# After years at home time to move out ;)



## carlos (Jan 27, 2019)

Good evening,
I have a couple question regarding migrate from local server to aws services (taking my freebsd server with me ) and which forum section will be okay to ask about it?

Thanks
Carlos


----------



## SirDice (Jan 28, 2019)

Just ask your question. If we feel it's in the wrong place we're going to move it any way.


----------



## carlos (Jan 28, 2019)

Good morning,

My scenario:
Server FreeBSD 8.4 running already a few years with local ISP provider. Actually cost is £3-5 for electricity monthly. Not bad.
Bottleneck is when I started photography services uploaded galleries with photos access to site is very slow what is natural at 5mb upload bandwidth.
I thought what options/pros/cons I would have if:
Move only media to aws bucket or create vm instance and run FreeBSD server there.
What is your advice, experience, cost?
I am trying to get as low cost as possible because there is non profit work funded from my pocket.

Thank you
Carlos


----------



## SirDice (Jan 28, 2019)

FreeBSD 8.4 has been End-of-Life since August 2015 and is not supported any more.

AWS is nice but storage is relatively expensive. For a client we looked at migrating our two racks (around 20 servers) to AWS. That turned out to be at least two or three times more expensive than keeping our own hardware (including write-offs) and hosting it at a datacenter. Besides the costs we would also have to rebuild the entire infrastructure to actually make use of AWS features. So that had to be done too. In all the costs/benefits simply didn't add up for us.


----------



## carlos (Jan 28, 2019)

I have registered for 1 year free tier for trial and will check how it is working, any suggestions, advice how to start and optimum options are very welcome 



Thank you SirDice for reply


----------



## tommiie (Jan 28, 2019)

Why sign up for AWS while the only reply you've got was an advice against using AWS?


----------



## carlos (Jan 28, 2019)

I have  signed yesterday to check options before asking as I seen very unclear options...


----------



## SirDice (Jan 28, 2019)

tommiie said:


> Why sign up for AWS while the only reply you've got was an advice against using AWS?


I don't necessarily advise against using AWS. I am suggesting to take a really good look at all the costs. For us the costs became a major factor while providing almost no additional benefits.


----------



## reddy (Jan 28, 2019)

I definitely agree that AWS can be very expensive. In addition to storage, I would also mention bandwidth. Bandwidth is charged at a premium by all the leading enterprise cloud platforms.

For your usage, you may be better off using a VPS provider. Many of them offer very decent plans for less than 10 usd per month (fixed price), and essentially unlimited traffic. The fact that FreeBSD is very resource efficient makes this option even more feasible.


----------



## carlos (Jan 28, 2019)

right... who is the best of forum members I could trust ?  to be honest I have got some issues with external hosting services, couple time hacked, putting phishing sites etc... since I have started my own I do not know about it


----------



## SirDice (Jan 28, 2019)

carlos said:


> I have got some issues with external hosting services, couple time hacked, putting phishing sites etc...


That depends. Our stuff is hosted externally too. But it's our equipment and our responsibility. The hoster doesn't even have access to our servers. 

What you are referring to is generally called shared hosting. Where you 'share' the same infrastructure with other clients from that hosting provider. There's also dedicated hosting where a whole infrastructure is assigned to you and will not be shared with others. And you can "self-host" if you have your own equipment and simply rent some rack space. A VPS is a variation of the last, it's your VPS and you can do whatever you want with it. 

https://en.wikipedia.org/wiki/Shared_web_hosting_service
https://en.wikipedia.org/wiki/Dedicated_hosting_service


----------



## alexseitsinger (Jan 28, 2019)

carlos said:


> I have got some issues with external hosting services, couple time hacked, putting phishing sites etc



It's likely that this is going to happen regardless of the hosting you choose. The physical infrastructure you use will only provide network/host based protection for their infrastructure. They isolate each server(s) from the rest so a compromise to one wont affect the rest of the fleet. Therefore, the server you're running and the services you expose to the internet will still be open for attack. I would venture to bet that your issues were related to the way your sites manage and process data input, the url routes you expose, etc. However, without more information about how you built the sites and what you use with them, its hard to say exactly. There are still some things you can educate yourself on to avoid building sites that can be manipulated maliciously. See: https://www.owasp.org/index.php/OWASP_Secure_Coding_Practices_Checklist">

The other part is related to the hosting you choose. If you opt to use your own hardware, you're also going to want to ensure the box is secure. This means setting up proper firewalls, keeping the OS patched, and disabling services you aren't using. Make sure to do things like setting up password-less, key-based SSH logins to prevent brute force attacks to your SSH server, and set up port knocking to avoid automatically exposing the ports indefinitely. And obviously be sure to configure logging for everything. When in doubt, opt for doing more with less - If you don't need a service, don't run it.  Or if you do, try moving it to its own dedicated box to reduce the risk of it affecting something else should it be compromised. 

Tip: to check what ports are open on your server, try running `sockstat -4` or `sockstat -6`.


----------



## SirDice (Jan 28, 2019)

alexseitsinger said:


> It's likely that this is going to happen regardless of the hosting you choose.


Not exactly. With shared (web) hosting it's the provider's responsibility. You have no control over the configuration of the offered services. So if the provider uses some version of PHP that's been EoL for years there's nothing you can do about it. Your own site may be super secure but if the attackers can leverage a bug in PHP you're screwed nonetheless. Or worse, the attackers are able to leverage a bug in another customer's website, and because it's a shared environment your site is screwed too. But, you get what you pay for I guess (shared web hosting is generally the cheapest of the cheapest options). 



> The physical infrastructure you use will only provide network/host based protection for their infrastructure. They isolate each server(s) from the rest so a compromise to one wont affect the rest of the fleet. Therefore, the server you're running and the services you expose to the internet will still be open for attack


Anything and everything you connect to the internet gets attacked, regardless of _how_ you are connected.



alexseitsinger said:


> If you opt to use your own hardware, you're also going to want to ensure the box is secure. This means setting up proper firewalls, keeping the OS patched, and disabling services you aren't using.


You don't have to "own" the actual hardware these days. Lots of providers allow you to rent or lease dedicated hardware. A VPS is basically the same as renting or leasing hardware without the actual 'real' hardware.


----------



## carlos (Jan 28, 2019)

there is even more mess in my head now, thank you  
in that case I need a sponsor  is anybody interested in sponsorship of small village photography club?  
I do think so, but if I do not ask I will never know


----------



## hilda (Jan 31, 2019)

I agree with many here. Look at an VPS, AWS will be expensive.

And you say that you are looking for a sponsor? Well, if you have a small photography club, then you have members. Let them pay a small fee and then you can have your VPS, it’s not huge money for an VPS. And it’s not too much to ask if they are using your services. You are not Google that have unlimited of money.


----------



## SirDice (Jan 31, 2019)

To compare, my VPS has two cores, 4GB RAM and 150GB SSD disk space, it costs me 20 euro a month. There's also a smaller type, 1 core, 1GB RAM and 50GB SSD disk for 10,-. With 10 people in the club it would be 1 or 2 euro a month for each member. 

You can find lots of users reporting their experience, costs and whatnot in this thread: https://forums.freebsd.org/threads/freebsd-hosting-shared-vps-etc.21472/


----------



## reddy (Jan 31, 2019)

And do not forget to shop around, these days for the price SirDice is paying, it's possible to have 10+ cores, 32Gb RAM and 1TB SAS drive in a virtualized environment with these resources dedicated to you. Not every provider will call their service a VPS, but using this keyword is a good starting point for procurement research. The thread linked by SirDice  is worth reading in full to get a sense of the market.


----------



## SirDice (Jan 31, 2019)

Cheaper isn't always better. You also need to account for support and guaranteed uptime (of the equipment and infrastructure). I like mine because they allow you to install everything from scratch, lots of VPS providers only give you a preset image to work with and you have to pay extra for custom installs. I also have the ability to access the console through a HTML5 web interface, IPv6, monitoring (SMS alerts), backups and a bunch of other nice features (big storage, HA-IPs, load-balancing, private networks). 

But yes, definitely shop around but don't just look at prices. Also look at features (like console access, backups, etc) and expansion (in case your VPS turns out to be too small).


----------



## carlos (Jan 31, 2019)

thank you all for advice  will consider options and will ask members (all 6-8) if they are ready for cost participate. I have lost already one when I have mentioned about it a few month ago. They see how much time I am spending with them and charge nothing. I am not business type man


----------



## apacketofsweets (Feb 4, 2019)

If you do end up using AWS for storage, I'd recommend looking into whether the AWS Glacier service is a good fit for you. If you do not require access to your stored files instantly and are OK to wait minutes as opposed to seconds to retrieve files from cold storage, then Glacier can make storage very very cheap. I have some old files that I never need to access that are in AWS Glacier storage that would take an hour or so for me to retrieve, this is fine for me because I rarely need the files, and in return it costs me pennies per month.


----------



## carlos (Feb 4, 2019)

I have cancelled aws account - it is too difficult for me to setup. I have tried to upload photos and something went wrong, I have used 18k from 20k free request allowance. I have found for £6 hosting for 3 domains what is not bad for first year.


----------



## Nicola Mingotti (Feb 5, 2019)

carlos said:


> ... is anybody interested in sponsorship of small village photography club?



i lived in Italy for most of my life, i can tell you that there, the way to get founded is to make your club into an association, those generally get some founds by the state. And have notable fiscal advantages, or maybe a location for free etc.. Talk to a local expert ! It depends on many factors. Maybe just go to talk to the Major if you village is really small, like mine, he maybe happy to hear your idea.


----------

