Acceptable Use Policy

1. Scope

This AUP applies to all customers, users, contractors and visitors who use hosting, email, DNS, SSL, migration support or any other service provided by eXthus Cloud (“we”, “us”, “our”) under the eXthus Cloud brand. It applies to content you publish, store, transmit or process using our infrastructure, including websites, files, databases, cron jobs, APIs and outbound email.

2. Permitted use

Our services are intended for lawful business and professional use. You may host WordPress websites and related applications that:

• Comply with applicable law in the United Kingdom and any jurisdiction where your site is targeted or operates;
• Respect intellectual property, privacy and data-protection rights;
• Operate within the resource limits of your plan and any fair-use guidelines we communicate to you;
• Are maintained with reasonable security practices, including timely updates to WordPress core, themes and plugins where you manage them.

3. Prohibited use

You must not use our services to host, distribute, link to or facilitate any of the following:

• Illegal content or activity, including fraud, harassment, hate speech where unlawful, exploitation, or infringement of copyright or other rights;
• Malware, viruses, ransomware, phishing kits, command-and-control infrastructure, or tools designed to compromise systems;
• Unauthorized access attempts, port scanning, denial-of-service activity, or traffic designed to disrupt networks or third-party services;
• Spam or bulk unsolicited communications, including email sent without valid consent or in breach of applicable anti-spam law (including PECR where relevant);
• Proxy or VPN services, open relays, or anonymisation services offered to third parties without our prior written approval;
• Cryptocurrency mining, blockchain nodes, or other workloads that place sustained abnormal load on shared or managed infrastructure;
• Adult content where unlawful, or content that violates card-scheme or payment-provider acceptable-use rules if you process payments on your site;
• Storage or distribution of large volumes of unrelated files, warez, pirated media, or backup archives unrelated to your hosted website without agreement;
• Resale or sublicensing of hosting capacity to third parties as a generic hosting provider, unless agreed in writing.

4. WordPress and application security

You are responsible for the security of your website code, credentials, and user accounts. You must not:

• Use weak or shared administrative passwords, or leave default credentials in place;
• Install plugins or themes from untrusted sources, or knowingly run vulnerable software without remediation;
• Store payment card data on our servers in ways that breach PCI DSS requirements — use compliant payment gateways instead;
• Expose administrative interfaces to unnecessary public access without additional protection (for example IP restriction or two-factor authentication).

Where we provide managed hardening, monitoring or updates as part of your plan, those measures supplement but do not replace your obligations. We may apply platform-level blocks, patches or isolation where we reasonably believe your site threatens other customers or our network.

5. Resource use and fair use

Plans include defined storage and are designed for typical business WordPress workloads. You must not:

• Consume excessive CPU, memory, I/O or outbound bandwidth in a way that degrades service for others on shared or managed platforms;
• Use hosting primarily as a file-distribution or media-streaming CDN without a suitable plan;
• Run cron jobs, imports or backups so frequently that they materially impact server performance.

We may ask you to optimise, upgrade your plan, or move to a more appropriate product if usage is persistently outside normal managed WordPress hosting patterns.

6. Email use

Where email sending or mailboxes are provided or relayed through our environment:

• All marketing email must include a lawful basis, clear identification of the sender, and a working unsubscribe mechanism where required;
• Bounce and complaint rates must be kept within industry-acceptable limits;
• You must not harvest addresses, use purchased lists without provable consent, or relay mail through our servers for third-party bulk campaigns.

We may throttle, queue, block or suspend mail that appears abusive, compromised or likely to harm our sending reputation.

7. Data and privacy

You are responsible for personal data processed through your website. You must have appropriate privacy notices, lawful bases, and data-processing arrangements. Do not upload or process special-category or sensitive data unless your site and our service are suitable and lawfully configured for that purpose. See our Privacy Policy for how we handle data as a hosting provider.

8. Reporting abuse

If you believe a customer on our network is violating this AUP, contact us via our contact page or through the client portal with relevant URLs, timestamps and evidence. We investigate reports in good faith and may take action including content removal, account suspension, or referral to law enforcement where appropriate.

9. Enforcement

We may monitor for security threats, abuse indicators and policy breaches as part of operating a managed hosting platform. If we reasonably believe you have breached this AUP, we may:

• Notify you and request remediation within a stated timeframe;
• Disable specific features, sites, scripts, cron jobs or mail paths;
• Suspend or terminate services to protect our network, other customers, or legal compliance;
• Preserve and disclose information where required by law or to establish, exercise or defend legal claims.

Serious or repeated breaches, or activity that cannot be made safe promptly, may result in immediate suspension without prior notice. Fees are not refunded where suspension arises from your breach of this AUP, subject to our Terms of Service.

10. Changes

We may update this AUP from time to time. The “Last updated” date at the top of this page will change when we do. Material changes will be communicated where appropriate (for example by email to account holders or notice in the client portal). Continued use of the services after changes take effect constitutes acceptance of the revised AUP.

11. Contact

Questions about this policy: contact eXthus Cloud or use the WHMCS client portal. For legal or compliance enquiries, include your account email and domain name so we can respond accurately.