Comment by jlokier

I've been using Hetzner for 10 years for a wide variety of bespoke networking services, in-store VPNs for commercial clients, video content distribution, and standard services like websites, mail servers, compute resources, and development servers. All sorts of things. They are one of my largest IT expenses, and I'm happy with their service in many respects.

They're easily my favourite hosting provider!

But their recent reputation around "crypto" [except we make up what that means on the fly] mega-bans is toxic to any business that wants to use Hetzner for reliable hosting of anything mission critical.

Here's how I understand their reputation at the moment. (Clarification from Hetzner would be very welcome!):

A combination of not clearly saying what they will ban, giving zero notice, banning all of a customer's servers at once, blocking access to backup data as well, and providing no recourse to recover (e.g. by stopping running something). So at best they should be used as a cheap backup or compute resource, but it's an uncomfortable risk to use them for something mission critical - a mail server or customer data processing server for example - as long as they keep to this "intentionally vague surprise mega-ban" policy.

They don't seem to ban a lot of customers, but the recent uncertainty affects more. It's not good that a number of customers, including me, simply can't tell if they are at risk of a ban, especially when running novel complex services. Even if they just banned one server and let you carry on operations with the others, that would be a big improvement. Or if they told you what to stop doing. Or if they provided time to get your data off or to correct an issue to their satisfaction.

It's one thing to have a policy preferring nobody runs a blockchain node, or a news or software distribution website which is blockchain-adjacent. Similar perhaps to those places that have a policy against IRC or gaming nodes. It's another thing to not say what the real policy is anywhere and associate it with abrupt mega-bans. The ToS only says mining.

Advice I've seen to someone banned that "you should have taken backups, tough" is mocking: After a ban you can't access your backups which they encourage to keep on their backup service, of course. It also makes sense technically to backup onto another Hetzner server, maybe at a different datacenter. Unfortunately the only safe thing to do is backup outside Hetzner entirely but they won't recommend that until it's too late.

As far as I can tell, there is no place at Hetzner which says what their mega-ban policy really is, and it looks capricious and unpredictable in practice. Different Hetzner staff say different things. The few public responses on this show that they appear to not care to understand the question, which adds to that sense that you don't know what activities are a risk and what aren't. Part of the problem is that peer-to-peer distributed systems in general are being ever more relevant, and look like "crypto" from the outside (and crypto-related techniques underly some technical methods of stabilising p2p networks).

Someone who only runs a website they think is safe will get banned one day under that policy, because it has some crypto news or something on it, or because some Wordpress module uses a p2p client to fetch some files, and they will be completely surprised.

It reminds me of Google and Stripe, where we hear a trickle of randomly banned customers whose lives or businesses are ruined through no fault of their own, with no recourse.

Except as far as I can tell, unlike with Google and Stripe, complaining about a Hetzner ban on Hacker News seems unlikely to have an effect. There is no Edwin for Hetzner. Or is there? Maybe that will change now they have a USA presence :-)