Hey, s1mplicissimus, hope you are well!

Dud(ett)e, it's a message board comment, not a scientific study.

But do you really doubt that most ISPs will gladly disable your 1Gb/s home-slash-SMB connection for the rest of the month in face of an incoming 1Tb/s DDOS? Sure, they'll refund your €29,95, but... that's about it, and you should probably be happy they don't disconnect you permanently?

Hi ZeroConcerns, I'm doing fine, thanks, hope you too!

There's no but... - just claims you made that I dared to question just for fundamentals, which obviously you want to dodge. I won't go as far as questioning your intellectual honesty here, but I really have a hard time seeing it. So now for reals, good day

I have no idea. I've been running my own web site without any CDN for nearly 25 years, and I don't have any idea what my host would do if I got DDoSed, because it has never happened.

It comes down to politics, if I'm hosting a weird porn website, I'm sure my host would drop me. But since I have a run of the mill SaaS website or a landing page for a business hosted. I'm sure my host would see no point in dropping my service, if I get DDosed, my neighbours got ddosed as well similarly I'm sure. Maybe they charge me extra or rate limit the connection, idk.

In fact, I expect my host to kick weird porn websites from their servers so that I don't have any bad neighbours, we're running legitimate businesses here sir.

Maybe they'd push me into upgrading my server, as a sort of way of charging me for the increased resources, which is fine. If I'm coasting on a 7$ VPS and my host tanks a DDoS like a hero, sure, let's set up a 50-100$ dedicated server man.

In business loyalty pays and it goes both ways.

I have more than 1 hosting provider though, so I can reroute if needed, and even choose not to reroute to avoid infecting other services, isolating the ddosed asset.