Security, stability and compliance
Acceptable Use Policy
Last updated: June 1, 2026Responsible-use rules for Bacan.com services, including hosting, domains, email, VPS, servers, DNS and related services.
Scope of application
This Acceptable Use Policy, hereinafter the AUP, governs the use of the services offered by Bacan.com, including, among others, shared hosting, reseller hosting, VPS/Cloud services, email, domain management or resale, DNS, certificates, installable applications, and any other service that expressly refers to this policy.
This AUP forms part of the Terms of Use, the Terms of Service, the Privacy Policy, and any other specific terms applicable to the contracted service.
Use of Bacan.com services implies acceptance of this AUP. Breach of this policy may result in limitation, suspension, cancellation, or termination of the service, as well as the adoption of technical, administrative, or legal measures where appropriate.
1. Lawful use and regulatory compliance
Bacan.com services may only be used for lawful purposes.
The Customer agrees to comply with applicable law, including, where applicable and without limitation, regulations on information society services, data protection, electronic communications, intellectual property, industrial property, e-commerce, consumer protection, criminal law, domain-specific sector regulations, and ICANN or applicable Registry policies.
Bacan.com does not actively monitor all content hosted by its customers. However, when it becomes aware of content, uses, or activities that may be unlawful, abusive, harmful, or contrary to this AUP, it may adopt reasonable and proportionate measures to protect its services, its customers, affected third parties, the reputation of the network, and the security of the infrastructure.
These measures may include, among others:
In urgent cases, serious abuse, security risk, harm to third parties, requests from authorities, requests from providers, reputational incidents, or impact on shared infrastructure, Bacan.com may act without prior notice.
- Blocking or removing content.
- Partial or total suspension of the service.
- Temporary limitation of resources.
- Blocking email sending.
- Disabling specific scripts, processes, or services.
- Preserving technical evidence.
- Notifying the Customer.
- Communicating with providers, registrars, registries, competent authorities, or affected third parties where appropriate.
2. Prohibited uses
It is prohibited to use Bacan.com services to carry out, facilitate, host, distribute, promote, or conceal activities such as the following:
2.1 Security, fraud, and technical abuse
- Distribution of malware, ransomware, spyware, viruses, trojans, or other malicious software.
- Phishing, pharming, smishing, vishing, social engineering, impersonation, or fraudulent collection of credentials.
- Spoofing, falsification of headers, senders, routes, domains, brands, IP addresses, or identities.
- DDoS attacks, DoS attacks, floods, amplification, DNS abuse, or deliberate saturation of systems.
- Aggressive port scanning, brute force, vulnerability exploitation, lateral movement, or unauthorized access to systems.
- Use of intrusion tools, phishing kits, malware panels, botnets, drop zones, command and control, or infrastructure intended for attacks.
- Use of software vulnerabilities or security testing without the express, prior, and verifiable authorization of the owner of the affected system.
- Storage or distribution of stolen credentials, leaked databases, payment cards, identity documents, or personal data obtained unlawfully.
2.2 Abusive use of resources
It is not permitted to interfere with the normal operation of Bacan.com services or to negatively affect other customers, providers, networks, or third parties.
The following are especially prohibited in shared or reseller services:
In VPS, Cloud, or dedicated servers, broader conditions may apply depending on the contracted plan, but the Customer must always comply with applicable law, this AUP, the network provider's terms, anti-abuse rules, and the contracted technical limits.
- Abusive consumption of CPU, RAM, I/O, processes, inodes, bandwidth, or database queries.
- Intensive locking of tables or databases.
- Execution of unauthorized persistent processes.
- Massive scraping, crawlers, indexers, or spiders that affect server performance.
- Email, DNS, HTTP, FTP, SSH, or other service floods.
- Cryptocurrency mining.
- Game servers on shared hosting.
- P2P seeders, BitTorrent, or massive file distribution.
- Use of shared hosting as a public download repository, mirror, ISO repository, public backup storage, or mass storage.
- Use of shared servers as a proxy, VPN, tunnel, TOR node, relay, or anonymization mechanism.
2.3 Speed tests, benchmarks, and test files
It is not permitted to use shared hosting, reseller hosting, or similar services as a platform for speed tests, benchmarking, bandwidth measurement, or mass downloads.
In particular, it is prohibited to upload, host, link, distribute, or maintain large files created or used mainly to test download speed, transfer speed, or network capacity, including test files of 1 GB, 10 GB, or larger.
This type of use is only permitted if Bacan.com expressly authorizes it in writing or if the Customer contracts a service specifically intended for that purpose.
3. Prohibited content
It is not permitted to host, publish, link to, distribute, sell, promote, or facilitate content that is unlawful, abusive, harmful to third parties, or contrary to this AUP.
The following content is prohibited, among others:
Bacan.com may remove, block, or limit other content that, according to a reasonable assessment, is manifestly unlawful, abusive, dangerous, contrary to this AUP, or capable of causing technical, legal, reputational, or commercial harm.
Where feasible and where there is no urgent risk, Bacan.com will attempt to notify the Customer of the measure and indicate a review or appeal channel.
- Material that infringes intellectual or industrial property rights, including piracy, cracks, serials, warez, unlicensed software, unauthorized copies, or illegal distribution of protected works.
- Content that infringes trademarks, trade names, image rights, copyrights, or third-party rights.
- Child sexual abuse material, child sexual exploitation, or any content involving minors in a sexual context. Bacan.com applies zero tolerance to this type of content and may immediately block it, preserve evidence, and report it to the competent authorities.
- Content that promotes, facilitates, or instructs on unlawful activities, including the acquisition of illegal weapons, illegal drugs, false documents, fraud, identity theft, or computer intrusion.
- Financial scams, Ponzi schemes, HYIP schemes, false investments, financial phishing, or websites designed to deceive users.
- Fraudulent websites, spamvertised websites, cloned pages, impersonation pages, or pages intended to collect data deceptively.
- Tools intended for intrusion, brute force, phishing generation, spam, vulnerability exploitation, or evasion of security controls.
- Defamatory, threatening, extortive, harassing content, or content that infringes third-party rights, where there is sufficient basis to act under applicable law or this AUP.
- Content that incites violence, hatred, illegal discrimination, or harassment against persons or groups protected by applicable law.
- Explicit sexual or pornographic content, or services primarily aimed at distributing sexual content, unless expressly authorized by Bacan.com and provided that it is legal in the applicable jurisdiction and compatible with the contracted service.
6. Email and anti-spam policy
Bacan.com applies a strict policy against unsolicited email.
It is prohibited to use the services to:
Bacan.com may set sending limits per hour, per day, per account, per domain, or per server.
As a safe-start measure, during the first 24 hours after an account is activated, Bacan.com may limit sending to a maximum of 25 emails per hour per account, or apply different limits according to risk, reputation, contracted plan, or the Customer's history.
Bacan.com may temporarily or permanently adjust sending limits according to:
Minimum recommended requirements for legitimate sending:
If the Customer's sending causes blocks, complaints, RBL listings, poor reputation of shared IPs, or harm to other customers, Bacan.com may suspend sending, limit it, require corrective measures, require migration to a dedicated IP, or pass on reasonable mitigation, cleanup, or delisting costs.
- Send spam, whether commercial or non-commercial.
- Send emails to lists without verifiable consent.
- Use databases that have been purchased, rented, scraped, or collected without valid authorization.
- Use false senders, spoofed domains, or misleading headers.
- Maintain open relays.
- Conceal the sender's real identity.
- Send campaigns that generate complaints, excessive bounces, or RBL listings.
- Send malware, phishing, fraudulent links, or malicious files.
- Use compromised accounts for mass sending.
- Domain reputation.
- IP reputation.
- User complaints.
- Bounces.
- Inclusion on blacklists.
- Sending volume.
- Account age.
- Detected risk.
- Quality of email authentication.
- Correctly configured SPF.
- Correctly configured DKIM.
- DMARC recommended.
- Clean and updated lists.
- Verifiable consent.
- Clear unsubscribe link where applicable.
- Proper management of bounces and complaints.
- Clear identification of the sender.
7. Domains, DNS, and DNS abuse
When Bacan.com provides domain registration, resale, management, or intermediary services, the Customer must comply with the policies of the Registry, the accredited registrar, the wholesale provider, ICANN where applicable, and any competent authority.
Bacan.com is not necessarily the direct accredited registrar of the domain. In many cases, it acts as a reseller, intermediary, or management provider. Therefore, certain measures relating to domains may depend on the Registry, accredited registrar, wholesale provider, or platform used.
Bacan.com may request, apply, transfer, or cooperate in measures related to DNS abuse, including:
Uses of domains related to phishing, malware, botnets, pharming, spam as an abuse vector, impersonation, fraud, malware distribution, or attack infrastructure are considered especially serious.
- Domain suspension.
- DNS blocking.
- Change, removal, or blocking of nameservers.
- Transfer blocking.
- Registrant verification requests.
- Notification to the registrar, wholesale provider, Registry, or competent authority.
- Preservation of technical evidence.
8. Defamation, private disputes, and takedown procedures
Bacan.com respects freedom of expression and does not act as a general arbiter of private disputes between customers and third parties.
However, Bacan.com may act in response to:
To report abuse or request content removal, the complainant should provide, whenever possible:
Bacan.com may request additional information before taking measures, except in urgent or manifest cases.
- Court order.
- Request from a competent authority.
- Sufficiently substantiated notice of illegality.
- Manifest infringement of rights.
- Technical or security risk.
- Breach of this AUP.
- Fraudulent or abusive use of its services.
- Request from providers, datacenters, registrars, registries, or connectivity networks.
- Exact URL or affected domain.
- Approximate date and time of the facts.
- Clear description of the problem.
- Available evidence.
- Legal or contractual basis for the request.
- Verifiable contact details.
- Good-faith statement regarding the accuracy of the information provided.
9. Measures in case of breach
In the event of a breach of this AUP, Bacan.com may adopt one or more measures, depending on severity, urgency, recurrence, technical impact, legal risk, and the Customer's cooperation.
Measures may include:
In critical security incidents, serious abuse, risk to third parties, or impact on shared infrastructure, Bacan.com may act without prior notice.
Where feasible, Bacan.com will notify the service holder and provide a reasonable channel to review the situation.
- 1. Warning or correction request.
- 2. Temporary limitation of resources.
- 3. Disabling specific scripts, processes, or services.
- 4. Blocking email sending.
- 5. Partial suspension of the service.
- 6. Total suspension of the service.
- 7. Blocking or removing content.
- 8. Reinstatement of technical limits.
- 9. Requirement to update, clean, or secure software.
- 10. Mandatory migration to a higher plan or suitable service.
- 11. Cancellation or termination of the service.
- 12. Billing of reasonable mitigation, cleanup, extraordinary support, RBL delisting, or technical intervention costs.
- 13. Communication to providers, registrars, registries, competent authorities, or affected third parties.
- 14. Preservation of technical evidence.
10. Reseller responsibility
Resellers are responsible for ensuring that their own end customers comply with this AUP.
The reseller must:
In cases of abuse committed by a reseller's end customers, Bacan.com may suspend the affected service and notify the reseller.
Recurrence, lack of cooperation, inaction, or inability to control abuse by end customers may result in suspension or cancellation of the reseller service.
- Inform its customers of the applicable restrictions.
- Respond to abuse notifications.
- Cooperate in identifying and correcting incidents.
- Suspend or correct end-customer services when necessary.
- Maintain valid and updated contact details.
- Respond promptly to serious incidents.
11. Software, CMS, and application security
The Customer is responsible for keeping the software installed in their account updated, secure, and properly configured, including CMS, plugins, themes, libraries, scripts, panels, passwords, and third-party applications.
This includes, among others:
If an outdated, vulnerable, or compromised installation generates spam, malware, phishing, abusive consumption, attacks, malicious redirects, or harm to third parties, Bacan.com may suspend it, isolate it, limit it, or require its cleanup and update.
Bacan.com may recommend, require, or apply measures such as:
- WordPress, Joomla, PrestaShop, Drupal, Moodle, and other CMSs.
- Plugins, themes, and extensions.
- Applications installed through automatic installers.
- Custom scripts.
- Frameworks and libraries.
- Administration panels.
- FTP, SSH, email, and database accounts.
- Password change.
- Update of CMS, plugins, or themes.
- Malware removal.
- Deactivation of vulnerable scripts.
- Restoration from backup.
- Migration to a more suitable service.
- Contracting specialized cleanup or support services.
12. Backups, storage, and repository use
Unless the contracted plan expressly permits it, shared hosting services must not be used as a primary storage system, file repository, remote backup, network drive, public mirror, improvised CDN, or mass distribution platform.
Bacan.com may exclude from internal backup systems any files, folders, or accounts that exceed certain technical thresholds, contain temporary files, caches, duplicate backups, mass repositories, or content that exceeds the normal purpose of the service.
The Customer is responsible for maintaining their own external and verifiable backups, unless they have expressly contracted a managed backup service with specific terms.
13. Preservation of evidence, logs, and privacy
Bacan.com may retain logs, samples, headers, screenshots, hashes, technical records, metadata, and other artifacts strictly necessary to:
Evidence will be preserved according to principles of necessity, minimization, proportionality, security, and temporal limitation, in accordance with the Privacy Policy and applicable law.
- Investigate abuse incidents.
- Protect service security.
- Handle third-party complaints.
- Comply with legal obligations.
- Cooperate with providers, registrars, registries, or competent authorities.
- Defend its rights or those of affected third parties.
14. Changes to this Acceptable Use Policy
Bacan.com may update this AUP to reflect legal, technical, operational, commercial, security, provider, Registry, registrar, ICANN, or service-related changes.
When a change is material, Bacan.com will attempt to communicate it through reasonable means, such as a notice on the website, Customer Area, email, or ticket system.
The current version will be the one published on the Bacan.com website.
15. Abuse and emergency contact
To report abuse related to Bacan.com services, the following contact may be used:
Email: abuse@bacan.com
Form: https://bacan.com/contacto
The report should include, whenever possible:
Incomplete reports may require additional information before Bacan.com can act.
- URL or affected domain.
- IP address, if known.
- Date and time of the incident, including time zone.
- Clear description of the abuse.
- Technical evidence.
- Full headers in the case of spam or email phishing.
- Contact details of the complainant.
- Any additional information that may help verify the complaint.