12 Abuse Reporting Tips for Web Hosts

12 Abuse Reporting Tips for Web Hosts

Recently at HostingCon Global 2016 in New Orleans, Handy Networks CEO Jay Sudowski was on a panel moderated by Michele Neylon of Blacknight Internet Solutions, a web host based in Ireland.

The topic was, “How To Build Relationships And Save Money With Better Abuse Reporting.”

Abuse is something that violates terms of service which can include unsolicited email messages or SPAM, phishing, botnet command and control, malware, and IP infringement. Abuse also includes any other illegal content within the jurisdiction of the hosting company.

Joining Sudowski on the panel were Allan O’Reilly of Blacknight Internet Solutions and Drew Bagley from the Secure Domain Foundation who also provided several actionable tips and valuable insights.

Here are 12 takeaways your web hosting company can use for abuse reporting to build better relationships and save money.

1. Abuse reporting is expensive.

2. Hosting companies, registries, and registrars often end up dealing with law enforcement agencies that you may not even know exist.

3. A lot of hosting customers don’t know how to read a WhoIs report and confuse the registrar with the web host.

4. International issues have to be taken into account. For example, in Ireland the DMCA reporting is not relevant.

5. Often the largest category of abuse reports are spam complaints.

6. A lot of the abuse reports aren’t actionable. For example, there may be thousands of abuse reports coming every week from AOL with people mistakenly hitting the spam button.

7. Many complaints are coming from outside the major networks from cartel-like entities taking control of orphaned resources.

8. Some of the best anti-abuse resources include the secure domain foundation (free anti-abuse API), Shadow Server, Google Safe Browsing, and APWG.

9. Abuse reporting needs standardized fields across industry to auto-route between hosts, registries, and registrars.

10. Abuse reporting needs actionable information readily available to share when needed with law enforcement and cybersecurity teams.

11. Many website hosting companies provide free security advice to clients on how to patch extremely vulnerable services. However, despite only needing a few minutes of time to address these issues, clients generally ignore this advice.

12. When website hosting companies offer inexpensive services to customers to help patch vulnerable servers, it’s a fine line to walk between helping customers and upselling customers. 

Use these tips for your web hosting company to save money for your company and build relationships with your customers. 

Do you have any additional tips on abuse reporting to share with other website hosting companies?