Website and service terms
These terms describe the public website and the path to a written VPS Secure Base engagement. An individual written scope controls the actual service.
Effective date: 17 July 2026
Operator and intended audience
Gruster is a trade name used by Sedelnikov Denis Aleksandrovich, an independent service provider based in Indonesia. The website is intended for business owners and people authorized to discuss a server on behalf of its owner.
No engagement is created by this website
Submitting a request, viewing a sample report or discussing eligibility does not create a security engagement, authorize server access or promise a start date. An engagement begins only after both parties accept a written scope or statement of work and the agreed deposit is received.
Price, eligibility and timing
The public price is USD 700 for one eligible server under the advertised fixed scope. A 50% deposit reserves the engagement after written scope approval. Eligibility depends on preflight findings, recovery access, workload health and the agreed change boundary. Most core work is planned for days 1–5; observation and final handoff complete on day 14. Client delays, unavailable approvals or third-party outages may pause the timeline.
Client responsibilities
- Confirm authority to request work on the server.
- Provide accurate system information and revocable approved access.
- Maintain an independent provider console or rescue path and suitable backups or snapshots.
- Name the owner or trusted person who can approve access and exposure decisions.
- Approve maintenance windows, restarts and work outside the fixed scope in writing.
Service boundary
VPS Secure Base is server-level baseline hardening and a bounded 14-day observation and handoff. It is not penetration testing, incident response, malware removal, application security, a 24/7 SOC, a managed emergency service or a guarantee that no outage or breach can occur. Application, database, container and complex network changes require a separate written scope.
Production changes and third parties
Changes are staged, approved and validated against an agreed health check and rollback path. Some risk remains whenever production is changed. Hosting providers, registries, package repositories, Telegram, Google and other third parties operate under their own availability and terms.
Evidence, confidentiality and access removal
Client-specific evidence and access information are treated as confidential and shared only as required to deliver the engagement or comply with law. The client receives the agreed reports and registers. Operator access is revocable and is removed at handoff unless a later written scope authorizes new access.
Sample material and security outcomes
Sample reports, alert captures and evidence cards illustrate the format and reasoning of a delivery. Every host is different, so they do not promise identical findings, controls or risk outcomes.
Payment, cancellation and disputes
The individual written scope or invoice defines the accepted payment method, transfer costs, taxes, final balance and any approved third-party expenses. The Cancellation and refund policy applies unless the written engagement gives you more favorable terms. Governing law, venue and dispute steps are confirmed in the individual engagement; mandatory rights under applicable law are not excluded.