A whole industry has sprung around charging front end developers for basic server management tasks. They will quite literally pay for anything that means they don't have to SSH into Ubuntu server. The irony is they are taking on a ton of overhead with multiple services instead of learning how to set up Nginx and sudo apt install Postgres.
There's a lot more to running your own server than that. I set up a Hetzner VPS just for play one weekend. I forgot all about it and came back a couple days later: it had already been compromised and was being used to mine crypto coin. All because I left something running (related to Docker) which I don't even remember starting.
Hardening your servers, ensuring proper port exposure, ensuring upgrades and security patches, is thought and time you need to spend. It's hard to keep track of all vulnerabilities in all software. That'd before even talking about zero-downtime deployments and all of that.
Running NGINX and Postgres is not the difficult part that people are avoiding. There's a good reason these services exist.
I’ve got a lot of dumb little things living out on the internet deployed this way, and I don’t think I’ve ever been compromised. Maybe you were just especially unlucky?
There are some things I’ve deployed without much care and yet they’re always as I left them.
I’m not saying there’s nothing to worry about. I’m just not sure it’s all that difficult with some rudimentary (but sane) security practices.
It is a common theme. Bots and others scan ports and IP ranges all the time. Looking at server logs I always see random server connections trying to get to things like wp-login.php to look for an exploit.
If you put it out there and don't actively secure it it's bound to get compromised - just a matter of when.
Maybe I'm blind to something because I've been in server administration for 15years; but my -really old- IRC network requires about 3 hours of maintenance a year; I have 10 machines and they're constantly being "attacked" (as per logs) but the only time I've ever been compromised was when I was trying to overcomplicate things with fancy tools to make administration easier
That's like saying it's outrageous that a consultant charges $xxxxx for a 5minute fix. You've said it - you've got 15years of experience in server administration. That's what people are paying for.
Having said that I never said it was "hard" - just something needs to be done. I responded to a comment that took it for granted that you'd automatically be safe on the Internet.
Yeah, but most adminsys people are autodidacts; thus there was a time when they did not have 15 years experience and were running systems on the internet.
I'm not saying there can't be a problem, but it's so easy and the alternatives (cloud+terraform+ansible+packer et al.) are so complicated in comparison that it beggars belief that people are choosing an "easy" path here.
Yeah, it's actually crazy just how much every open address gets spammed. You freak out like why are there thousands of attempts to login to my server that I haven't advertised at all, then you Google it and find out it's just the normal state of the internet.
Set up fail2ban then good luck to anyone to anyone trying your address, it's very simple. Ensuring upgrades and security patches is literally running sudo apt update and sudo apt upgrade. Should be a piece of cake for anyone who has been running Linux for a few years.
I dont think this is the right argument to make. People do this not to avoid setting up nginx and Postgres, they do it to avoid needing to worry about scalability later down the line.
Yes, for hobby projects and proofs of concept you can easily get away with a VPS from DigitalOcean or Vultr (are they still around?), but for anything with super variable traffic? Planning to post a link to HackerNews or ProductHunt? Cloudflare Workers and Fauna keep your site online, the VPS crashes.
What percentage of projects ever need that scale? Is it not something crazy like 95% of startups fail? A lot of the successful ones will be in niche categories as well that just don't have scale problems like major social media and tech companies.
Even then most VPS providers offer a load balancer and you can add multiple VPS. It's not so black and white on 1 server vs infinite scaling. There are midpoints.
Yes, but the second you grow beyond one server the complexity of keeping both in sync, sharding the database, etc etc etc, makes it way more simple to just write a worker and let another company handle it.
A whole industry has sprung around charging back end developers for basic networking tasks. They will quite literally pay for anything that means they don't have to place a server in their basement. The irony is they are taking on a ton of overhead with multiple services instead of learning how to plug in the Ethernet cable and turn the server on.
A lot of those services are usually free for hosting small things. And are incredibly easy to deploy, free versioning, free builds, free pull request preview urls, rolling deploys, multi tenant databases etc etc
I much prefer the above, then waking up to my droplet dead on a Tuesday night because I forgot to also rotate my stdout logs.
it's great for contractors with small projects where the customer is happy to pay for less maintenance fees. Not sure I would use it for a company I worked for full-time, though.
The bill can cost you more. Often see contractors implementing things like marketing campaigns - short lived websites, yet at $400/TB anything with some attention can cost you a lot more.
