Question Protecting Your Site from DMCA & Powerless Scenarios?

[belarus]

So, I've been scrolling through a bunch of threads, right? Some about OCT and some where folks are asking about offshore hosting companies that just shrug off DMCA notices and stuff like that. Got me thinking about where we stand with our own website and how I can really keep it safe.

Alright, from what I've gathered, there are these hosts (below list) that apparently rank top-notch globally for dodging troubles with the law and DMCA headaches.

• Incognet
• Shinjiru
• TerraHost
• Trabia
• AlbaHot

But, hosting's just one piece of the puzzle, isn't it? You also gotta dodge Cloudflare. They're like handing out IP addresses and hosting details like candy, even to any Joe Blow who throws a fit and files a dispute. Talk about dropping the ball on keeping your hosting and IP on the down-low.

 

[0xDEADBEEF]

A corporate website protected by Cloudflare is virtually risk-free from shutdowns or exposures, provided that the server configuration is secure and proper. This protection is further reinforced when considering the jurisdiction of your hosting provider/company, as some regions offer stronger resistance against DMCA takedowns and similar legal challenges.

Throughout my experiences in responding to various security incidents, I've observed attackers exploiting Cloudflare's infrastructure (or similar services) for hosting malicious content or utilizing their tools for network breaches. Cloudflare has consistently been the sole provider reluctant to reveal details about the origins they're shielding.

 

[belarus]

What are some good alternatives to Cloudflare where it's harder for attackers to get a hold of the IP and host? I've read a bit about Amazon having a cloud system, but are there any better ones?

• Other alternatives to cloudflare I found and researching right now are:
• Amazon Web Services (AWS)
• Akamai
• Microsoft Azur
• Google Cloud Platform (GCP)
• Imperva

And how should one strategically go about it if one wants to have 3 servers at 3 different hosting companies in 3 different countries but have 1 website with 1 database?

For the database centralization I'm researching:

• AWS
• Azure
• Google Cloud

Any suggestions for the above or which service to use for the Load Balancing and Geo-DNS for the 3 servers?

 

[0xDEADBEEF]

In summary, it's about weighing your requirements, budget, and preferences. Each provider has its strengths, so do some research and choose the one that aligns best with your goals. The alternatives you're considering are all solid, especially if you have someone to set them up properly. Note: I personally do not think Cloudflare needs to be decommissioned if you are already using it, it's a great product and probably the most bang for your buck.

For distributed hosting with servers in different countries but maintaining one website and database, using a major cloud provider like AWS, Azure, or GCP is probably the most straightforward approach. You can enable geo-redundancy with a couple clicks and put your servers behind their load balancing services, it would not really make sense to also keep a live copy of this redundant infrastructure elsewhere. Keep in mind that these providers can be pricey, especially if you're spreading across multiple vendors. Also factor in managed DDoS protection, which will run you a minimum of $3,000 per month per cloud vendor. You basically pay to not get charged for being under attack.

If bandwidth pricing isn't an issue, I'd recommend using AWS with Cloudflare. You could also set up Lambdas to periodically export your database/server off-site. This proactive approach ensures data redundancy and facilitates seamless migration if you ever need to switch providers. Consider your Recovery Point Objective (RPO) and Recovery Time Objective (RTO) to determine acceptable data loss and downtime during potential migration. You would then, in theory, only need to adjust the Cloudflare configurations accordingly.

However, if bandwidth costs are a concern, consider opting for a dedicated hosting provider like Hetzner, OVH, Scaleway, or Leaseweb behind Cloudflare. Ensure geo-redundant availability for your files and database by replicating data among providers or datacenters of a single provider. While this approach is cost-effective, real-time replication may be hindered by connection speed between providers. Despite potential complexities in managing dependencies and connections, this strategy offers a viable solution for maintaining availability.

 

[belarus]

Thanks for the deep dive! Is there a cloud option that could make this cheaper and easier to lock down?

 

[0xDEADBEEF]

I can recommend the providers below:

https://www.digitalocean.com/https://www.scaleway.com/en/https://www.hetzner.com/https://www.vultr.com/https://ramnode.com/

 

[belarus]

Thank you, hetzner we use today, none of these are DMCA IGNORE !!!

 

[0xDEADBEEF]

The key is to choose a registrar that won't suspend your domain. If you properly shield your origin it does not matter where you host, since they won't know what hosting party to contact. You can even do it without opening up your public IP address. You just need a registrar that will not suspend your domain or choose a TLD that is not administered by USA/EU.

I came across this online while researching registrars:

https://docs.google.com/spreadsheets/d/1lfCCdWLMKU9cok9T9UWWUf2EoEdkXU0gon9NDqnRJDs/edit#gid=0