Comment by jamesdepp
1 year ago
I recently rewrote a website/small backend API for a non-profit organization. I could've gone with a serverless architecture for our forms handling API and reduced spending to nearly the free tier, but I had no good way to protect against a scenario like this. There was just not good enough documentation about how to completely cut off spending in the scenario of an attack, and I wasn't comfortable leaving the organization open to a cost attack like this.
So we're using Github Pages for static hosting and a $5 box from OVH now. Unmetered bandwidth, plenty resources for our purposes. Cheap enough, and we will never, EVER, have to worry about an attack like this. Well worth it imo.
Imo, serverless is great for internal jobs where you can control spending. For public facing things, you have to be a lot more careful.
Yeah I'm doing the same, a combination of OVH, Scaleway and Hetzner.
Sure there is no such thing as "free unlimited" bandwidth but I much prefer unlimited with a fixed cost until they decide it's not worth it and shut me down vs unlimited risk with no ability to cap it.
The lack of cap is the worst part and it's 100% a business decision. Every provider who tracks bandwidth could add a cap but they just choose not to because it's too profitable and the risk is mostly* on the customer anyways.
*there is of course a tiny chance they the customer goes bankrupt and they get almost notning, but usually they just need to pretend to be nice and forgive all or most of it
I am confused. Why couldn’t GitHub Pages suffer a DDOS attack? Also they don’t want you using them for business purposes:
https://docs.github.com/en/pages/getting-started-with-github...
GP probably refer to getting a huge surprise bill after a ddos attack, not github never got any ddos attack.
Worth reading - thanks for sharing.
Arguably a non-profit (unless it was selling stuff from the site, which is unlikely) would be exempt from their list of prohibitions.
It can but it won't result in surprise bill because the bandwidth is capped.