Best "Offshore" hosting providers

Introduction

After many years of interest in self-proclaimed “offshore”, “resilient”, “privacy” and “free speech” hosting providers and some disappointments along the way, I figured out I should conduct some final tests and publish my findings and research. This article is meant to help people who don’t have the technical knowledge or the time to research such hosts for their projects but need them.

If you want to skip my rambling you can go directly to the results here.

Philosophy

If you are reading this, you have probably already thought about the question “What should or shouldn’t be on the internet?” The things most people would not accept are Terrorism, Child Pornography, incitement of violence, far-right websites, etc. Most of them are debatable, but I think we can all agree that Terrorism and Child Pornography should be disallowed.

I will not even talk about how some governments use the word “Terrorism” to ban and surveil activists. Just think about a far-left or right association with some members who engage in “violent” actions (attacking opposing groups, puncturing tires, etc.) which can be seen as terrorism as their goal are to create fear. Should the people who have done these actions be named terrorists? Should the websites of these associations be removed from the internet?

And now, the content: Should the videos of the Christchurch or Annecy terrorist attacks be deleted from the internet? These attacks were labeled as terrorist attacks, but if someone wants to see them or their manifestos, it is not as if it will make them terrorists, right? Should all the content about these attacks be deleted so we can ‘forget’ and not learn anything?

We can also use the example of the Christchurch terrorist attack to raise another question. Who should govern the internet? New Zealand banned the attack video and started contacting websites hosting the video to require its deletion. New Zealand’s police have no right to declare this content illegal in other territories, but it hasn’t deterred them from contacting the providers and administrators of websites hosted abroad. When this is New Zealand, you may get lucky, and your hosting provider may not require you to do anything. But now, imagine the same from the US? The US successfully prosecuted The Pirate Bay administrators in Sweden for a small bit of text called magnets while what they were doing was totally okay in Sweden. The hosting provider of TPB was also prosecuted, so with this example, we can imagine why most hosting providers will not bother to defend the laws of their land for their customers.

I may have raised more questions than answers, but my point is that hosting providers should not act as judges and executioners when it comes to what content is allowed on the internet. I think that a good hosting provider should let the benefit of the doubt to his client in the case that an infraction is not clear (of course if this is some public Al Qaida recruitment website or a forum to distribute CSAM it is different). Furthermore, I believe that the law should protect these providers, especially in Europe, rather than prosecute them.

Results

As stated in the introduction, this article was created to assist people with limited knowledge of the discussed topics. If you only want the raw information, here is a comparison I have made for each hosting provider (the requirements for each category are listed below):

Providers	free speech	“hate” speech	Countries	Cryptocurrency	NO-KYC	Pornography	Abortion	Communism	Tor Exit Allowed	Not WHMCS
Banhof	✔️		SE	❌		✔️	✔️	✔️		✔️
Prq.se	✔️	✔️	SE	✔️	✔️	✔️	✔️	✔️		✔️
⭐Nicevps	✔️	✔️	CH, NL	✔️ (XMR accepted)	✔️ (no email)	✔️	✔️	✔️	✔️	✔️
FlokiNET	❌	❌	RO, IS, NL, FI	✔️ (XMR accepted)	✔️	✔️(but not in all locations)	✔️	✔️		❌
⭐Privex	✔️	✔️	NL, SE, FI, US	✔️ (XMR accepted)	✔️	✔️(but not in all locations)	✔️	✔️	✔️	✔️
BuyVM	✔️	✔️	US, LU	✔️ (XMR accepted)	❌ (kyc required on non crypto payments)	✔️	✔️	✔️	✔️	❌
1984.is		❌	IS	✔️ (XMR accepted)	✔️	❌	✔️	✔️	❌	✔️
Cockbox	✔️	✔️	RO	✔️ (XMR accepted)	✔️	✔️	✔️	✔️	✔️	✔️
⭐ URDN	✔️		UA	✔️ (XMR accepted)	✔️	❌	✔️	✔️	✔️	✔️
Hostlick	✔️	✔️	NL	✔️	❌ (don’t even accept VPN)	✔️	✔️	✔️	❌	❌
Shinjiru	✔️	✔️	MY, BG, NL, …	✔️	✔️		✔️	✔️		❌
⭐Svea	✔️	✔️	SE	✔️ (XMR accepted)	✔️	✔️	✔️	✔️	✔️	✔️
⭐Keff	✔️	✔️	SE	✔️ (XMR accepted)	✔️	✔️	✔️	✔️	✔️	✔️

Requirements

So first, I made a list of requirements I had to label an “offshore” hosting provider as a good one.

“Free speech” content:
- The hosting provider shouldn’t censor the customer because they don’t think the same way as the customer does.
“Hate speech” content:
- Hosting providers should accept to host any content labeled as ‘hate speech’ (Nazi, racist, offensive speech).
Countries:
- This one is not really a criterion as all of these hosts are in countries that respect, to some extent, freedom. You may still want to choose a different hosting country for your domain name and CDN to be more resilient and one not too far from your user base for low latency.
Cryptocurrency:
- The hosting provider should accept popular cryptocurrencies. It is better if they accept XMR (it should be the norm for a so-called ‘anonymous’ provider).
NO-KYC:
- The host shouldn’t require/verify any PII or KYC data (address, name, phone…). The best would be to not even ask for an email or a username.
Pornographic:
- The host should accept pornographic content (half of the internet is porn, so anyone will probably end up with some on their site if there is user-generated content).
Abortion:
- The host should accept to host content promoting abortion up to the point of birth.
Communism:
- The host should accept to host content promoting communist ideologies.
Tor Exit Allowed:
- The host should accept to host Tor exit nodes (I find this a good indicator of whether they are really fighting for privacy or just doing marketing).
Not WHMCS:
- WHMCS is a CMS for hosting providers that requires PII on every signup, doesn’t natively support 2FA, has proprietary code and plugins. If a hosting provider doesn’t have its own panels, I don’t think they are really fighting for the privacy, security, and sovereignty of their services and clients.
Bonus: Should give a second chance
- The hosting provider should try to find a way to resolve issues with the customer before ending their contract."

Conclusions

Top 3 5 hosting providers with their issues:

NiceVPS
- Email required and not cheap.
Privex
- Email required and pretty bad panel but good prices.
URDN
- Need to contact them via telegram or mail.
Svea
- Need to contact them via telegram or mail.
Keff
- Need to contact them via telegram or mail.

Author:

Leet

i[a]sy.st

I’m ██████████ █████, a ██ years old working at ████████ ███████████.

Tags: privacy hosting free-speech