BlazingFast Webhosting: Interview with Co-founder Paul Waldmann

BlazingFast is often used by the scene because it protects the company's own website from DDoS attacks. Co-founder Paul Waldmann has his say.

The offshore web host BlazingFast is a popular and frequent user in the scene because it allows you to provide your own website with the company’s DDoS protection. CEO Tony Onopriychuk agreed to be interviewed last fall, only to simply become unavailable to us a short time later. BlazingFast Co-founder Paul Waldmann kindly takes your questions instead.

BlazingFast stands for offshore DDoS and government protection

Paul Waldmann

The name BlazingFast refers to the blazing fast pipes that will be used. Tony Onopriychuk and Paul Waldmann founded BlazingFast in 2014, and the two businessmen focused on secure hosting solutions including effective DDoS protection from the very beginning. The price also includes a lot of privacy for the customers. This also explains Kiev as the headquarters of the company.

Since Ukraine is not a member of the EU, you are only subject to the country’s own judiciary. And in the past, the judiciary has not given a damn about copyright infringements or other breaches of the law within the European Union. Customers are happy to pay a few euros more than the competition for this security and digital seclusion.

No answers despite promise of the managing director of BlazingFast

By e-mail, the co-founder and CEO Onopriychuk already gave us the green light for an interview in November of the previous year. Unfortunately, some time passed until we submitted the questions. Perhaps the timing was inappropriate. Maybe some of the questions were too critical in his eyes, who knows? Despite several inquiries and contact attempts by e-mail and Skype, there was no reaction from Tony. Weeks later, Paul Waldmann joined the forum and spontaneously offered to step in. Of course, he can say little about the very current events within the company, because Waldmann left Blazingfast years ago.

Paul Waldmann: About myself, I am the former Co-Founder and COO for BlazingFast and spent many years building this business with Tony. I have not been with BlazingFast for some time and I have returned the company shares to Tony without compensation and we have gone our separate ways on good terms.

There have been many untruths scattered about my person over the years, which Tony has unfortunately believed, which has irrevocably damaged the relationship between, which I am very upset about. To the best of my knowledge, the answers were made before I left the company. If Tony should see my answers in this interview, I want him to know that I never said a bad word about him. I very upset that he just threw away our friendship like that.

Blazingfast: Zero tolerance in dealing with requests from any authorities. The founding date varies on the internet, when was BlazingFast founded? How did the foundation come about? With what motivation did you launch this company?

Paul Waldmann: BlazingFast was founded in 2014. We did so with the motivation of providing a stable, fast and most importantly secure hosting solutions, with a focus on DDoS protection and privacy.

We were so upset that we lost Xertonia unintentionally that we wanted to try again. But this time, do it much better than before. Switching to CloudStack for orchestration to quickly provision servers and building our own DDoS scrubbing solution to avoid relying on third-party vendors.

The company was brought home from offshore to Kiev, Ukraine, to provide us with better legal protection against our partners.

The name was created when we exchanged buzzwords, when we asked ourselves: WHAT DO WE WANT? Answer: We want to offer fast, „Blazing Fast“ servers. All components from servers, network to DDoS protection must be everything, the fastest there is and more resources than the competition. Privacy and support was and is one of our most important aspects. This means storing as little information about the customer as possible and 0 tolerance for cooperation with foreign state authorities.

We respond only to court orders from the court inside Ukraine. However, this has never happened before. Support has always been in our focus. Although we offer self-managed hosting, we still try to help with any problem, whether configuration, installation, etc. we did everything the customer needed. Customer is king!

After the raid Since there has already been a raid on another web host in Ukraine in 2016, as a supplement a statement from Paul:

Paul Waldmann: There has already been a police raid at BlazingFast’s office. The reason was that a customer used the servers located in Ukraine to attack servers that belonged to a Ukrainian authority.

In Germany, we usually receive DMCA deletion requests from rights holders or private individuals who submit abuse mails.

Once upon a time: Xertonia webhosting. Did BlazingFast ultimately emerge from the provider Xertonia – Secure Cloud Hosting or HostBill from Poland? Did the renaming come about in 2014 because Xertonia enjoyed a less than good reputation?

Paul Waldmann: Xertonia and BlazingFast have nothing to do with each other. Xertonia died due to a contractual misunderstanding with Voxility, which resulted in the confiscation of hardware, and thus the unwanted shutdown of customer VPS.

BlazingFast came into existence over a year later in 2014, HostBill is just our hosting panel. We purchased a license from them, have nothing else in common with them. Others use WHMCS, we use HostBill, nothing else.

Today’s web hosting market is totally oversaturated

blazingfast If you could change the past, would you start such a company again? Or would you rather do something other than a web hosting service?

Paul Waldmann: If it were 2014 again, definitely. Today in 2021 probably not, because the hosting market is so oversaturated and there are already well-established companies where competing is rather pointless.

If you compete on price alone, you have no chance to survive as a hosting company. You need addet-value, which may be privacy, which then also attracts many customers from the scene, or DDoS protection, which helps helpless webmasters worldwide. Who thinks that BlazingFast has only customers from the „scene“ etc. is wrong. A large part of the customers are e.g. from China and surroundings, who simply want a stable, DDoS protected VPS.

There has been no takeover by third parties And what is the truth behind the takeover rumors that have been spread around the web time and again in recent years?

Paul Waldmann: There has been no takeover, only a change in the company structure. The company is and remains owned by Tony. There has only been a cooperation with a hosting partner from Portugal, with whom the infrastructure is shared. server What did you do differently from the renaming to become so popular?

Paul Waldmann: As I said, it wasn’t a rebrand, it was a separate company. What we did differently, however, is that we bought or leased the hardware so that we wouldn’t have the same problem again that we had with Voxility.

The popularity results from the firewall as well as the many free add-ons. For example, the L7 DDoS protection, where we protect all customers‘ websites from attacks with our self-developed proxy solution. is just a copycat What’s the deal with the competitor Did they steal your brand name? Or were they possibly employees of your company who went into business for themselves?

Paul Waldmann: This is an unknown competitor who stole the brand name. You advertise DDoS protection of up to 980gb/s. What exactly is meant by this? The maximum data throughput?

Paul Waldmann: This is the backbone, but is significantly more in the meantime. Because most DDoS attacks are volumetric like DNS, NTP, etc. and these need a large backbone so ACL rules can block them. The actual scrubbing capacity is much lower, but is quite sufficient as attacks from botnet are mostly below 50Gbps, and Juniper SRX firewalls are used for that.

Costs for the equipment are in the six-figure range How expensive was it to set up this protection? What equipment is needed for this? Which resources are owned by Blazingfast itself, and which have you rented? And why do you always offer web hosting in combination with DDoS protection as a business model?

Paul Waldmann: For L7 we use NGINX servers with self-developed modules. These hang behind a load balancer. For all other attacks, Juniper SRX firewalls and ACL are used. Blackholing is used as a last resort.

All hardware and components are purchased or leased to ensure corporate integrity. The costs are in the 6-digit Euro range. The reason we give DDoS protection to everyone from the beginning is to minimize the noisy neighbor effect. If someone is attacked and you are on the same physical server, you would be affected, for example by network congestion.

So it is better to protect everyone by design so that no DDoS traffic makes it to the racks.

blazingfastDDoS attacks run permanently, 365 days a year

cloud vps, blazingFast How many times a month do DDoS attacks occur? What is the most common type of attacks? Is DDoS migration still provided by the specialist DDoS Guard from Russia?

Paul Waldmann: DDoS attacks are going on all day, every day. Someone is always under DDoS, some customers even 24/7, because they are attacked permanently. DDoS-Guard was never used, they always used their own in-house solution. That with DDoS-Guard is a rumor. How does the company deal with official requests? After all, Blazing Fast’s headquarters is still outside the EU. Do you ignore copyright infringement requests? Or do you just answer them much later?

Paul Waldmann: Everything except for court orders is ignored. Day-to-day business continues to be conducted in Kiev, Ukraine, the company’s standpoint on the website, is purely virtual. Have any of the servers within the EU ever been seized?

Paul Waldmann: No.

BlazingFast becomes active only in case of judicial orders from Kiev

blazingfast cloud What happens when an abuse arrives demanding the deletion of a page/URL/content? Do you inform the customers about the deletion request?

Paul Waldmann: Each Abuse email is forwarded to the customer, but no action is taken. If the customer refuses to delete, we wait for the court order. So forever. Surely some authorities or prosecutors would like to have insight into your servers. How are you prepared for legal disputes? Is there an extra budget for all cases?

Paul Waldmann: Fortunately, the courts in Ukraine run very, very slowly and inefficiently. So as long as no laws are broken within Ukraine, there is nothing to worry about.

Also, since most of the servers are not in Ukraine, Ukrainian authorities or prosecutors cannot get a look at them.

We are not liable for the crimes of our customers! What can the authorities do at all? In the worst case, seize the servers? Many of them are within the EU. Why actually, does this not endanger the independence? Or have there never been any problems in this regard?

blazingfast facebook advertisment

Paul Waldmann: The provider is not liable for crimes committed by the customer. In the worst case, physical servers would be confiscated, or in the case of a virtual server, the VPS container/image would have to be released (snapshot if necessary).

The servers are located within the EU, as this is requested by the customers, and our partners like offer an excellent service, which we are happy to pass on to the customers. Do you have any idea who your customers are? Age, purpose of the websites etc.

Paul Waldmann: All information our customers give us is on a voluntary basis. We do not check them and therefore have no idea if they are genuine.

Satellite connection for servers important in IPTV sector You offer a satellite connection for servers as a real unique selling point. How did you come up with the idea? Which partners are you working with in this area?

Paul Waldmann: This is a service offered by NFOrce, which we pass on to customers as a reseller product. There are many customers in the IPTV sector for whom the reception of satellite TV signals is of great importance.

the spamhaus project Did BlazingFast ever have problems with the Spamhaus organization?

Paul Waldmann: In case of a SPAMHAUS listing, the IP or server will be blocked immediately. This is one of our only rules. No Spamhaus, Pedo, Terror. Phishing, Carding etc.

Gray area is approved, black is undesirable. This shows once again how powerful Spamhaus is. We have reported on this in detail before.

How will the Internet change in the next few years? Even more rules and laws? Or even more commercial offers? Even more surveillance in the future? And what will you do professionally then?

Paul Waldmann: There will definitely be more laws and big companies like Google GCP, Amazon AWS and Microsoft Azure will get more and more marketshare.

However, within the niche, which is DDoS protection and privacy, BlazingFast will continue to grow. There is a positive outlook for the future. Thanks for answering the questions!

Paul Waldmann: You’re welcome! If more questions come up afterwards, I’ll be happy to answer them here in the forum.

Lars Sobiraj


Lars Sobiraj fing im Jahr 2000 an, als Quereinsteiger für verschiedene Computerzeitschriften tätig zu sein. 2006 kamen neben noch zahlreiche andere Online-Magazine dazu. Er ist der Gründer von Außerdem brachte Ghandy, wie er sich in der Szene nennt, seit 2014 an verschiedenen Hochschulen und Fortbildungseinrichtungen den Teilnehmern bei, wie das Internet funktioniert.