devActivitydevActivity Logo

GitHub Actions and Tor: Why Free Hosting Attempts Lead to Account Bans

A recent discussion on GitHub’s community forums sparked a crucial conversation about the boundaries of free cloud services. User adnanisagoodboy inquired about running Tor on GitHub servers to host a dark web site, only to find their account banned. This incident highlights a common misunderstanding about acceptable use policies and the sophisticated detection methods platforms employ. Let's break down why such actions lead to bans, the difference between illegal and policy violations, and legitimate alternatives for persistent hosting.

Developer facing an account ban due to misuse of cloud resources
Developer facing an account ban due to misuse of cloud resources

Why GitHub Actions Aren't for Persistent Hosting

GitHub Actions are engineered for Continuous Integration and Continuous Deployment (CI/CD)—automating the build, test, and deployment phases of software development. They are not designed to be free, persistent hosting providers for websites or long-running services. Attempting to use them for purposes like running an onion site via tools such as oniongrok directly violates GitHub’s Acceptable Use Policies and Terms of Service (ToS).

Specifically, GitHub prohibits using its infrastructure for:

  • Serverless hosting or running persistent applications.
  • Cryptocurrency mining.
  • Creating network proxies or VPNs.
  • Bypassing platform limits to gain free compute time.

When a workflow is manipulated to keep a connection open indefinitely for an onion site, it consumes compute resources for non-development activities, which GitHub classifies as resource abuse.

Legitimate cloud hosting alternatives for persistent applications
Legitimate cloud hosting alternatives for persistent applications

Illegal vs. Terms of Service Violation

It's vital to distinguish between an action being "illegal" (breaking the law) and violating a platform's Terms of Service (a breach of contract). Running Tor or hosting a site on the dark web is not inherently illegal in most jurisdictions, provided the content itself is lawful. However, using GitHub's infrastructure without authorization to proxy traffic or host persistent services is a direct breach of their contract with you. When you violate these rules, GitHub has the right to terminate your account.

How Platforms Detect Abuse

Major tech companies like GitHub employ advanced, automated systems to prevent their free tiers from being exploited. Here’s how they likely detected the attempt to run a persistent Tor service:

  • Process and Signature Detection: GitHub's security systems monitor virtual machines (runners) for the execution of known tunneling and proxying binaries (e.g., ngrok, cloudflared, tor, oniongrok). Persistent execution of these processes, rather than brief testing, triggers alerts.
  • Network Traffic Analysis: CI/CD workflows have a predictable network footprint. Tunneling software creates persistent, long-lived outbound connections that differ significantly from standard compilation or testing traffic, making them easy to flag.
  • Duration and Compute Patterns: Standard workflows complete in minutes. Scripts that use loops or sleep commands to artificially keep a workflow alive until the maximum timeout (e.g., 6 hours) are automatically flagged by heuristic systems.
  • Account History and Behavior: Newly created accounts or those with minimal standard repository activity that suddenly initiate maximum-duration workflows are subjected to increased scrutiny by anti-abuse algorithms.

Legitimate Alternatives for Persistent Hosting

For those seeking to host persistent services legitimately, several excellent (and often free-tier) options exist:

1. For Full Control (e.g., running Tor/oniongrok safely)

  • Oracle Cloud "Always Free" Tier: Offers dedicated Virtual Machines (up to 4 ARM instances, 24GB RAM total) designed for 24/7 operation. Ideal for persistent Linux servers and onion sites. Requires credit card for verification but won't be charged if within free limits.

2. For Web Apps, APIs, and Docker Containers

  • Render: Provides a generous free tier for web services and PostgreSQL databases, supporting various languages and Docker containers. Free instances spin down after 15 minutes of inactivity.
  • Fly.io: Deploys Docker containers globally with a free allowance sufficient for small, persistent apps. Requires a payment method for botnet prevention, but waives charges within free limits.

3. For Frontend Websites and Serverless Functions

  • Vercel / Netlify: Industry standards for hosting frontend frameworks (React, Vue, Next.js) and static sites. Offer generous free tiers with built-in CI/CD. Not suitable for persistent background tasks or long-running servers.

Conclusion

While the desire to avoid hosting costs is understandable, misusing platforms like GitHub Actions for unintended purposes leads to account bans due to Terms of Service violations and resource abuse. Understanding the intended use of developer tools and adhering to their policies is a critical aspect of responsible software engineering. By choosing appropriate platforms for your specific hosting needs, developers can ensure compliance and maintain positive standing within the community. This adherence to platform guidelines and efficient resource management can even be seen as an indirect contributor to positive software engineering kpi metrics, reflecting a developer's understanding of operational constraints and sustainable practices.