Frequently Asked Questions

Here are some frequently asked questions potential members (and the public) often have about NearlyFreeSpeech.NET and our services. If you wish to restrict the list of FAQs to only those containing certain keywords, enter them below. Otherwise, all public FAQs will be displayed. (Our members have a much more detailed FAQ accessible via the member interface. Non-members can peek at that here.)

Search Keywords:

3 questions matched your search.

Policy Questions

Technology Questions

Non-Member Questions

Policy Answers

  • Can I use your ssh server as a web/SOCKS proxy?

    No. We are entirely focused on web hosting and our Terms and Conditions of Service expressly forbid the use of our ssh server for any purpose other than maintaining content hosted here. That prohibition definitely includes using our ssh server as any kind of web or SOCKS proxy for accessing the Internet.

    We try to run an open system that provides our members with the most powerful tools for managing their content. As a result, we allow outbound network connections from the ssh server for people who need to move content from/to elsewhere, and we allow ssh port forwarding so people can access their MySQL processes from offsite and so that they can securely access their own sites hosted here.

    However, we can and do check for outbound network connections that use our ssh subsystem as a proxy, and our system automatically kills them. Furthermore, we may be forced to take appropriate action if we observe repeated or blatant attempts to misuse our system in this way, including but not limited to revoking ssh access (which will require you to use our paid support to regain) or, in extreme cases, terminating a membership.

Technology Answers

  • Do you support TLS for member sites?

    Yes.

    We support modern/secure TLS using certificates issued by the authority of your choice. You are welcome to generate and use your own key and obtain certificates for aliases in any domain name you own, or you can have us do it for you for a small fee, or you can use streamlined tools we provide that work with the Let's Encrypt project to secure your site.

    TLS on our system is implemented using the SNI (Server Name Indication) extension of TLS. This has widespread support, but somewhere out there on the Internet, some ridiculously obsolete browser or ancient device with outdated firmware can't handle it. If you have a requirement to support old, known-insecure versions of SSL, we cannot meet that requirement.

    Our implementation of TLS has not been audited for and we do not support its use for the following:

    • PCI DSS compliance for credit card processing. (Use a third-party processor; we're very happy with Stripe.)
    • HIPAA compliance for sensitive medical information. (There's paperwork. Lots of it. You need a specialized — and very expensive — provider who can help prepare your compliance documents.)

Non-Member Answers

  • One of your members hosts something for me (or my/our organization). Will you give me access to it?

    No.

    We encounter a variety of situations where people contact us claiming to be the rightful owner of a web site or domain managed through our service. Such claims are typically accompanied by demands to allow the person to take over, transfer services, or take something down.

    Our policies are extremely strict and are designed to provide maximum security to our members. At NearlyFreeSpeech.NET, memberships are held by individuals. The individual person we have on record as the holder of a membership is the only person authorized to access that membership or direct us to take any action related to services we provide under that membership

    This puts people wanting access to a membership into two categories:

    First, the person whose name is on the membership. Occasionally, a member will mislay their login credentials and be unable to access the system. We are able and happy to assist with a variety of such matters; they have their own FAQ entry with the specifics.

    Second, everyone else. This includes customers, vendors, employees, employers, contractors, co-workers, relatives, friends of members, and current or former members with adjunct access, not just the general public. We apologize, but we are not able to assist you under any circumstances, unless expressly authorized to do so in advance by the relevant member, and even then only under a very limited set of circumstances (such as allowing a predesignated party to make deposits or renew domains in case of emergency). Any concern or conflict you have with the member hosting the services with us, including problems contacting them, must be resolved directly with that member or via channels other than us (e.g. the court system). There are absolutely no exceptions.

    We apologize to anyone negatively affected by our hardline stance on protecting the privacy and security of our members. While this often seems harsh to people already having some other major problem not caused by this policy, we ask them to please keep in mind the absolute chaos that would result if we handed over web sites and domains to anyone who asked for them via email based on their say-so. Thank you for your understanding.

    Note: If you contact us about accessing hosted services on a membership and you receive a link to this FAQ entry in response, then it is applicable to your inquiry, and that is the end of the discussion.

    This is the case even if you believe (or wish) otherwise. It is not unusual for people who receive such a link to think that they or their circumstances are special and therefore this entry does not apply to them. That is not the case.

    If you want to obtain services hosted by a member of our service, and you are not that member, then you have several options:

    1. Obtaining the member's assistance is always the first and best choice.
    2. All disputes involving domain names must follow the Uniform Domain-Name Dispute Resolution Policy (UDRP).
    3. If you know who the member is, sue him or her in a court of competent jurisdiction, win, and obtain a court order requiring the transfer of the assets of interest to you.
    4. If you do not know who the member is, file an in rem lawsuit against the content itself in a court of competent jurisdiction, make sure we are notified of the proceedings so we can attempt to notify the member, win, and obtain a court order requiring the transfer of the relevant assets to you.

    Absent the above, contacting us asking for access to someone else's stuff is a complete waste of your time.