Comment by jeroenhd
1 year ago
Companies like these give out ridiculously huge free tiers in the hopes that very few users end up using the high free bandwidth limits. In most cases, they do. However, they do need to make their money back somehow.
I don't really get why people put their tiny static sites on hosts designed to never fall over no matter the traffic generated, no matter the situation. You're running a blog, not a government service. You don't need AWS or Netlify.
The ability to withstand almost any DDoS attack for a high price is a valuable service. It's not a scam. The people who get these huge bills just picked a hosting service that doesn't fit their requirements. I can promise you that the $3 shared hosting providers won't charge you $5k, five minutes after the DDoS starts your site just goes down.
Regardless, at the end of the day, budgets still need to be followed whether you're an individual or a business. It's simply insane in the first place that someone on the free tier would want absolutely no downtime regardless of how high the traffic is. For that, it would make sense for such an individual to be already on an Enterprise plan if they do expect it to likely happen and for which many do not.
I think it depends on what you're using the free plan for. If you're kickstarting a business and manage to attract a wide audience by getting featured on HN/Reddit/the news, you may want to sacrifice a few thousand dollars for the user growth that all of this traffic provided. Paying enterprise pricing doesn't necessarily make sense if you're normally getting less than a few thousand visits per day. Same goes for all the hip and cool server solutions such as "serverless" cloud functions.
The core product is already enterprise-grade. Netlify's pricing page basically turns into a "contact sales" button when you select "enterprise", probably for businesses that did their math and are trying to get a discount. Everything about their website seems to target medium to large businesses or hopeful startups.
> they do need to make their money back somehow
You're assuming Netlify is paying for bandwidth in $/GB, when in reality they're probably paying $/gbps and thus have no costs to cover when a customer temporarily bursts their bandwidth.
It doesn't really matter how Netlify ends up paying for their traffic, at the end of the day, there's a bill to be paid.
In your example, a DDoS sucking down bandwidth would cost more than a DDoS would had it been about total transfer volume. Their servers can only produce a set amount of network traffic at a time and on one single day, this one customer sucked up 5½gbps continuously, based on the 60TB figure provided in the reddit post.
This kind of extremely bursty traffic takes capacity that would otherwise be usable for tens or hundreds of customers, but to meet their guarantees, they must scale out massively to catch these bursts. I think it makes sense that making them dip into their bandwidth reserves should cost more than the average cost of a network transfer.
I don't know the actual costs Netlify has, and I'm sure the support rep saying they can drop this down to 20% or even 5% shows that there's a buffer here, but the 5 grand OP was asked to pay seems to come awful close to what you would pay on other high-reliability providers, such as Amazon. The max fee is probably to push their expensive customers into special deals (or to their competitors), but I find their 5% offer quite reasonable.
If they actually had to pay those costs, I promise you they wouldn't be letting their customers run up a bill without a credit check.
There's also the question of whether Netlify is even accurately tracking this bandwidth...
Any suggestions for hosts that will just make your site offline once it reaches its tier limit? Cloudflare and Netlify get suggested a lot and I was considering one of them before this.
From what I can tell, OVH allows for unlimited traffic, unless you host in Sydney or Singapore.
Budget hosters will either cut you off completely (shut down your VPS) or throttle your network. For instance, Contabo doesn't charge extra, but it does reduce your network speed to 100mbps if you're exceeding an average connection speed of 100mbps over a timespan of 10 days. Leaseweb offers you the choice to power down a VPS when exceeding the bandwidth cap (though this is disabled by default).
If you need more bandwidth, Hetzner is popular, and charges around €1 per TB of bandwidth if you exceed their free bandwidth (+VAT, the $104k bill would be €40 under Hetzner, as 20TB is included for free) and provides configurable automated traffic email notifications before you hit that. Personally, I would add a warning after the very first terabyte, because I don't know what personal project even uses that much bandwidth.
Their dedicated servers don't seem to have a bandwidth limit, though there seems to be a fair use policy (there's this thread: https://lowendtalk.com/discussion/180504/hetzner-traffic-use... where a user complains about Hetzner threatening to end the contract after exceeding 250TB of traffic).
Many VPS providers and shared hosters won't send you these huge bills, but you should always read up on their policies when renting servers of any kind. These hosters don't come with free tiers (which I assume is the reason people consider services like Netlify in the first place) but they will usually tell you how they deal with bandwidth issues in their FAQs.