How to easily take down any image hosting

gobzer

Network license
License owner
Joined
Sep 21, 2014
Messages
31
Likes
2
Points
58
#1
Hi guys,

I want to share some bad things. I owned an image hosting for years.
The've been bad content, but I delete abusive things in 24 hours. And do a moderation on regular basis.
This week some guys uploaded hundreds of CP (child porn) images on my site. I've deleted all of them. They used TOR, so there is no chance of banning them by IP.
But today I saw that my site is down. And some messages from my hoster – online.net, with abuse and immediate lock of server.
I can't even delete the content. 10 years of history has gone.

The thing is that this could happen to any small image hosting. Or even big one. Some ass posts the shit and you're out.
Pre-moderation does not work. Users don't want to wait.
Computer vision is not that accurate. And you have to pay for it. I don't think it can distinguish between regular porn and child porn.
Phone verification? Image can be uploaded even with a verified phone.

I mean everything that we do on UGC is prone to constant abuse.
Any ideas? Solutions?
 

tomsit

Moderator & Chevereto freak
Staff member
Joined
Nov 25, 2016
Messages
421
Likes
224
Points
125
Location
Norway
Website
freeimage.host
#2
Lock it down when under attack (disable uploads) is one solution..
 

Rodolfo

Chevereto Guru-Guru
Staff member
Joined
Oct 7, 2008
Messages
16,134
Likes
4,177
Points
237
Location
Chevereto HQ
Website
rodolfoberrios.com
#3
Image hosting websites can be taken down due to high resource usage (ddos when embedding your pics) or via forbidden content being uploaded. Basic stuff that you should always check:

0. Always backup. You can't be sure that the data will remain there just because you pay for it. You or the DC can get attacked, there could be a new vulnerability out there, who knows. You should always keep a backup.
1. Use external storage distributed in several servers. Don't rely in just one machine.
2. Detect which websites embed these images and deny hotlink (the images won't be visible so they will have to use another service).
3. Lower flood limits (so at least they won't flood with too many pics)
4. Being you the owner of the website doesn't make you owner of the content and the hosting company can only delete the alleged content, nothing else. If they deleted everything is just because they are lazy and you should tell everybody to stay away from that company.
 

Edward S.

Network license
License owner
Joined
Apr 6, 2014
Messages
12
Likes
2
Points
53
#4
Always backup your website data !
 

gobzer

Network license
License owner
Joined
Sep 21, 2014
Messages
31
Likes
2
Points
58
#5
There is an update.

It took days, but I they're unlocked my server after a negotiation.

0. Agree on backups. But keep in mind that if police raid occur, they'll take all your devices. And this will look like you stored all these unsafe images for yourself. Don't forget to encrypt everything. It should be evident that this is a backup and not intended for personal use. Use words "backup" and your domain name within your path. These paths always appear on court documents.
1. Distributed servers multiply costs and troubles.
 

Rodolfo

Chevereto Guru-Guru
Staff member
Joined
Oct 7, 2008
Messages
16,134
Likes
4,177
Points
237
Location
Chevereto HQ
Website
rodolfoberrios.com
#6
1. Distributed servers multiply costs and troubles.
Then don't go big. You are providing a public service. The bigger the service, more problems and expenses.
 
Last edited:

tunny

Founder license
License owner
Joined
Aug 15, 2012
Messages
76
Likes
22
Points
58
#7
Exactly one of the reasons which i have my fear too.

But it would be preventable.

1. Make Backups every Day
2. Host your Servers on Offshore Countries.

Exactly what i do at the moment.