Hey everyone, I'm in the process of setting up a personal website with a focus on maps, and I'm considering hosting it on AWS. While the hosting costs don't worry me even if the site becomes popular, my biggest concern is the threat of DDoS attacks. Given the sensitive nature of international borders, I anticipate potential conflicts over interpretations, leading to targeted attacks that could flood my site with requests and skyrocket my costs. Even with AWS's WAF, I'm worried that without the expensive Shield Advanced option, I'm left vulnerable. I'm hoping for some advice on whether AWS can effectively protect me from these attacks without breaking the bank, or are there better alternatives?
5 Answers
AWS WAF does offer DDoS protection rules, and you might also want to look into using API Gateway to set rate limits. You could even set up alerts to take your site offline during crazy traffic spikes. Just make sure to enable cost anomaly detection to keep an eye on your expenses.
And don’t forget to consider using AWS Lambda for a more cost-effective option, especially if you expect variable traffic!
In your case, it seems like a good idea to lock things down with AWS WAF and API Gateway. Set spending limits, and if you happen to attract unwanted attention, at least it will mean your project is getting noticed! It's all about finding a balance.
Exactly! And even if AWS doesn't guarantee 100% uptime, you can mitigate risks and focus on building your site.
Thanks! I guess it’s mostly about being proactive anyway.
You could totally host your site on AWS and use Cloudflare at the same time! It provides a decent level of protection and has a free tier that can help mitigate DDoS attacks, making it a great option for your situation.
Hosting on AWS can bring some of the same risks whether you host it yourself or not. If you're on an EC2 instance, consider writing a script to analyze your logs for repeated requests from the same IP and block them. It’s a solid way to limit the impact of a DDoS attack.
Why not use Cloudflare as a proxy? It’s super simple to set up and offers great DDoS protection, even in their free tier. Plus, if you need any help, configuring it is a breeze!
Absolutely! I've set that up myself. It can help prevent unexpected charges when traffic goes haywire.