Hosting

aluy

Item: aluy
Rating: 6
Author: KYC No Thanks

Aluy is a Europe-based infrastructure provider selling VPS, dedicated servers and IP resources with cryptocurrency payments and optional Tor access, though its privacy promises are undermined by extensive account logging and tiered identity verification.

6.0

out of 10

L3 Tiered

Non-custodial No email required No IP logging 5 payment options

Visit website Suggest an update

// review

Overview

Aluy is a Germany-registered hosting operation run by sole proprietor Julian Achter, positioning itself as privacy-focused infrastructure for the cypherpunk crowd. The service catalog covers Virtual Private Servers, dedicated machines (including Hetzner-auction resells), storage boxes, and RIPE LIR services such as ASN sponsorship and IPv6 blocks. Nodes are spread across the Netherlands, Switzerland, Bulgaria and Finland, with a public Looking Glass tool for latency testing before purchase. Custom VPS plans start at roughly €3.50 per month for a 1 GB RAM / 1 core / 10 GB SSD configuration, scaling up to 32 GB RAM and 16 cores. The company emphasizes fair-use bandwidth on 10 Gbps shared ports and provides full root access via KVM virtualization.

What distinguishes Aluy from commodity hosts is its explicit catering to privacy-conscious users: Tor browser access is supported, the control panel code is open source, and customers can pay with Monero, Bitcoin, Lightning and cash alongside conventional options like PayPal and cards. However, the "privacy-focused" branding sits uneasily with a data-retention regime that logs account actions, IP addresses, user-agents, and even the rendered bodies of transactional emails for extended periods.

Privacy & KYC

Aluy's KYC policy follows a tiered model. For standard VPS and dedicated-server purchases, identity verification is not routinely required at checkout. The provider advertises minimal logging and no analytics trackers on its marketing site. Yet the reality is more nuanced and, for strict anonymity seekers, problematic.

Account logging is extensive. The privacy policy discloses an "account audit log" that records every security-relevant action, logins, password changes, 2FA modifications, payments, GDPR requests, complete with timestamp, IP address, user-agent and correlation ID. These logs are explicitly maintained to answer abuse reports, investigate account takeovers, and respond to lawful authority requests.
Email retention is long-term. Outbound transactional emails are logged with recipient, sender, subject, template, SMTP message-id, delivery status and rendered body. Bodies are redacted after 90 days; envelopes remain for two years.
LIR services trigger ID checks. ASN sponsorship and certain IP resource orders require identity verification, per the product page. This is a hard KYC gate for infrastructure operators seeking their own address space.
IP hashing on Looking Glass. The network testing tool hashes requesting IPs for abuse handling and discards outputs after 24 hours, a relatively sane practice compared to the account-side logging.

The provider states it does not sell data or track users across websites, and it avoids invasive web analytics. But the granularity of internal logging means Aluy can produce precise user activity timelines when compelled. For a service marketing itself to the no-KYC and anonymous hosting audience, this is a significant disconnect that drags its privacy score down to 5 out of 100 in our assessment.

Supported assets & payments

Aluy accepts a deliberately broad range of payment methods, reflecting its dual audience of privacy seekers and conventional customers. Cryptocurrency options include Monero (XMR), Bitcoin (BTC), and Lightning Network payments, critical for users who want to avoid bank trails. Cash payments are also accepted, though the practical mechanics are not detailed on site. Traditional rails cover PayPal, card, Klarna, Apple Pay, Google Pay and iDEAL via the Payrexx processor.

Refund policy deserves attention for crypto users. Aluy explicitly states it does not send refunds on-chain. If a refund is granted, the arrangement defaults to EUR bank transfer or service credit, with exchange-rate risk borne by the customer. EU consumers retain a 14-day statutory cancellation right, but cryptocurrency payments are again singled out as non-returnable on-chain. This is standard for crypto-friendly merchants, yet it adds friction for anyone hoping to maintain financial privacy through the entire lifecycle of a dispute.

Security & custody

Aluy operates as a custodial hosting provider: you rent their hardware and network, but they retain physical control and hypervisor access. Full root access on VPS instances mitigates this somewhat, allowing customers to encrypt disks and harden operating systems at the guest level. The control panel is open source, which permits community scrutiny of the provisioning and management code, an unusual and welcome transparency in the hosting space.

Security features visible in the documentation include SSH key injection at provisioning time and standard KVM virtualization. The API uses session-cookie authentication tied to NextAuth, with no separate API tokens currently offered; resellers must copy browser cookies for automation, which is convenient but carries trade-offs in credential rotation and exposure surface. Two-factor authentication is referenced in the audit-log description, suggesting portal-level 2FA is available.

Outgoing mail ports (25, 465, 587) are blocked by default on VPS plans, requiring a support ticket to unblock, reasonable for spam mitigation, though an operational hurdle for self-hosted email operators. The fair-use policy applies only to network bandwidth, with stated port speeds (10 Gbps) representing physical uplink class rather than guaranteed throughput.

Who it's for, verdict

Aluy occupies an awkward middle ground. For users seeking no-KYC hosting with anonymous crypto payments, it delivers functional infrastructure at competitive European prices, with the rare bonus of Tor accessibility and open-source management tools. The Monero and Lightning support genuinely reduces financial traceability for routine VPS purchases.

However, the provider's data-retention practices are far closer to a conventional European host than to a "ghost-grade" operation. The detailed audit logs, two-year email envelopes, and explicit lawful-access compliance create a paper trail that sophisticated adversaries can exploit. Users who need absolute anonymity, journalists, whistleblowers, or infrastructure operators under threat, should treat Aluy as pseudonymous rather than anonymous, and layer their own operational security on top.

We rate Aluy 6/10 overall. It is a viable option for privacy-tolerant developers, small projects, and crypto-native businesses that accept logged accountability in exchange for flexible payments and EU-jurisdiction reliability. It is not a fit for threat models requiring zero retained identity data. If your priority is a cheap, fast, XMR-friendly VPS with decent support response times, Aluy merits consideration. If your priority is sovereign infrastructure free from compelled data production, look elsewhere.

Data sourced from kycnot.me

Pros

Accepts Monero, Bitcoin and Lightning for genuinely private payments
Open-source control panel enables community code review
Tor access supported for censorship-resistant account management
Flexible VPS pricing from ~€3.50/month with 10 Gbps ports
Public Looking Glass for pre-purchase network testing
LIR services available for operators needing IP/ASN resources

Cons

Extensive account audit logs with IP and user-agent retention
Email envelope data kept for two years
LIR/ASN products require identity verification (hard KYC)
No on-chain crypto refunds; bank transfer or credit only
Support response times occasionally run to several hours

At a glance

Non-custodial

No email required

No IP logging

Why this score

Tiered

KYC only above certain thresholds.

Frequently asked questions

Does Aluy require KYC for all services?

No. Standard VPS and dedicated servers generally do not require identity verification at purchase. However, LIR services such as ASN sponsorship and IPv6 block assignments explicitly require ID verification.

Can I pay for Aluy hosting completely anonymously?

You can pay with Monero or cash without linking a bank account, but the platform logs account activity, IP addresses, and user-agents in an audit trail. This makes the service pseudonymous rather than fully anonymous.

Is Aluy's control panel open source?

Yes. The company publishes its panel code as open source, allowing customers and researchers to inspect the provisioning and management logic.

What happens if I need a refund on a crypto payment?

Aluy does not process refunds to cryptocurrency addresses. Refunds are handled via EUR bank transfer or service credit, with exchange-rate risk falling to the customer.

Does Aluy offer a Tor onion address?

Tor access is supported for browsing and account management, which helps users reach the service from restricted networks or conceal their location from local observers.

Update log

May 28, 2026
Cross-checked open-source panel claim against repository availability
May 13, 2026
Added Looking Glass privacy note after reviewing data-handling disclosure
May 2, 2026
Refreshed VPS pricing tiers from live configurator data
Apr 19, 2026
Confirmed LIR service KYC requirement against product page
Apr 5, 2026
Adjusted privacy score downward after detailed policy review of audit-log retention
Mar 22, 2026
Updated supported-coin list to reflect current checkout options
Mar 8, 2026
Re-verified Tor accessibility and onion mirror status

Scores

Overall 6/10

Privacy 5/100

Trust 5/100

Accepted payments

Monero Bitcoin Lightning Fiat Cash

Features

Tor available
Open source

Visit website

Community reviews

4.8/5 · 6

S Swapuz ✅ (Support at Swapuz) ★★★★★

Aluy delivers proper ghost hosting with VPS, bare metal, and IP ranges, all payable in XMR, ZEC, and other coins. Zero KYC, zero drama, just clean infrastructure for privacy-focused builders and cypherpunks.

Dec 3, 2025

a amateur_transport_6198

Really impressed with this host. Speedy setup and the tech team actually knows what they're doing. Appreciate the solid service.

Aug 10, 2025

m mayoral_benefit_7665 ★★★★☆

They don't claim zero logs but only keep what's needed for troubleshooting. VPS provisioning is quick, and while support replies can take a few hours, they genuinely solve problems instead of giving runaround answers.

Aug 10, 2025

a amateur_transport_6198 ★★★★★

Really impressed with this host. Speedy setup and the tech team actually knows what they're doing. Appreciate the solid service.

Aug 10, 2025

c contemptuous_flourish_738 ★★★★★

Al.uy has been operating for several months and consistently delivers quick, solution-oriented service. Server performance is strong and you can tell they're genuinely trying to build something quality.

Aug 10, 2025

u upper-class_humour_1558 ★★★★★

Top-tier LIR services without identity verification headaches. Got my ASN registered in just a few days with no pointless paperwork or invasive questions.

May 21, 2025

Related services

MyNymBox

mynymbox.io

9.0

/ 10

VPS Hosting Domains

MyNymBox is a privacy-first hosting provider offering anonymous VPS, domain registration and shared hosting with pseudonymous sign-ups and broad cryptocurrency support, though aggressive abuse enforcement divides user opinion.

L1 Anonymous

XMR BTC LN FIAT CASH

›Tor available ›Open source

Ko-Net

ko-net.ws

9.0

/ 10

VPS Hosting

Ko-Net is a privacy-first Swedish hosting provider offering anonymous VPS, managed DNS, and server management with no KYC, crypto-native billing, and a strict no-logging stance.

L1 Anonymous

XMR BTC LN FIAT CASH

›Tor available ›Open source ›Non-custodial

Jink Host

jink.host

8.0

/ 10

Hosting

Jink Host delivers budget-friendly, no-KYC infrastructure across EU and US nodes, accepting Monero and Bitcoin for pseudonymous provisioning of VPS, RDP, and dedicated servers.

L1 Anonymous

XMR BTC LN FIAT CASH

›Tor available ›Open source