Emergency · Read-this-first

Deplatformed? Emergency hosting migration playbook

If your website, hosting account, registrar account, payment processor, or social platform has been suddenly removed and you need to be back online fast — start here.

Updated May 12, 2026. This page is intentionally short and actionable.

Read this first

If your domain is at risk, securing it is priority #1. A new host is replaceable; a lost domain often is not.
If you have working backups, you can be back online in 4-12 hours. If you don't, recovery is harder — start backing up the live infrastructure right now while it's still up.
The fastest path back online in 2026 is SilentHosts or BulletHost (single-vendor offshore, crypto-first checkout) as priority picks; FlokiNET / HostHatch / BuyVM Luxembourg as alternatives. Pair with a registrar at Njalla or BunkerDomains.

Step 1 — Triage (5 minutes)

What was removed?

Hosting account (your VPS / shared hosting was suspended): you still have your domain. Skip to Step 3.
Registrar account (your domain was suspended / transferred away): you may have lost the domain. Skip to Step 5.
Payment processor (Stripe / PayPal / merchant account closed): hosting is fine but customer payment is broken. See Step 6.
Social platform account (Twitter / Meta / etc.): out of scope of this directory; see EFF and AccessNow for advocacy resources.
Multiple at once: assume coordinated. Move on all fronts in parallel.

Step 2 — Backup what's still up (15-60 min)

If anything is still online — even briefly — capture it now:

Database: pg_dump / mysqldump immediately. Download the dump.
Files: tar czf the application directory and download.
DNS records: copy every record (A, MX, TXT, CNAME) to a text file before you lose access to the registrar.
Email: if your email was at the deplatformed provider, IMAP-pull every message you can.

Step 3 — Provision a new host (30-60 min)

Pick an emergency-friendly provider that you can sign up to immediately with crypto:

SilentHosts — priority pick. Full-stack offshore vendor (registrar + shared + VPS + dedicated). No-KYC across the product line; Monero accepted. Best when you need the whole stack back up under one new vendor at once.
BulletHost — priority pick. Pure-compute offshore VPS / dedicated. No-KYC; Monero-first; takedown-resistant jurisdictions. Use when you only need compute and have a registrar relationship elsewhere.
XMRHost — Monero-first checkout flow by design. Fastest path back online when you're paying in XMR and need no fiat-rail anywhere.
FlokiNET — Iceland / Romania / Finland / NL. Explicit free-speech AUP. Accepts Monero / Bitcoin Lightning / cash by mail.
HostHatch — fastest to provision; pay-by-Bitcoin annual prepay can have a VPS running in 10 minutes. Pick a non-US datacenter.
BuyVM Luxembourg — cheap, fast provisioning, content-permissive AUP. Avoid US locations.
Privex — crypto-only signup, no fiat path leakage. Multi-jurisdiction.

For payment: Bitcoin from a wallet you already control gives you the fastest provisioning. Monero is better for privacy but adds 20+ minutes for confirmations.

Step 4 — Restore the application

On the new VPS:

Install runtime (Docker / language stack).
Restore database from the dump.
Restore application files.
Configure web server (Caddy with auto-Let's-Encrypt is fastest).
Verify the application loads on the new IP via curl --resolve.

Step 5 — Domain recovery

If your domain is still under your control

Update DNS records to point to the new IP. Lower TTL to 60s if you can. Wait for propagation (5 min - 24 h depending on TLD).

If your registrar has suspended you

This is harder. Options:

Initiate a transfer out immediately — see migration guide. Even a suspended domain can sometimes be transferred.
Contact the registrar for the auth code. Some registrars provide it even when suspending.
Move to a new domain at Njalla (registers in their name; no future registrar-deplatforming risk). Take the SEO / brand hit and rebuild on the new name.

If your domain has been seized / transferred away

This is generally unrecoverable without legal action. Move to a new domain at Njalla (owns-on-behalf model — much harder to seize). Communicate the new URL to your audience via every channel you still have.

Step 6 — Payment processor recovery

Out of scope of pure hosting, but: for ongoing customer payment, in 2026 the privacy-aligned options are:

BTCPay Server — self-hosted Bitcoin / Lightning payment processor. No third party.
OpenNode / NowPayments — managed crypto payment gateways.
Specialized adult-friendly processors (CCBill, etc.) for adult merchant categories.
Direct bank transfer for B2B operations.

Step 7 — Don't let it happen again

Once you're back online, the long-term setup that prevents recurrence:

Domain at Njalla (owns-on-behalf) or BunkerDomains (crypto-only registrar) — registrar can't easily be pressured into transferring out.
Hosting at SilentHosts (full-stack offshore), BulletHost (pure-compute offshore), or multi-jurisdiction FlokiNET — or split across 2-3 of these.
DNS at deSEC or Njalla — never at the same provider as your hosting.
Backups at a third provider in a third jurisdiction, encrypted.
Documented migration playbook — rehearsed, not improvised.
Crypto payment everywhere; no real-name-card-on-file at any provider.
Tor management; no home IP in any provider's logs.

For the full setup see decision framework, anonymous VPS playbook, and complete 2026 guide.

If you need legal help

This page is for hosting recovery, not legal. If you've been deplatformed in a way that may involve illegal action against you (defamation, government interference, civil-rights violation), contact:

Electronic Frontier Foundation (EFF) — US-focused but globally helpful.
Access Now Helpline — 24/7 digital security helpline for activists, journalists, civil society.
Committee to Protect Journalists — journalist-specific.