There have been multiple accounts created with the sole purpose of posting advertisement posts or replies containing unsolicited advertising.

Accounts which solely post advertisements, or persistently post them may be terminated.

Decronym Bot , (edited )

Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:

Fewer Letters More Letters
CF CloudFlare
HTTP Hypertext Transfer Protocol, the Web
VPN Virtual Private Network
VPS Virtual Private Server (opposed to shared hosting)
nginx Popular HTTP server

4 acronyms in this thread; the most compressed thread commented on today has 9 acronyms.

[Thread for this sub, first seen 4th Aug 2024, 21:15] [FAQ] [Full list] [Contact] [Source code]

lud ,

I wouldn’t worry about DDOS attacks at all.

People simply don’t care about whatever small website you plan on hosting. Unless it’s something extremely controversial and you gain a lot of exposure suddenly.

It’s worth worrying about if you ever get big but until then just forget it.

I.E. do something about it when/if it happens and not before. A ddos is fairly harmless unless you need to stay up for some reason (and you don’t need to stay up).

yogsototh ,
@yogsototh@programming.dev avatar

If you don’t want to go full Cloudflare you can mitigate DDOS using these kind of technique locally.

blog.nginx.org/…/mitigating-ddos-attacks-with-ngi…

Cloudflare will be a lot more effective in case of attack. But I don’t think most people need more than a few mitigation rules. If DDOS really come, there are very few things you could do to mitigate anyway.

lemmyvore ,

You don’t have to worry about DDoS:

  • DDoS is an advanced technique and the people who can do that spend a lot of time and effort putting malware on machines that can be ordered to perform DDoS on command. They usually sell that attack capability and it ends up getting used against worthy targets, we’re talking attacks that disrupt entire industries, elections, warfare etc. Do you really think what you’ll be hosting will attract that kind of attention and be impossible to take down with simpler methods?
  • To survive a DDoS attack you need a lot of resources, from a professional platform (like CloudFlare). The stuff they offer for free is not going to get you through a DDoS. If you’ll read their terms you’ll see it’s worded just ambiguously enough to mean nothing. If you ever actually get targeted by an actual DDoS and you haven’t paid a lot of money to a platform like that, everybody will simply drop you instantly (your ISP, your VPS provider, your tunnel provider, your VPN provider etc.) and possibly kick you off their service too.

If the stuff you’ll be hosting is static files you can use a CDN service. CDN’s are designed to be distributed and redundant so they’re somewhat resilient to DoS attacks by default. They’ll still kick you off if it gets to be too much but maybe you can weather shorter/moderate attacks.

If you’re hosting a dynamic/interactive service forget about it.

lud ,

Everything I have read before says that there is no limit for cloudflare free.

Are you sure about that?

lemmyvore ,

Use your common sense. They’re not going to expend any significant resources to keep up a free website.

They have a small capacity available for mitigating DoS for free accounts together, while resources last. If you happen to fit in that capacity at any given time that’s nice, if you don’t, you go down.

lud ,

Do you have a source for all your claims?

Everything I can find online says that cloudflare DDOS protection is unlimited and unmetered on their free plan. www.cloudflare.com/plans/

But honestly, even if you are not prioritised I doubt Cloudflare will ever run out of resources due to ddos attacks. And if they did the whole internet is pretty much down anyways.

lemmyvore ,

Then why do they offer a separate, distinct DDoS mitigation feature on the enterprise plans? And did you notice they call them “mitigation” and not “protection”? 🙂

Look at the description of each one, the free one “stops illegitimate traffic at the edge”. Meaning they’ll serve from cache, it’s not getting through to your actual site. You can get caching from any CDN service, it doesn’t have to be CF. All CDN services are distributed and will try to serve for as long as possible because their whole purpose is to deal with traffic spikes.

And if you want to know for how long CF (or any service) will serve from cache and how far they’ll go for an account (especially a free account), you want to check the terms of service not the plans. The plans are made to sell to you, the fine print is in the terms.

Anyway, I really don’t understand people’s obsession with DDoS, particularly self-hosting people. The chances of their little website ever being the target of a DDoS are astronomical. Many of them don’t take proper backups, and don’t worry about theft or fire or electric spikes, which are far more likely, but go frantic when they hear about features they’ll never use.

lud ,

Because that is a different feature.

And did you notice they call them “mitigation” and not “protection”? 🙂

Yeah, typo on my part.

You claim that Cloudflare doesn’t live up to their words. Please cite where in the terms of services it says that the DDOS mitigation is limited on the free plan or sources of free customers being affected by this. Or are you just saying “read the fine print” without having read them yourself and you are just using that as some magic way to win all arguments?

Anyway, I really don’t understand people’s obsession with DDoS, particularly self-hosting people. The chances of their little website ever being the target of a DDoS are astronomical. Many of them don’t take proper backups, and don’t worry about theft or fire or electric spikes, which are far more likely, but go frantic when they hear about features they’ll never use.

Yeah, I absolutely agree and I have said that to some in this post. But it’s even more worthless to argue about the free plan. It’s not like some private person is ever gonna be DDOSed so aggressively that Cloudflare would even notice. If an enterprise (like where I work) is in real need of ddos protection they would already be on the enterprise plan or they would be forced to it by Cloudflare.

just_another_person ,

You’re being downvoted because you’re asking another “I want everything, but works exactly to my needs, only the way I want it, and cheap.” kind of question.

Cloudflare exists for a reason, as does every other DDOS mitigation platform. If there was a better or cheaper solution, they would be out of business already.

Best you’re probably going to do for self-hosting is going to be blackholing abusive connections, but even then you’re only going to be able to mitigate so much. Differentiation of mass amounts traffic still takes a massive amount of time and compute.

kionite231 ,

why downvote 🤔

abominable_panda ,

Crowdsec?

NocturnalEngineer ,

It wouldn’t stop against volumetric attacks…

They’d still fully consume the WAN bearer regardless of Crowdsec protecting the endpoint. For that you need a scrubbing centre to dump the traffic onto.

vk6flab ,
@vk6flab@lemmy.radio avatar

I’d set-up a static website on an AWS S3 bucket. Then you can use AWS Cloudfront to distribute access around the planet.

Cost is mostly negligible unless you are serving big files.

Shadow ,
@Shadow@lemmy.ca avatar

What’s your budget?

secretlyaddictedtolinux OP ,

As little as possible. This will probably be a low traffic site. I just want something cheap and not cloudflare.

Shadow ,
@Shadow@lemmy.ca avatar

I don’t think there is anything else free. Best you can do is host with someone like ovh that has enough resources to provide basic protection.

shekau ,

Why would someone want to ddos ur small site, real ddos is extremely expensive attack,

MangoPenguin ,
@MangoPenguin@lemmy.blahaj.zone avatar

You’re not really at risk of DDOS in that case, I wouldn’t worry about it.

lemmyvore ,

Make your website all static files (if you can) and host on a CDN like Bunny.net. It’s $1/month and your website might actually be able to get through some large traffic spikes. It won’t work against a targeted sustained DDoS but like the other comments said that’s not likely to happen.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • [email protected]
  • random
  • lifeLocal
  • goranko
  • All magazines
    •