Shame on them for not giving notice and a proper explanation of the change. They were vastly under reporting the cost of providing the service. Consider that they are a business.
Shame on you for not using resumable TLS sessions/Keep alive. You're hammering their infrastructure. The change in how they meter usage is seeing you having to compensate them for the resource they provide you.
No, because most self-hosted services are 10-20x cheaper than comparable SaaS offerings. In the realtime space Firebase is particularly known for being really expensive for the scalable plans (blaze plan).
> No, because most self-hosted services are 10-20x cheaper than comparable SaaS offerings.
This has nothing to do with the fact that it could be hit by a botnet, as per the exact point I commented on, could 'wreck your card', it's simply a question of scale.
If you read the fine print of the ones with "no bandwidth costs" you'll find that service becomes throttled after a certain level of usage. These are businesses, they have to make money to operate, they're not in this for charity
> Dude, I’ve used 180 TB of traffic in one month on a 16$/mo server, and still, no throttling.
But legitimately using lots of bandwidth isn't the same as a DoS attack. Try and remember that bandwidth isn't the only resource being used.
> Scaleway
In my experience they throttle your CPU usage after a while.
> Hetzner requires you to buy traffic, but there it costs 1$ per 1TB of traffic, which is 1000x cheaper than Firebase.
At no point did I suggest using Firebase was a good idea. I said it's always cheaper to run your own services in the long run, and that they'd have found out their own problems (see my first reply) sooner.
But my point is that you won't even ever have an issue with overusing traffic or CPU during a DoS, and the issue will be purely that your bandwidth will be saturated.
Vs. AWS, Firebase, etc where your limit will be your bank account instead.
Agreed in part, however TLS Tokens and Keep alive aren't specific to this vendor... it's something that the author should be doing anyway. If they were to self host rather than contract out the underlying service upon which they depend they may have figured this out sooner.
Shame on you for not using resumable TLS sessions/Keep alive. You're hammering their infrastructure. The change in how they meter usage is seeing you having to compensate them for the resource they provide you.