[OwainX]

Without going into too much detail we keep track of users, profiling things like ssh keys and github accounts, IP addresses and activity in order to make sure that abusers, once identified cannot come back. All payments are non-refundable (though if we break something we'll credit the time back in almost all cases) so if you pay with bitcoin and abuse the service you'd be out the money with no server left to show for it. The ephemeral nature of Dply servers means that verified cases of abuse will usually result in server deletion and account locking.

If even with the processes we have in place, abuse becomes an issue we could require that the Github account used has a certain amount of history and activity (doing more to profile the user that way). All these things combined with no API and automation of creation being disallowed makes for a low ROI on an abuser's time compared to other services already available.