
Ask HN: How do you host your side projects? - _6cj7
Do you use databases? What is your monthly traffic? What is your technology stack? Provide some context, please.
======
mattbgates
I use DreamHost and usually the process goes something like this:

(If interested, affiliate link w/free domain offer:
[https://www.dreamhost.com/r.cgi?1405127/signup|confessions](https://www.dreamhost.com/r.cgi?1405127/signup|confessions))

1\. Think of a great idea for a side project. 2\. Purchase domain at GoDaddy
with [usually] 35% discount. 3\. Host website at DreamHost. 4\. Design and
code website / side project. 5\. Test it and ensure it works to at least 90%
of the time. 6\. Put it on DreamCompute (Cloud hosting provided by DreamHost)
where it is a faster and independent server.

I usually code in PHP and Javascript. I use DreamObjects from DreamHost which
is basically AWS which is technically a very stable CDN ... I believe I've had
99.9%, maybe even 100% uptime.

On my busiest website hosted on DreamCompute (
[http://www.confessionsoftheprofessions.com](http://www.confessionsoftheprofessions.com))
: I normally receive about 1,000 visitors daily. Sometimes it spikes depending
on whats trending or if something goes viral. For a few weeks, I was getting
10,000-20,000 visitors a day and the website handled very well... it didn't go
down at all.

On my average website hosted on Shared Hosting (
[https://mypost.io](https://mypost.io) ): I normally receive about 100
visitors daily. Occasionally things go viral and I'll get 300-500 visitors a
day in blocks.

As for my other side projects.. they aren't really public or traffic is too
low to mention. And I normally MySQL databases for everything.

~~~
ganessh
In [https://mypost.io](https://mypost.io), the captcha is a plain text. Does
that actually prevent bot from spamming your service? Have you ever seen any
spams?

~~~
mattbgates
There are some measures in place that go beyond just the "plain text" you see.

It prevents most bots from getting through, at least automated bots that seek
out empty input boxes and add random stuff to them and attempt to hit a submit
button. I had tried Google Recaptcha but there were just too many issues with
it, for whatever reason, so I had created my own. I'm still experimenting with
several different measures for improving the captcha. I've had two attacks
since its creation 2 years ago. The spammer was able to create over 5,000
posts in just a few hours.

The first spammer actually emailed me and was pissed off. The entire email was
in Russian but it translated into: "Why did you delete all of my posts I
created?" Definitely correlated as it was just a few hours after I deleted
them that I received that email.

The most recent attack was just a few weeks ago. I added some additional
"captures" which seems to have prevented anything further. These pages were
also in Russian and basically just linked to random forums all over the
Internet. I don't think MyPost has any potential to give "rank" at all, but
I'm pretty sure it's being done for backlinks. It may be that the "spammer" is
a live person that goes through the source code and actually writes their own
code to break through and create posts on MyPost.

The only thing I can keep doing for the time being is learning their methods
and implementing new measures to prevent them from getting through, just as
they continue to learn mine. There was a Show HN a few days ago that actually
encrypted passwords on the client side, so I may look into that code and
revise it to work as a captcha.

~~~
le-mark
I implemented captcha once. There's a python captcha image generating library
I used to create many thousands of 4 digit images, served them with a unique
key to reference from form, stored the key in redis for fast lookup.

I'm not saying this was a great or even good solution, but attackers would at
least have to do OCR on the image to crack it, as opposed to examining the js
on the page.

~~~
mattbgates
I would certainly consider image-as-captcha, but it is not my favorite method.
From my experience of running a website in which I do cater to at least a
dozen handicapped readers that I've spoken to personally, some of whom are
blind, others who are deaf, others with dyslexia or have trouble reading text,
these types of captchas cripple those users.

And while it might seem like -- oh well for them -- having to deal with
challenges in the real world is hard enough, and now they'd have to face it on
the Internet too? So that is why I am trying to come up with a captcha system
that can fool bots, but is human-friendly and not complicated just the same.
Google's No-Captcha Recaptcha usually works great and I have used it on other
websites, but for some reason, unfortunately on MyPost, it had failed me,
either not "seeing" my answer as correct, or just not working as it should.

But I do appreciate your suggestion le-mark.

------
indescions_2017
Quick demos and POCs work well on Github Pages.

More dynamic apps can be hosted on Google Compute Engine's free tier. Single
core Xeon vCPU with 600Mb RAM. Enough to run Ubuntu 16.04, Caddy, and a
pipeline of concurrent golang micro-services in parallel for maybe a few
simultaneous users per second ;)

Use Firebase or Cloud Datastore free tiers for real-time data persistence.

You'll get warnings about load, asking you to upgrade to a medium instance in
the control panel. But it suffices for an MVP and to gauge interest. And it's
effortless to scale when all you have is golang binaries, systemctl service
scripts and API keys. No Docker Required!

To get even more minimal, try architecting a serverless solution. Best of
luck!

[https://cloud.google.com/functions/](https://cloud.google.com/functions/)

------
jetti
For the project I'm seriously putting effort into I use Hostgator, MySql,
Wordpress and Amazon S3. It is a desktop application so I don't need any fancy
hosting.

For another project that I did in Elm and threw some ads up I use Namecheap
hosting (with no database).

Finally, for consulting and for my upcoming project (Blog engine in Elixir
with no dependencies on Phoenix, just Plug) I'm probably going to be using
Digital Ocean droplet with a self-hosted PostgreSQL, though I may end up doing
either Amazon Container service with RDS or Google's Kubernetes Service with
RDS or Google's version of RDS.

I also use DO for deployments with the contracting work I'm working on to show
clients progress.

------
emilburzo
For low traffic ones I host them about 1 meter away :)

On my "server" \-- actually a desktop PC used headlessly (specs for anyone
wondering: i7-4790, 32GB RAM, 2TB raid with 2xWD Re drives, 20 min APC UPS,
100/100 connection)

Projects are separated using LXC containers or Docker, KVM/QEMU wasted too
much memory.

For anything that gains a lot of traffic or is a bit more critical --
luckily(?) only one at the moment -- same setup but on online.net dedicated
servers.

Stack is all over the place, from Java to Python to Go, from Postgres to
MongoDB to flat files, you get the idea.

------
bobbington
Vultr is at $2.50 a month for 512mb ram which is plenty for a side project. As
for your tech stack you'd use Linux of course but as for programming language
it's your preference.

I think my current favorite stack would be node + mongo + vue for a side
project. Sure people hate mongo for big projects, but it's just so stinking
convenient.

------
lappet
I host [https://samosasnearme.com/](https://samosasnearme.com/) on Amazon S3
and Lambda. It comes out to 50 cents a month for Route 53 and around $12 a
year for the domain. Traffic is pretty low, around 100 visits monthly.

------
savethefuture
I host on Digital Ocean, self setup vps.

Tech stack: go, php, c, python, sqlite, mysql, nginx, redis, aws s3

Traffic: couple 10 thousand maybe

~~~
mapster
I would like to move from 10 shared hosting sites to a VPS but do not know
anything about setting the servers, file transfer, app installs etc.

Can you please recommend a resource / book for VPS newby?

~~~
le-mark
Just curious why your interested in consolidating to a single vps? In other
words, what are the determing factors? Price, peformance, complexity?

Now opinion; it really makes me sad that the world has moved this way, that
developers are now expected to be sys admins. I do it myself. I'm a pretty
good developer, but I'm no sys admin. I feel like sys admin as a profession
has been devalued to an astonishing degree in recent years. I blame the easy
and cheap availability of cloud services like linode and digital ocean and
developer moving in mass to procuring and provisioning their own servers.

I'm to blame as well, but a good sys admin brings A LOT to the table. Keeping
configuration sane and secure, keeping things patched. I've worked with a few
who are really good, I miss having good sys admins when the job doesn't have
them.

~~~
mapster
Yes cost, but if you are suggesting I should hire a sys admin to handle the
vps then that is a consideration. Where does one find a reliable sys admin to
do misc vps tasks etc?

~~~
le-mark
I wasn't suggesting you hire a sys admin, I was lamenting this "everyone
should be a sys admin" culture we have come into. Personally, I'd pay someone
to review my setups and point out anything glaring, but have not gone that far
yet.

------
magacloud
We have so many people who use MEAN based stack and run it on Linode or
DigitalOcean. This is not only from our online surveys, but from interactions
at local meetup events.

------
marktangotango
AWS t2.micro, three year reserve (about $5 a month). I use Apache, mod lua,
redis, and SQLite. Near zero traffic, side project attracted no users.

------
leandot
Kimsufi, cheap, good dashboards, and so far surprisingly reliable.

------
RUG3Y
surge.sh is perfect for static front-end things. Heroku and Digital Ocean for
everything else.

