The response from Netlify on this issue left much to be desired. “Yeah we give a lot of discounts but you need to ask for them!”
Okay, but you’re making people ask for them because some won’t and you get to make massive profit from them. So, you don’t because it fits your bottom-line. It doesn’t matter that you _can_ give a discount but aren’t at all interested in making it happen in a way that doesn’t cause massive stress for customers, or aren’t interested in adding protections against this.
If you’re not going to provide an obvious solution you’re effectively doing it on purpose because you know it’s a common and increasing problem causing real issues but choose not to remedy it. At what point do people using Netlify get held ransom by DDOS entities lest they drop a massive bill on them?
It’s also a pretty obvious requirement for any cloud platform. AWS has it as a core feature. Netlify is not being honest about this whole thing because their books and stats inherently look better for investors if they don’t.
But it seems that their reputation for this stuff is catching up to them, and they’re not providing some service that can’t be readily replaced. So I hope that folks realize there shitty on purpose and don’t use them.
This reminds me of DirectNIC's old practice. I set up a site with them, tols them when it would go viral (at launch) and serve million of page views. They assured me it was all good, and they could handle it. I offered to prepay hundreds of dollars and they refused. Then it takes off and DirectNIC takes down my site saying I exceeded my bandwidth limit. They were playing extortion games to try to get me to throw unreasonable amounts on money at them. They literally asked for hundreds if thousands of dollars up front for what the contract said was $400 of service.
This put a bad look on Netlify to me. I know the redditor situation could be a mistake, but not providing some tool to turn off the service in a case like that is a deliberate choice of Netlify.
I really don't understand why I can just set a hard limit on all of categories you get changed for. I would gladly pay for an enterprise account but I would rather my site get taken offline than get charged more than I can afford.
The response from Netlify regarding this issue misses the mark
From the CEO
It's currently our policy to not shut down free sites during traffic spikes that doesn't match attack patterns, but instead forgiving any bills from legitimate mistakes after the fact.
This response, to a forum user asking how to Limit bandwidth to avoid high billing caused by DDoS?, was particularly frustrating to read.
The user's concern: If I get DDOSed and I have no limits on usage I'm going to have to pay alot
I’m always afraid on “pay for usage” services that it has no limits.
I think it's very rational and expected for "pay for usage" sites to have user set limits on the usage.
Netlify employee's response
"Don't worry it wont happen to you"
while DDoS attacks to happen, they are generally not geared towards users on our starter tiers.
"If it does its your fault"
we would probably benefit from chatting with you about what kind of a site you are asking us to host for free if it is likely to attract that kind of attention.
"If you are charged more than you expected that's good b/c people went to your site
Now, if something you host goes viral - congrats! We’re assuming that is not necessarily a bad thing - right?
"Not our problem, you should know if you're going to be DDOSed"
So, in short, I want to answer by asking a.) is this a realistic thing that could happen to you? b.) you are super welcome to investigate options to mitigate the fallout from a DDoS attack or viral content on your own!
And my favorite: "Our job is to keep your site up, sorry you don't like that"
Our priority is to keep your site up - that’s what our business is about. If that isn’t an approach that works for you and changes your decision to host with us, I understand.
It's a really simple request, let me set limits to never have to pay a dime more that I expected or agreed to. It seems this decision is based in a predatory business practice to get people to pay more rather than an difficult engineering problem the just can't solve.
Netlify service looks really good and is my first choice but I will not sign up for "Unlimited" charges. I also will not just "trust" that Netlify will forgive my bill if something does go wrong.
I just want to see Netlify do better. Simply let me set limits on usage and have better customer service.
Okay, but you’re making people ask for them because some won’t and you get to make massive profit from them. So, you don’t because it fits your bottom-line. It doesn’t matter that you _can_ give a discount but aren’t at all interested in making it happen in a way that doesn’t cause massive stress for customers, or aren’t interested in adding protections against this.
If you’re not going to provide an obvious solution you’re effectively doing it on purpose because you know it’s a common and increasing problem causing real issues but choose not to remedy it. At what point do people using Netlify get held ransom by DDOS entities lest they drop a massive bill on them?
It’s also a pretty obvious requirement for any cloud platform. AWS has it as a core feature. Netlify is not being honest about this whole thing because their books and stats inherently look better for investors if they don’t.
But it seems that their reputation for this stuff is catching up to them, and they’re not providing some service that can’t be readily replaced. So I hope that folks realize there shitty on purpose and don’t use them.