Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
pixel_popping 8 hours ago

Mostly since the AWS craze started a decade ago, developers have gone away from Dedicated servers (which are actually cheaper, go figure), which is causing all this mess.

It's genuinely insane that many companies are designing a great amount of fallbacks... on the software level but almost none is thought on the hardware/infrastructure level, common-sense dictate that you should never host everything on a single provider.

geerlingguy 8 hours ago | parent | next [-]

I tried as hard as I could to stay self hosted (and my backend is, still), but getting constant DDoS attacks and not having the time to deal with fighting them 2-3x a month was what ultimately forced me to Cloudflare. It's still worse than before even with their layers of protection, and now I get to watch my site be down a while, with no ability to switch DNS to point back to my own proxy layer, since CF is down :/

VladVladikoff 8 hours ago | parent [-]

This is wild. Was your website somehow controversial? Ive been running many different websites for over 30+ years now, and have never been the target of a DDOS. The closest I’ve seen was when one website had a blind time based sql injection vulnerability and the attacker was abusing it, all the SLEEP() injected into the database brought the server to a crawl. But that’s just one attacker from a handful of IPs, hardly what i would call a DDOS.

geerlingguy 7 hours ago | parent | next [-]

I made the mistake of telling people it was hosted on a Pi cluster in a YouTube video a couple years ago, and asked nobody to try DDoSing it. I was a bit more naive thinking the YouTube viewer community was more like HN where people may joke about it, but nobody would actually do it.

I was wrong, and ever since I've dealt with a targeted attack (which was evolving as I added more CF firewall rules). At this point it's taken care of, but only because I have most things completely blocked at the CF firewall layer.

bobdvb 6 hours ago | parent | next [-]

Until I changed job recently, I spent the past 8 years working in an area of tech that many people on places like HN and Reddit think that the work is a horrific waste of effort (DRM and content security for a streaming company).

The idea that if companies like my former employer would stop doing DRM their audience would embrace it is rife idealism. But based on bitter experience so enough people will do bad things just for the lulz that you need to cover your ass.

My home lab will never have an open port, I'll always put things behind a CDN or zero trust system, even then...

FWIW, it's worthwhile just for educational reasons to look at abuseipdb.com quite revealing.

engeljohnb 2 hours ago | parent [-]

I'm a lay person, but do you mean DRM isn't just copy-protection? Is it also network security?

Imustaskforhelp 7 hours ago | parent | prev [-]

Jeff the reason why I think is that youtube community is more main-stream and I would consider you to be a really nice youtuber but even that might attract some bad faith actors just because of how main-stream youtube is as well compared to HN which is more niche-overall

(also congrats on 1 million subscribers but I know you must be tired of listening it but have a nice day jeff! Your videos are awesome!)

shagmin 5 hours ago | parent | prev | next [-]

When I was younger and living in military dorms, I put a old throw away laptop hosting a simple website via Apache on the internet. Every time I checked the log it'd be full of so many random, wild spurts of attacks (granted I had basically 0 legit traffic).

pclmulqdq 8 hours ago | parent | prev [-]

I think people sometimes mistake legitimate traffic spikes for DDOS attacks. My blog has the former, but no site I have ever hosted has seen the latter.

imglorp 8 hours ago | parent | prev | next [-]

With the state of constant attack from AI scrapers and DDOS bots, you pretty much need to have a CDN from someone now, if you have a serious business service. The poor guys with single prem boxes with static HTML can /maybe/ weather some of this storm alone but not everything.

spurgu 8 hours ago | parent [-]

Yeah this is the gist of it. Cloudflare provides an important service that is quite challenging to implement by yourself.

herbst 6 hours ago | parent [-]

This is the sad reality behind it. My websites would be constantly down because of AI scrapers. If anyone knows a good alternative, that doesn't cost an arm and a leg I am very open to hear!

elondaits 8 hours ago | parent | prev | next [-]

I self hosted on one of the company’s servers back in the late 90s. Hard drive crashes (and a hack once, through an Apache bug) had our services (http, pop, smtp, nfs, smb, etc ) down for at least 2-3 days (full reinstall, reconfiguration, etc).

Then, with regular VPSs I also had systems down for 1-2 days. Just last week the company that hosts NextCloud for us was down the whole weekend (from Friday evening) and we couldn’t get their attention until Monday.

So far these huge outages that last 2-5 hours are still lower impact for me, and require me to take less action.

bungle 7 hours ago | parent [-]

Solving issue for a few, and making issues for millions, including perhaps the few. It is easier to sleep at nights though, for a few.

MattSayar 6 hours ago | parent | prev | next [-]

I like the idea of having my own rack in a data center somewhere (or sharing the rack, whatever) but even a tiny cost is still more than free. And even then, that data center will also have outages, with none of the benefits of a Cloudflare Pages, GitHub Pages, etc.

nzach 7 hours ago | parent | prev | next [-]

> developers have gone away from Dedicated servers (which are actually cheaper, go figure)

It depends on how you calculate your cost. If you only include the physical infrastructure having a dedicated server is cheaper. But by having some dedicated server you loose a lot of flexibility. Needs more resources? Just scale up your ec2, and with a dedicated server there is a lot more work involved.

Do you want a 'production-ready' database? With AWS you can just click a few buttons and have a RDS ready to use. To roll out your own PG installation you need someone with a lot of knowledge(how to configure replication? backups? updates? ...).

So if you include salaries in the calculation the result changes a lot. And even if you already have some experts in your payroll by putting them to work in deploying a PG instance you won't be able to use them to build other things that may generate more value to you business than the premium you pay to AWS.

slightwinder 7 hours ago | parent | prev | next [-]

Cloud-Hoster are that hardware-fallback. They started with offering better redundancy and scaling than your homemade breadbox. But it seems they lost something along the way and now we have this.

powerpixel 8 hours ago | parent | prev | next [-]

Maintainance cost is the main issue for on-prem infra, nowadays add things like DDOS protection and/or scraping protection, which can require dedicated team or for your company to rely on some library or open source project that is not guaranteed to be maintained forever (unless you give them support, which i believe in)... Yeah I can understand why companies shift off of on-prem nowadays

PaulHoule 8 hours ago | parent | prev [-]

... dedis are cheaper if you are rightsized. If you are wrongsize they just plain crash and you may or may not be able to afford the upgrade.

I was at Softlayer before I was at AWS and what catalyzed the move was the time I needed to add another hard drive to a system and somehow they screwed it up. I couldn't put a trouble ticket it to get it fixed because my database record in their trouble ticket system was corrupted. The next day I moved my stuff to AWS and the day after that they had a top sales guy talk to me to try to get me to stay but it was too late.