undefined | Better HN

0 pointsladberg3y ago0 comments

It's not, Cloudflare is just being used for rate limiting / ddos protection here.

0 comments

6 comments · 2 top-level

Aachen3y ago· 2 in thread

Never needed that on my server that's now also a decade old laptop. At least, not for the kind of attention HN#1 gets you (perhaps r/all #1 would be different). I can also imagine it being useful if you run a site that attracts controversy, or if your livelihood depends on it but you're not big enough to have your own datacenter and people want to extort that. Neither is really the case for me, I guess people don't put enough crap on my unfiltered file upload service for me to need big brother protection

ladbergOP3y ago

I think it's a reasonably good precaution to take with a 24 year old server. I'd imagine on hardware that old you could easily get DOSed by a single mean client (or a web scraper bot with bad behavior), so a ddos isn't even needed.

Also this is available on Cloudflare's free plan so it's much safer to take the precaution in case you might need it down the line, rather than get taken down and have to fiddle with setting up Cloudflare on the spot.

Aachen3y ago

You can also kill my server with a single client. Nobody has for the ~15 years that I've hosted on old laptops now. I've run game servers, a wiki mirror, file upload sites, a Tor exit node, torrent seeding, recently a VM image for a malware analysis course, all sorts of random tools and scripts, you name it; various different audiences but most with some technical know-how, yet nobody has felt the need.

People have messed with things and found bugs (so far always reported more-or-less ethically), and lots of scanners go across the Internet daily, but I've never seen a deliberate take-down effort. (Kind of wondering whether I'm calling that upon myself now, but so be it. Let's see what happens.)

This fear of having to react to a DoS attack by knocking on big brother's door and thus preemptively knocking, it's so anti self hosting mentality, but is also pervasive throughout the self hosting community, I really don't understand it.

1 more reply

bombcar3y ago· 2 in thread

How can you tell the difference between cloud flare caching and cloud flare ddos alone?

electroly3y ago

The "CF-Cache-Status: DYNAMIC" response header seems to indicate that the file was not cached.

https://developers.cloudflare.com/cache/about/default-cache-...

> Cloudflare does not consider the asset eligible to cache and your Cloudflare settings do not explicitly instruct Cloudflare to cache the asset. Instead, the asset was requested from the origin web server. Use Page Rules to implement custom caching options.

Cpoll3y ago

That's correct. The only cached resources on this page are the gifs, jpgs, pngs and favicon.

The html page and the hit counter (counter.pl) aren't cached.

j / k navigate · click thread line to collapse