Acceptable use policy

Version Date: February 20th 2013

Capitalized terms used in this Acceptable Use Policy shall have the meaning given in the EPhost Terms of Service Agreement. You may incur additional charges for exceeding usage limitations and restrictions and your Services may be suspended or terminated for violation of this Acceptable Use Policy. Therefore, it is important that you read and understand this Acceptable Use Policy. No refunds of fees paid will be made if account termination is due to violation of the terms outlined below. EPhost may modify this Acceptable Use Policy at any time by posting a new version on our website.

USAGE LIMITATIONS AND RESTRICTIONS

Disk Space Web

The amount of disk space you can use is determined by the amount allocated in your web hosting plan. Some restrictions apply for shared hosting customers. Aside from a compressed backup file of your website, no one file may exceed 5GB in size. At least 90% of your web pages ("HTML") must be linked with files (GIF, JPEG, etc.) stored on EPhost servers. Websites that are found to contain either/or no HTML documents or a large number of unlinked files are subject to file deletion or account cancellation at the discretion of EPhost without prior notice. Usage outside these levels will require the use of a dedicated file server.

Email Accounts; Email Disk Space; Thresholds

The amount of email addresses and email disk space you can use is determined by the amount allocated in your web hosting plan. Some restrictions apply to the use of email. Some attachment file extensions are banned for security reasons including but not limited to executable files. Email accounts found to have weak passwords will be suspended or their password rotated without warning. A single domain may not have more than 120 email addresses or exceed 24GB. You may not exceed a maximum aggregate in/out threshold value of 100 email messages in 10 minutes, 200 messages in 20 minutes, and no more than 1500 email messages per account per day. Usage outside these levels will require the use of a dedicated email server, and prior approval of EPhost.

Shared Databases; Database Disk Space

The amount of databases and database disk space you can use is determined by the amount allocated in your web hosting plan. Some restrictions apply to the use of our shared database servers. A single database may not be larger than 5GB including both the actual database file and the log file combined. Excessive levels, as determined by EPhost, of connection attempts and transactions (queries) are not permitted. We do not permit the storage of any personally identifiable information including but not limited to credit card details and social security numbers on shared database servers. Databases usage outside these levels will require the use of a dedicated database server.

Bandwidth

The amount of bandwidth you can use is determined by the amount allocated in your web hosting plan. Some restrictions apply to ensure the overall quality-of-service for all customers. Shared hosting customers may not exceed 10Mbps of bandwidth on any shared hosting plan. Dedicated, cloud, and co-location customers may not exceed 75Mbps of bandwidth due to other bandwidth commitments. In either case, usage above 5Mbps is regulated and you must obtain prior approval from EPHost beforehand. Potential consequences for unexpected high usage may include service disconnection, modification of your hosting plan, price changes, the application of rate limiting, or other consequences, all as determined in EPhost's sole discretion.

Backup Disk Space

The amount of backup disk space you can use is determined by the amount allocated in your web hosting plan. Shared hosting customers are not charged for disk space associated with the backup of your website files. Some restrictions apply for all customers to reduce the overall network load and disk space associated with backups. Unusually large files, large directories, log files, compromised files, and program files may be excluded from backups at EPhost's sole discretion. Managed file-level server backups may not exceed 200GB per server. Cloud server images may not exceed 200GB per server (aggregated images). Usage outside these amounts will require the use of a dedicated backup server.

Unlimited and Unmetered Services

EPhost may provide hosting services which are designated as "unlimited" or "unmetered" which is to say they are not allocated a quota. However, web servers and networks have a finite amount of resources and therefore such services are limited to those maximums as determined solely by EPhost. Additionally, usage outside normal and necessary amounts may be considered abusive and is prohibited. This may include, but is not limited to, bandwidth, hard disk space, CPU and RAM.

Other Service Limits

Many features in your web hosting plan may not indicate a particular allocated amount, or limit, due to the vast amount of features offered. When used within the normal scope of typical website activity you will be able to freely use these features as needed. EPhost does reserve the right to determine what is considered over usage, or abusive levels of use, and may charge accordingly or elect to discontinue your service.

Continuous Use

Your web hosting service is designed to be available for continuous use 24 x 7 x 365. In some cases, certain continuous and aggressive processes may place undue stress on the resources of your shared, co-located or dedicated server, and/or the EPhost network itself, and are prohibited as they reduce the typical life expectancy of these resources substantially. These situations are rare and are solely determined by EPhost. Potential consequences may include service disconnection, modification of your hosting plan, price changes, the application of rate limiting, or other consequences, all as determined in EPhost's sole discretion.

VPN / Proxy Usage

VPNs can be a convenient and secure way to access your server or virtual server remotely for access to file shares and shared web applications. That said, your VPN usage cannot be used to connect your local computer to your server then on to the Internet; the connection may not be used as a gateway, router or otherwise proxy requests. Additionally, you are not permitted to configure your connection to browse the EPhost network including accessing your other servers within the EPhost network. Only point-to-point connections to that server are allowed for the purposes of securely sharing files and web applications. All VPN connections must be registered with EPhost so that we may issue IP subnets accordingly.

Cloud Usage

Notwithstanding the overall limits in this Acceptable Use Policy, some limits apply to the usage of our cloud hosting service. Cloud hosting fees are calculated on an hourly basis per your cloud hosting plan once a server has been provisioned and whether the server is on or off. Certain actions such as server provisioning, de-provisioning (deleting), server backup images, and the conversion of servers to templates tax the cloud system more than normal. Excessive use of these features is prohibited. Additionally, over provisioning a server with equal to or more than 4 cores or 4GB of RAM must be pre-approved by EPhost.

General Server Usage

Dedicated, virtual, cloud and collocated server customers may install software on their server. Appropriate licensing for your software is required at all times. Software used for the purpose of sending/receiving email and/or accessing 3rd party website content must first be approved by EPhost as improper use may potentially degrade the reputation of our IP addresses. All IP numbers associated with your server must be allocated and provisioned by EPhost. The use of protocol sniffer software is expressly forbidden. The installation of certain networking software, including but not limited to DHCP and NLB, must be approved and provisioned by EPhost to avoid network conflicts.

Unauthorized Access

Any attempt to access (read or write) other accounts on the same server (shared hosting), access unauthorized parts of the server (shared hosting), or access other servers on the network (servers), whether by your own action or due to misconfiguration, is strictly prohibited. In such cases, your account may be closed at the discretion of EPhost.

Failure to Secure; Negligence

Failure to secure your website files or server according to current industry best practices is prohibited. Any website found to be abandoned, running insecure software or code, un/misconfigured, compromised, or simply neglected may be suspended until made safe or otherwise terminated. Servers found to be running mis/unconfigured applications or without adequate port protection (firewalling) may be suspended or terminated as well.

BULK OR COMMERCIAL E-MAIL

You must obtain EPhost's advance approval for any bulk or commercial email, which will not be given unless you are able to demonstrate, at a minimum, that: (1) your intended recipients have given their consent to receive e-mail via some affirmative means, such as an opt-in procedure; (2) your procedures for soliciting consent include reasonable means to ensure that the person giving consent is the owner of the email address for which the consent is given; (3) you retain evidence of the recipient's consent in a form that may be promptly produced on request, and you honor the recipient's and EPhost's requests to produce consent evidence within 72 hours of receipt of the request; (4) You have procedures in place that allow a recipient to revoke their consent — such as a link in the body of the email, or instructions to reply with the word "Remove" in the subject line; you honor revocations of consent within 48 hours, and you notify recipients that the revocation of their consent will be implemented in 48 hours; (5) You must post an email address for complaints (such as abuse@ephost.com) in a conspicuous place on any website associated with the email, you must register that address at abuse.net, and you must promptly respond to messages sent to that address; (6) You must have a privacy policy posted for each domain associated with the mailing; (7) You have the means to track anonymous complaints; (8) You must not obscure the source of your email in any manner. Your email must include the recipient's e-mail address in the body of the message or in the "TO" line of the email; and (9) You must not attempt to send any message to an email address if 3 consecutive delivery rejections have occurred and the time between the third rejection and the first rejection is longer than fifteen days.

These policies apply to messages sent using the Services, or to messages sent from any network by you or any person on your behalf that directly or indirectly refer the recipient to a website hosted via the Services. In addition, you may not use a third party email service that does not practice similar procedures for all its customers. These requirements apply to distribution lists created by third parties to the same extent as if the list were created by you. EPhost may test and otherwise monitor your compliance with its requirements, including requesting opt-in information from a random sample of your list at any time. In addition, EPhost may block the transmission of email that violates these provisions.

UNSOLICITED EMAIL & SPAMMING

Unsolicited commercial advertisements ("SPAM") are not allowed in email, and will likely result in account cancellation. EPhost takes a zero-tolerance approach to SPAM originating from its servers or for spam advertising of domains hosted within our network. If found, we will charge you up to $25 per unsolicited email message sent and delete your account without any prior notice. NOTE - If you use the services of another provider to promote a website hosted by or through EPhost, then the provisions of the above policy shall apply as if the SPAM were sent through our servers.

CONDUCT RESTRICTIONS

In General

EPhost has created the Services with the goal of establishing a hosting service environment that contains and promotes socially responsible content on the Internet. Accordingly, EPhost does not allow adult content, content that promotes intolerance of any race, religion, ethnicity, or other difference or that seeks to deny civil liberties or human rights, or advocates violence or physical harm to others. This description is not all inclusive, but serves to set the tone for EPhost's goals. Content or websites that are not deemed consistent with EPhost's objectives or that may result in liability or harm to EPhost, as determined in EPhost's sole discretion, may be immediately deactivated by EPhost without notice, or liability to EPhost of any kind. EPhost will determine the method, schedule, timing and scope of any actions undertaken to enforce such restrictions. In any given case, EPhost shall not be obligated to undertake enforcement actions, if EPhost in its sole discretion determines otherwise.

Specific

Customer agrees that Customer will not knowingly use the Services, among other things, to:

(a) collect, transmit, or store any type of adult, mature, or sexually explicit content;

(b) "stalk" or otherwise harass another;

(c) promote or provide instructional information about illegal activities, promote physical harm or injury against any group or individual, or promote any act of cruelty to animals; or

(d) upload, post, email, transmit, or otherwise make available any content that is unlawful, harmful, threatening, abusive, harassing, tortious, defamatory, vulgar, obscene, libelous, invasive of another's privacy, hateful, or racially, ethnically, religiously, or otherwise objectionable;

(e) harm minors in any way;

(f) impersonate any person or entity, including but not limited to an EPhost employee, forum leader, guide, or host, or falsely state or otherwise misrepresent Customer's affiliation with a person or entity;

(g) collect or using email addresses, screen names or other identifiers without the consent of the person identified (including, without limitation, phishing, Internet scamming, password robbery, spidering, and harvesting);

(h) collect or use information without the consent of the owner of the information;

(i) use of the Service to distribute software that covertly gathers information about a user or covertly transmits information about the user;

(j) use of the Service for distribution of advertisement delivery software unless: (i) the user affirmatively consents to the download and installation of such software based on a clear and conspicuous notice of the nature of the software, and (ii) the software is easily removable by use of standard tools for such purpose included on major operating systems;

(k) undertake any conduct that is likely to result in retaliation against EPhost, or EPhost employees, officers or other agents, including engaging in behavior that results in any server being the target of a denial of service attack;

(l) forge headers or otherwise manipulate identifiers in order to disguise the origin of any content transmitted through the Services;

(m) upload, post, email, transmit, or otherwise make available any content that Customer does not have a right to make available under any law or under contractual or fiduciary relationships (such as inside information, proprietary, and confidential information learned or disclosed as part of employment relationships or under nondisclosure agreements);

(n) upload, post, email, transmit, or otherwise make available any content that infringes any patent, trademark, trade secret, copyright, or other proprietary rights of any party;

(o) upload, post, email, transmit, or otherwise make available any unsolicited or unauthorized advertising, promotional materials, "junk mail," "spam," "chain letters," "pyramid schemes," or any other form of solicitation;

(p) upload, post, email, transmit, or otherwise make available any material that contains software viruses or any other computer code, files, or programs designed to interrupt, destroy, or limit the functionality of any computer software or hardware or telecommunications equipment;

(q) interfere with or disrupt the Services or servers or networks connected to the Service, or disobey any requirements, procedures, policies, or regulations of networks connected to the Services;

(r) intentionally or unintentionally violate, attempt to violate, or avoid any applicable ICANN regulation or policy;

(s) intentionally or unintentionally violate any applicable local, state, national or international law, including, but not limited to, regulations promulgated by the U.S. Securities and Exchange Commission, any rules of any national or other securities exchange, and any regulations having the force of law;

(t) provide material support or resources (or to conceal or disguise the nature, location, source, or ownership of material support or resources) to any organization(s) designated by the United States government as a foreign terrorist organization pursuant to section 219 of the Immigration and Nationality Act; or

(u) probe, scan, penetrate or test the vulnerability of a EPhost system or network or breach the EPhost security or authentication measures, whether by passive or intrusive techniques, without EPhost's express written consent.

You must have valid and current information on file with your domain name registrar for any domain hosted on the EPhost network. You agree that if the IP numbers assigned to your account are listed on an abuse database like Spamhaus, you will be in violation of this Acceptable Use Policy, and EPhost may take reasonable action to protect its IP numbers, including suspension and/or termination of your service, regardless of whether the IP numbers were listed as a result of your actions. You agree that we may quarantine or delete any data stored on a shared system if the data is infected with a virus, or is otherwise corrupted, and has the potential to infect or corrupt the system or other customers' data that is stored on the same system. You agree that if you register a DNS record or zone on EPhost managed or operated DNS servers or services for a domain of which you are not the registrant or administrative contact according to the registrars WHOIS system, that, upon request from the registrant or administrative contact according to the registrars WHOIS system, EPhost may modify, transfer, or delete such records or zones.