I just wanted to know that does our data is private and safe on infinityfree or not.
Looking answers for following questions:
On deleting something from our end in ftp does it completely removes the files form the server as well and no traces of it is left on the server or it just gets delisted form our end might be from the database which stores and shows the files and files remain on the server.
Can Inifintyfree can view our files in our ftp and data stored in database or its just us?
If anyone builds a website for their private use with sensitive data in it, does InfinityFree monitors it?
In what all situations InfinityFree monitors a website or checks what kind of data is stored in ftp and database?
Private? no, you’re setting up a website that can be accessed by anyone on the internet. Secure and safe, yes, but the nature of a website is that it can be accessed by anyone. Now to answer your specirfic questions:
1 - Infinity Free (and IFastNet who provide the back end) don’t keep backups, so once you delete a file, its gone
2 - Infinity Free (and IFastNet) can view the files and database records. This is required so they can do checks for illegal and TOS braking content. Plus, its a website, not file storage, so anyone viewing your site can see most of the files
3 - Don’t put sensitive data on a website. Even if you password protect pages that have sensitive data, people can hack it.
4 - Infinity Free (or IFastNet) generally only check websites if its reported. But there are automatic sweepers that check for TOS braking content. These sweepers can either flag for a manual review, or suspend your account if they find something suspicious.
Honestly, from your questions, it sounds like you’re looking for a VPS service, or a private server. Yes these generally cost money.
You can choose for your data to be private (by correctly implementing encryption, login systems, etc), so access is somewhat restricted.
However, (and I think this is what you actually meant), your data is not confidential. Server admins, automated systems run by the server, etc. can and will access your files to check and make sure the content complies with the law and the terms of service.
If you are building a site that contains information that belongs strictly to you and those you choose to share it with, self-host it. Almost every single hosting provider reserves the right to view the files you host with them (Either directly or though automated systems) for compliance and security reasons.
Deleting a file from InfinityFree’s server will almost always permanently delete the file. There may be a rare case when your account is under investigation (or has been in the past) where an inaccessible backup exists, but you can consider clicking the delete button as a way to permanently delete the file.
To the frustration of many: deleted really means deleted.
Finally someone who understands and appreciates that their hosting provider being able to roll back their account to any moment in time is not always a good idea.
FTP and databases do not support end to end encryption. For your files and database contents to be accessible, the server must be able to read it. And since we control the server, we can read it too.
We do sometimes need to access the contents of your account. We always do this for a good reason, such as:
Checking for technical issues with our systems.
Checking for abuse.
Providing support.
We have implemented reasonable and adequate security precautions to prevent unintended and unnecessary access to your data, both technically and organizationally. We do not have any security certifications (like ISO, HIPAA or PCI DSS), but we are of course subject to relevant laws that mandate privacy and security (like GPDR and NIS2).
We provide a web hosting service, and we have a level of security that’s adequate for the service we provide. It’s a safe place to store regular website content, but not highly sensitive data with strict security requirements.
If you’re wondering whether you can safely process regular PII on your website, then that’s absolutely the case.
I was asking keeping it in context as a 1-to-1 chatting website.
Ya I agree, its essential.
Ummm.. Not particularly if I only load some specific files for specific user. Such as images or documents.
Ya, actually I was thinking to build a chatting website to use it with my friends so these questions were in context to that, as in my code users can upload images and documents to the server which is indeed visible in ftp.
Ya it’s a valid point. Its just first I wanted to make my site functional and see does it is sensible to use then I might go to build a server.
That’s why valid and fair
That’s awesome.
Is it fine if I encrypt my data before storing on server or database? Does it will violate infinityfree rules??
Ya I do understand. If anything illigal is found on your server will cause trouble to you so it’s better to keep a check.
Please do note that live chat sites are not allowed on our hosting. Live chat sites can only work by constantly refreshing the page in the background to check for new messages, but this is very stressful on the servers.
If it’s more of a bulletin board style messaging where messages are not expected to show up instantly, that’s fine.