fsebugoutzone.org:9999

       Post AQfaz6s4CSR3SCViiW by codesections@fosstodon.org
 (DIR) More posts by codesections@fosstodon.org
 (DIR) Post #AQfaz6s4CSR3SCViiW by codesections@fosstodon.org
       2022-12-15T16:27:58Z
       
       0 likes, 0 repeats
       
       Does anyone know how Hacker News avoids being constantly DDoSed?  I mean, it&#39;s got an API (https://github.com/HackerNews/API) that doesn&#39;t require authentication and doesn&#39;t have a rate limit—which seems like a perfect recipe for DDoS attacks. Yet HN is typically a very reliable site. Any idea what&#39;s their secret might be?(I posted ^^^^ as an &quot;Ask HN&quot;, https://news.ycombinator.com/item?id=34001410  But so far, the only suggestion was &quot;Maybe people just love Hacker News too much to DDoS it&quot;That strikes me as … implausible )
       
 (DIR) Post #AQfazEsMRFQMHQi4Ho by ayo@lonely.town
       2022-12-15T16:39:22Z
       
       0 likes, 0 repeats
       
       @codesections Interesting question, curious about the answer.The possibility that nobody has tried yet seems somewhat plausible to me, actually. I&#39;ve hosted two moderately poplar sites for over a decade myself, both with active communities and the occassional (heated) drama that inevitably comes with the territory, but I&#39;ve never experienced an actual DDoS so far.But then, I also don&#39;t know what motivates someone to launch a DDoS in the first place.
       
 (DIR) Post #AQfazJ5clsPVLiwiW0 by codesections@fosstodon.org
       2022-12-15T16:52:16Z
       
       0 likes, 0 repeats
       
       @ayo &gt; The possibility that nobody has tried [to DDoS Hacker News] yet seems somewhat plausible to me, actually. I&#39;ve hosted two moderately poplar sites for over a decade myself… [without being a DDoS target].  But then, I also don&#39;t know what motivates someone to launch a DDoS in the first place.I don&#39;t know where the line between &quot;moderately&quot; and &quot;very&quot; popular is, but HN apparently gets  ~12M visits/month (https://www.similarweb.com/website/news.ycombinator.com/#overview) – I would think that&#39;d be enough to draw some attention
       
 (DIR) Post #AQfazNBnWrj241rhh2 by ayo@lonely.town
       2022-12-15T16:54:42Z
       
       0 likes, 0 repeats
       
       @codesections According to that site, I&#39;m dealing with 2.7M and 3.4M visits/month, which is probably not that far off.
       
 (DIR) Post #AQfazNc1xKi1NO8ea8 by codesections@fosstodon.org
       2022-12-15T16:59:06Z
       
       0 likes, 0 repeats
       
       @ayo &gt; I&#39;m dealing with 2.7M and 3.4M visits/month [and haven&#39;t been a DDoS target]That&#39;s actually very interesting and causes me to *significantly* revise my estimate of the likelihood of a random site being DDoSed.Maybe I&#39;ve bought into #cloudflare&#39;s hype (or that of static site generators) but I&#39;d thought of &quot;DDoS protection&quot; as something of a requirement for even small sites.
       
 (DIR) Post #AQfazOqxLKF5Dy85U8 by besserwisser@shitposter.club
       2022-12-16T16:34:57.353413Z
       
       0 likes, 0 repeats
       
       @codesections @ayo Like any security-related concern, it&#39;s a cost-benefit thing. How much are you willing to invest to keep your site up? It depends on how likely it is to happen and how much it would cost you.
       
 (DIR) Post #AQfazQ0v1lo0p9nYeW by codesections@fosstodon.org
       2022-12-15T17:01:40Z
       
       0 likes, 0 repeats
       
       @ayo Though I guess for a small site, there&#39;s also the Slashdot effect/hug of death, which is something like a &quot;friendly&quot; DDoS.Maybe I&#39;ve been lazy in lumping non-targeted traffic spikes (very common) together with targeted DDoSes (potentially less common than I thought?)