Acceptable Use Policy

Last Revised: January 24, 2026

PREAMBLE AND GENERAL POLICY

Section 1.01 Purpose and Scope.

This Acceptable Use Policy (hereinafter the "AUP") governs the permitted and prohibited uses of the network, infrastructure, website, and all associated products and services (collectively, the "Services") provided by Apefo Ltd trading as Yhost ("Provider", "we", "us"). This AUP is incorporated by reference into, and forms an integral part of, the Yhost Master Services Agreement. By accessing or using the Services, Customer ("you") agrees to comply strictly with the terms set forth herein. The primary goals of this AUP are to protect the security, integrity, and reliability of Provider's network and systems, to ensure compliance with applicable laws, and to protect the reputation of Provider and its other customers.

Section 1.02 Zero Tolerance Approach.

Provider maintains a Zero Tolerance Policy regarding the abuse of its network and Services. Customer is solely responsible for all activity that occurs under their Account, regardless of whether such activity was authorized by Customer. Customer must take all necessary security precautions to prevent their services from being used for abusive purposes.

Section 1.03 Sole Discretion and Enforcement.

Provider reserves the sole and absolute right to determine, in its reasonable business judgment, what constitutes a violation of this AUP. Provider is not obligated to monitor Customer Content but reserves the right to do so. Upon detecting a violation, Provider reserves the right to take immediate corrective action without prior notice to Customer, depending on the severity of the violation. Such actions may include, but are not limited to:

1. Issuing a formal warning to Customer;
2. Temporarily suspending or throttling network access to the offending Service;
3. Blocking access to specific offending content or applications;
4. Immediately terminating the affected Services or Customer's entire Account without refund; and/or
5. Reporting the activity to relevant law enforcement authorities and cooperating with any resulting investigation.

In the event of termination for an AUP violation, Customer shall forfeit any right to a refund of pre-paid fees and may be held liable for costs incurred by Provider to rectify the abuse, including blacklisting removal fees or legal costs.

ARTICLE II. EMAIL AND ANTI-SPAM POLICY

Section 2.01 Prohibition of Spam.

The transmission, distribution, or delivery of Unsolicited Bulk Email (UBE) or Unsolicited Commercial Email (UCE), collectively referred to as "Spam," is strictly prohibited under any circumstances. This prohibition applies regardless of whether the email is sent directly from Provider's network or from a third-party network that references, links to, or promotes a domain name, website, or email address hosted on Provider's infrastructure ("Spamvertising").

Section 2.02 Opt-In Requirement and Mailing List Compliance.

Customer may only send commercial emails to recipients who have expressly and verifiably consented ("opted-in") to receive such communications. The use of purchased, rented, harvested, or scraped email lists is unequivocally prohibited. Customer agrees that all mailing list applications and activities must comply with all applicable laws, including but not limited to the U.S. CAN-SPAM Act of 2003 and the EU General Data Protection Regulation (GDPR). Every marketing email must contain a valid physical postal address of the sender and a functional, automated unsubscribe mechanism ("opt-out") that is clearly visible and immediately honored.

Section 2.03 IP Reputation Protection.

Customer acknowledges that the reputation of Provider's IP address space is a critical asset. If Customer's actions result in any of Provider's IP addresses being placed on a recognized blacklist (including, but not limited to, Spamhaus, Barracuda, SpamCop, or major ISP blocklists like Google or Microsoft), the offending Service will be immediately suspended. Customer may be assessed substantial administrative fees to cover the costs and time associated with delisting procedures and reputation repair.

Section 2.04 Port 25 Blocking on Infrastructure Services.

As a preventative measure against spam abuse, Customer acknowledges and agrees that outbound connections on TCP Port 25 (SMTP) are blocked by default on all Cloud VPS and Dedicated Server instances. Customers with a legitimate, verified need to run a mail server may request the removal of this block by submitting a formal support ticket with detailed justification and evidence of acceptable mailing practices. Approvals are subject to Provider's strict vetting process and sole discretion. Provider reserves the right to revoke access to Port 25 at any time, without notice, if abnormal email activity is detected.

ARTICLE III. PROHIBITED CONTENT AND ILLEGAL ACTIVITIES

Section 3.01 General Prohibition on Illegal Content.

Customer may not use the Services to store, publish, distribute, provide access to, or link to any material that violates the laws of the United Kingdom, Germany, the United States, or the jurisdiction in which the Customer resides or operates.

Section 3.02 Specific Prohibited Content Categories.

Without limiting the generality of Section 3.01, the following types of content are explicitly prohibited:

1. Child Sexual Abuse Material (CSAM): The hosting, possession, or distribution of any material depicting the sexual exploitation or abuse of minors is absolutely prohibited. Provider will immediately terminate services and report such activity to the National Center for Missing and Exploited Children (NCMEC) and relevant law enforcement agencies worldwide.
2. Terrorism and Violent Extremism: Content that promotes terrorism, provides instructions for illegal acts, incites violence, or propagates hate speech against protected groups based on race, ethnicity, religion, gender, or sexual orientation.
3. Intellectual Property Infringement: Hosting or distributing unauthorized copies of copyrighted material ("warez"), including software, movies, music, books, or material that infringes on trademarks or patents. Provider complies with the Digital Millennium Copyright Act (DMCA) and equivalent EU legislation.
4. Malicious Content: Viruses, worms, Trojan horses, ransomware, spyware, adware, rootkits, keyloggers, or any other harmful code or software designed to disrupt, damage, or gain unauthorized access to a computer system.
5. Phishing and Fraud: Sites designed to steal personal or financial information through deception (phishing), fake banking sites, High-Yield Interest Programs (HYIP), Ponzi schemes, pyramid schemes, or escrow fraud.

ARTICLE IV. SYSTEM AND NETWORK ABUSE

Section 4.01 Hacking and Security Violations.

Any attempt to undermine, compromise, or cause harm to a server, network, or system of Provider or any third party is prohibited. This includes, but is not limited to: (a) unauthorized access to or use of data, systems, or networks, including any attempt to probe, scan, or test the vulnerability of a system or network or to breach security or authentication measures without express authorization; (b) unauthorized monitoring of data or traffic on any network or system; and (c) interfering with service to any user, host, or network, including, without limitation, mail bombing, flooding, deliberate attempts to overload a system, and broadcast attacks.

Section 4.02 Distributed Denial of Service (DDoS).

Launching, facilitating, participating in, or commanding Distributed Denial of Service (DDoS) attacks, DRDoS attacks, or any other form of packet flooding is strictly prohibited. Customers whose services are frequent targets of DDoS attacks may also be subject to suspension or termination to protect the integrity of Provider's network infrastructure.

ARTICLE V. RESOURCE USAGE RESTRICTIONS

Section 5.01 Shared and Managed Hosting Environments.

Customers utilizing shared hosting platforms (including Web Hosting, WordPress Hosting, and Solutions Hosting) are subject to fair usage policies to ensure server stability for all tenants. Customer may not: (a) run scripts or processes that consume excessive CPU, RAM, or Disk I/O resources for extended periods; (b) use the hosting account primarily as a generic file storage or backup repository for content not directly related to the active website; or (c) run long-running, stand-alone, unattended server-side processes, bots, or daemons.

Section 5.02 VPS and Dedicated Infrastructure.

While Self-Managed Services provide dedicated resources, certain high-risk activities that threaten network stability, IP reputation, or hardware integrity are prohibited:

1. Cryptocurrency Mining: The use of CPU or GPU resources for mining any cryptocurrency (e.g., Bitcoin, Ethereum, Monero) is strictly prohibited due to the excessive stress it places on hardware infrastructure and power consumption.
2. Public Proxies and Anonymizers: Operating open public proxies, TOR exit nodes, or anonymous VPN services that are accessible to the general internet public is prohibited due to the high risk of abuse. Private VPNs for Customer's own personal or business use are permitted.
3. Cardsharing: Running cardsharing software or related services is prohibited.