I am considering hosting something and am concerned about DDOS attacks.
I am morally opposed to cloudflare because I think they are an unethical and shitty company.
What privacy focused solutions are there to reduce the likelihood of a successful DDOS attack?
You must log in or register to comment.
You’re being downvoted because you’re asking another “I want everything, but works exactly to my needs, only the way I want it, and cheap.” kind of question.
Cloudflare exists for a reason, as does every other DDOS mitigation platform. If there was a better or cheaper solution, they would be out of business already.
Best you’re probably going to do for self-hosting is going to be blackholing abusive connections, but even then you’re only going to be able to mitigate so much. Differentiation of mass amounts traffic still takes a massive amount of time and compute.
To add for people who might not be up on the technical aspects: DDOS mitigation works only if you have absolutely enormous amounts of bandwidth and compute resources to intercept and scrub the traffic.
It’s not some magic wand someone is waving at a server and poof the DDOS disappears; it still comes into a datacenter, hits a server and is then mitigated before making it to your actual host.
So you have to invest in enough bandwidth and hardware to outscale the largest DDOS you’re expecting, which is going to be far less than what’s going to REALLY happen, and it has to be available even when nothing is going on.
It’s expensive to offer, expensive to run, and only really gets “affordable” at the scale of someone like Cloudflare or Akamai or a hyperscaler.
It’s either private, good, or cheap: pick one, maybe two.
I wouldn’t worry about DDOS attacks at all.
People simply don’t care about whatever small website you plan on hosting. Unless it’s something extremely controversial and you gain a lot of exposure suddenly.
It’s worth worrying about if you ever get big but until then just forget it.
I.E. do something about it when/if it happens and not before. A ddos is fairly harmless unless you need to stay up for some reason (and you don’t need to stay up).
What’s your budget?
As little as possible. This will probably be a low traffic site. I just want something cheap and not cloudflare.
I don’t think there is anything else free. Best you can do is host with someone like ovh that has enough resources to provide basic protection.
You’re not really at risk of DDOS in that case, I wouldn’t worry about it.
Why would someone want to ddos ur small site, real ddos is extremely expensive attack,
I’d set-up a static website on an AWS S3 bucket. Then you can use AWS Cloudfront to distribute access around the planet.
Cost is mostly negligible unless you are serving big files.
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:
Fewer Letters More Letters CF CloudFlare HTTP Hypertext Transfer Protocol, the Web VPN Virtual Private Network VPS Virtual Private Server (opposed to shared hosting) nginx Popular HTTP server
4 acronyms in this thread; the most compressed thread commented on today has 9 acronyms.
[Thread #906 for this sub, first seen 4th Aug 2024, 21:15] [FAQ] [Full list] [Contact] [Source code]
It wouldn’t stop against volumetric attacks…
They’d still fully consume the WAN bearer regardless of Crowdsec protecting the endpoint. For that you need a scrubbing centre to dump the traffic onto.
If you don’t want to go full Cloudflare you can mitigate DDOS using these kind of technique locally.
https://blog.nginx.org/blog/mitigating-ddos-attacks-with-nginx-and-nginx-plus
Cloudflare will be a lot more effective in case of attack. But I don’t think most people need more than a few mitigation rules. If DDOS really come, there are very few things you could do to mitigate anyway.
why downvote 🤔
