Suggestions for hosting providers from the Bitcoin-VPS.com team

Based on what we've seen, here are some tips for providing your clients with a smoother experience and growing your business in a very dynamic industry.

• Don't use BitPay, Coinbase Commerce, Cryptomus or any other service with mandatory KYC for all your customers. As we highlight on the front page, many readers have complained BitPay requires a separate account and extensive personal information from the customer in order to pay for services from BitPay-using merchants. Coinbase Commerce used to be alright but recently changed their service and will start requiring people to have a Coinbase account (and KYC) to pay with Bitcoin... which makes them just as bad as BitPay. Coingate has recently configured their Cloudflare to block Tor users from making payments, so we don't recommend them anymore. Providers as well as users report Cryptomus randomly (or every time!) require KYC and seize/block funds of people who don't do KYC, resulting in an incredibly bad user experience.
• Commonly suggested alternative payment providers include BTCPayServer, NOWPayments, and CoinPayments.net. Blockonomics.co and accepting-bitcoin.org may also be worth looking at.
• We recommend using BTCPayServer or another self-hosted solution to accept payments. Politicians are currently trying to put a lot of crazy limitations on crypto payment companies. Self-hosting is the only way to be sure your payment provider doesn't suddenly do something weird that hurts your business. Plus, self-hosted payment providers offer better performance and a better user experience. This is especially true if your self-hosted payment portal offers Lightning Network payments. Our experience is that providers with well-run in-house payment solutions are consistently more popular with users than providers who rely on external payment processing.
• Don't use Google reCaptchas. Google tries to optimise so that only "suspicious" users have to solve their captchas. Unfortunately, their algorithm often gets it wrong. This leads to legitimate, paying customers spending 5 minutes or more solving captcha puzzle after captcha puzzle just so they can sign up for your service. Not surprisingly, people often give up and spend their money somewhere else. Basic image captchas (generated by standard software) are often "good enough" for most purposes. If you have to use a 3rd-party captcha service, use the privacy-friendly mCaptcha, which is designed not to annoy users and is a drop-in replacement for Google Captcha/reCAPTCHA. Or, use hCaptcha: their puzzles are far quicker to solve (leading to more sales for you) and they actually pay you for every captcha solution.
• Let Bitcoin filter out the fraud for you. With Bitcoin, people pay in advance, and there are never any chargebacks. People who want to steal money from you simply won't pay with Bitcoin. This means most of the fraud detection algorithms you need to avoid credit card fraud and high chargeback rates are irrelevant when a user pays with Bitcoin. This also means you don't have to turn away legitimate users because, for example, their IP address doesn't match the country they gave at signup. Guess what? Most people using VPNs will have an IP address in a country that's different from where they're based. If they pay by Bitcoin, you don't have to worry about the discrepancy and can happily accept their business.
• Don't use FraudRecord blindly FraudRecord can be a very powerful tool for identifying network abusers without requiring KYC. However, it doesn't distinguish Tor exit nodes and VPN/proxy IPs in its reports. Therefore, a non-abusive user who signs up using Tor, a VPN, or a proxy server will return a record from everyone who has ever used that IP address. Since VPNs, Tor, and proxies may be used by abusive users as well, simply flagging the user based on their IP address reputation may produce false positives.
• Have an affiliate program. Getting new customers via affiliate referrals is how Amazon got big, and it works wonderfully in the hosting industry. For most management systems, enabling affiliate links is just a matter of clicking a button to turn it on. By the way: you don't have to worry about affiliate fraud on Bitcoin orders. Since Bitcoin payments are as good as cash in hand, Bitcoin purchases aren't subject to affiliate fraud the same way as credit card or PayPal purchases are.
• Accept Lightning Network (LN) payments for your services... either using an in-house solution or a payment processor. LN payments clear instantly and have effectively zero fees, making them ideal for someone who needs to quickly spin up a low-cost service.
• Be up front about what you're good at and what kind of users will be happiest hosting with you. The hosting world is huge and there is only so much interest you will get by presenting a bland and generic face to the world. If you have specific goals or strengths then tell the world about it. Help those clients find you who will be happiest using your services. If you have services that you believe people coming from Bitcoin-VPS.com would be particularly interested in, by all means, go ahead and create a custom page that highlights those servers or plans. We will happily set your link so it points to that page.
• Collect as little user information as necessary. Hosting management control panels often ask the user to fill in many fields (address, telephone number, etc) by default. If you actually need to collect this information on your users, that's fine. However, most hosting providers will never call their users or send them a letter. In this case, not asking for this information will speed the sign-up process (resulting in more sales) and show new customers you respect their privacy. We live in an age where data breaches are common... just about everyone you deal with will have seen their personal information get breached, hacked, or leaked because they trusted some company to keep it confidential -- and that company failed. The less information you ask for, the safer people feel.
• If you use IP-pinned login cookies, let users turn off IP pinning. If your web control panel uses login cookies that are locked to a particular IP address, the user will be logged out when their IP address changes. For users on mobile, users with Tor Browser, and similar cases, this results in absolute hell. The user ends up being logged out constantly, sometimes as frequently as each time they click a button on their control panel.
• Offer a Tor onion service and show you really care about privacy. An onion service means Tor Browser users can access your website from an alternate domain, `something43s2e.onion` or similar. An Onion service has significant privacy benefits. This will also solve the IP pinning issue described in the last item.