPS is compromised and used for malicious activity (spam, DDoS, malware distribution), CutVPS may suspend your service under Section 7 regardless of whether the activity was initiated by you or by an unauthorized third party who exploited your security configuration.

7. Enforcement and Disciplinary Tiers

7.1 Progressive Enforcement

CutVPS uses a progressive enforcement approach for policy violations:

7.2 Tier 1: Warning

For first-time minor violations, you will receive an email warning describing:

• The violation and evidence supporting the claim
• Specific policy section violated
• Required corrective action
• Timeline for compliance (typically 24-72 hours)
• Consequences of non-compliance

You must respond to the warning and provide proof of remediation.

7.3 Tier 2: Service Suspension

For repeated or severe violations, CutVPS may suspend your Services without prior notice, including:

• Disabling SSH/RDP access to your VPS
• Blocking inbound and outbound traffic
• Preventing access to the control panel
• Suspending billing while the VPS is disabled

During suspension, your data is retained but inaccessible. Suspension typically lasts 7-14 days pending investigation and your response to our inquiries.

7.4 Tier 3: Termination

For egregious violations, repeated non-compliance after warnings and suspension, or activities involving illegal content or harm to others, CutVPS will:

• Immediately terminate your account and Services
• Delete all data on your VPS after seven (7) days
• Forfeit any prepaid fees or credits
• Block your email address from re-registering
• Report the violation to law enforcement if appropriate

7.5 Exceptions to Progressive Enforcement

CutVPS reserves the right to skip enforcement tiers and proceed directly to suspension or termination without warning for:

• Child sexual abuse material (CSAM) or child exploitation
• Active DDoS attacks or ongoing network abuse
• Malware distribution or botnet operations
• Immediate threats to infrastructure or other customers
• Court orders or law enforcement demands
• Regulatory compliance requirements

8. Abuse Reporting and Investigation

8.1 How to Report Abuse

If you believe a CutVPS customer is violating this AUP, please report the abuse to:

• Email: support@cutvps.com
• Subject: "Abuse Report - [Specific Violation]"

8.2 Required Information

Please provide the following in your abuse report:

• IP address of the offending VPS (if known)
• Specific violation (spam, malware, DDoS, phishing, etc.)
• Timestamp(s) of the violation
• Evidence supporting the claim (logs, screenshots, network traces, etc.)
• Your contact information for follow-up
• Description of harm or impact caused by the violation

8.3 Investigation Process

Upon receiving an abuse report, CutVPS will:

• Acknowledge receipt of the report within 24 hours
• Investigate the alleged violation within 5 business days
• Contact the customer for their response or explanation
• Determine whether the policy was violated
• Take appropriate enforcement action (warning, suspension, termination)
• Notify you of the investigation outcome (subject to customer privacy)

8.4 False Reports

Repeatedly filing false or frivolous abuse reports may result in blocking your abuse reporting access or termination of your account if you are also a CutVPS customer.

9. Law Enforcement and Legal Cooperation

CutVPS cooperates fully with law enforcement agencies and governmental authorities. We maintain logs and records that may be disclosed to law enforcement in response to:

• Valid subpoenas or court orders
• Requests from law enforcement agencies with proper legal authority
• Urgent requests to prevent harm (emergency disclosures)
• National security letters or other legal process

We retain connection logs for a minimum of thirty (30) days to facilitate law enforcement investigations.

10. Policy Updates

CutVPS reserves the right to update this Acceptable Use Policy at any time. Material changes will be effective fourteen (14) days after notification via email or prominent website notice. Your continued use of CutVPS Services constitutes acceptance of the updated policy.

11. Contact and Support

For questions regarding this Acceptable Use Policy or to report abuse, contact us at:

• Email: support@cutvps.com
• General Inquiries: hello@cutvps.com
• Website: https://cutvps.com