Time4VPS opens abuse tickets when the company detects too high traffic from/to VPS.
Even if you do not reach any limit of your VPS, for example, port speed or bandwidth, Time4VPS, like other providers, also enforces packet-per-second (pps) usage monitoring of TCP and DNS (UDP). If we see that the usage of pkts/s is too high and suspicious, we open the abuse ticket.
For VPS provider, persistent high and suspicious traffic or a large spike in traffic of VPS can:
Stress shared network infrastructure
Trigger DDoS detection systems
Look like flooding or scanning behavior
Impact other clients on the same node and etc.
Due to these reasons and many more, Time4VPS must react on time and that's why we open the abuse tickets for the high and/or suspicious traffic.
VPS owners should keep in mind that the packets per second β bandwidth.
Bandwidth measures how much data is transferred (Mbps or GB per month).
Packets per second measures how many individual network packets are being processed every second.
A server can use low bandwidth but very high pps if it sends many small packets.
From Time4VPS's perspective, we must:
Protect overall infrastructure stability
Prevent one VPS from impacting others
Avoid becoming a DDoS source
Even if bandwidth is within limits, excessive pps can still harm the node.
High traffic is often caused by:
Malware/botnet infection
Misconfigured service
Legitimate high-traffic application (less common at that packet rate)
TCP pps and DNS pps
TCP packets per second (TCP pkts/s)
This is general traffic like:
Web servers (HTTP/HTTPS)
APIs
Game servers
Proxies
SSH
DNS packets per second (DNS pkts/s)
DNS usually uses UDP, not TCP.
DNS traffic is more sensitive because:
High DNS pps is often associated with:
DNS amplification attacks
Open resolver abuse
Reflection attacks
DNS packets are small β can generate very high pps easily
Time4VPS kindly asks to follow the original recommended limits for TCP and DNS that are:
Note 1: However, Time4VPS reserves the right to open an abuse ticket (and suspend the server) if the recommended limits are not reached (moderate and high limit values), but we receive violation reports from certain institutions or see harmful activity that is not allowed.
Note 2: Abuse cases should be investigated and resolved promptly. Further information can be found here.

