Now Random Webhosts Are Demanding Wikileaks Mirrors Be Taken Down Over Possibility Of DDoS?

by Mike Masnick | Techdirt
Dec. 23, 2010

With all the attempts by corporations to distance themselves from Wikileaks -- often claiming dubious legal issues or terms of use violations that don't seem to really exist -- the EFF is pointing out that one of the (many, many) Wikileaks mirror sites was told by his hosting company he had to remove it or he'd lose his account. The reasoning was quite bizarre. The host claimed that its upstream provider was worried about potential DDoS attacks:

Recently we heard from a user who mirrored the Cablegate documents on his website. His hosting provider SiteGround suspended his account, claiming that he "severely" violated the SiteGround Terms of Use and Acceptable Use Policy. SiteGround explained that it had gotten a complaint from an upstream provider, SoftLayer, and had taken action "in order to prevent any further issues caused by the illegal activity."

SiteGround told the user that he would need to update his antivirus measures and get rid of the folder containing the Wikileaks cables to re-enable his account. When the user asked why it was necessary to remove the Wikileaks folder, SiteGround sent him to SoftLayer. The user asked SoftLayer about the problem, but the company refused to discuss it with him because he isn't a SoftLayer customer. Finally, SiteGround told the user that SoftLayer wanted the mirror taken down because it was worried about the potential for distributed denial of service (DDOS) attacks. When the user pointed out that no attack had actually happened, and that this rationale could let the company use hypothetical future events to take down any site, SiteGround said that it was suspending the account because a future DDOS attack might violate its terms of use.

Taking down a site because it might possibly be subject to a DDoS attack in the future? How does that make sense? We were confused enough when EveryDNS claimed that getting hit by a DDoS violated its terms of service, but its even more confusing to think that the remote possibility that at some date in the future you might get hit by a DDoS is a terms of service violation.

Separately, I was quite surprised to see SoftLayer's name as being involved here, because I'm aware of other situations in which SoftLayer has been protective of customer rights and not prone to act rashly. So I'm curious if this was a miscommunication or if something else happened.