Why DDoS plays Cloudlfare and other big players in their hands

DDoS, I think everyone knows what it is and every webmaster is scared of it because there is less you can do except updating hardware or rate limit your users as well as the attackers.

DDoS has amplified by factor 10, each weekend you see small pages going offline because of increasing attacks, no one has practical solutions.

There are two groups.

Group 1

Group one are hackers who do this without any profit, those are called white-hat hackers, those usually test and demonstrate problems, however they also submit their findings so that you can fix them.

Group 2

Black-Hat Hackers, those are usually the ones who do this for profit or to gain something out of the downtime, to demonstrate something or to make a statement.

Group 3

Those are typically trolls but no one really takes them serious, they are usually script kiddies and if their attempts fail they usually give up pretty quickly. Wed not take such people into to the main statement.

How does it helps CLoudflare and others you might ask

The problem is this, you either fix problems, usually using some reverse proxies or service such as Cloudflare to protect your website or you try do do it on your own. The problem I see with the - I do it on my own approach - is that this is time intensive, you need some skills, testing and background which blocks you from doing other, maybe more important, things. Which directly leads us to the point. Assuming you have a normal life and cannot monitor each day, every day your servers you basically need some service that is reliable. Those services are often cheap at the beginning but come with some conditions, most people usually make such a deal with the devil in return for not wasting their own lifetime dealing with the underlying DDoS problem.

I see this as very problematic and I clearly say that we need better tools and better hosting providers with better protections, otherwise the entire web ends up controlled and monitored by big players because alternatives simply do not exists. If you want to do it yourself you need to take into consideration that this constantly requires to update your server, adjust your configuration or entirely limit everything which is often not possible because otherwise you would lock our legitimate users.

Mozilla, as well as others entirely fail to provide developers as well as webmasters with some tools and frameworks. While Mozilla is constantly bashing Google, which changes nothing at all, they could provide us, the users, developers and webmasters with tools that we need, to establish alternatives. Sadly this happens never or is more an rare exception, however the same organizations claiming the web should be free but how can something be free if you need to trade your lifetime and give into something you do not want when there are no practical alternatives… I find this very confusing and it shows that the web has not a Google problem but more a problem that no alternatives existing, alternatives that work similar to what bigger players offering because everyone is cooking their own soup but those projects come and go because no one wants to fund them or the developer is forced to give up.

I hope people see my point here and I think we need in general more alternatives, practical alternatives and frameworks to come up with reliable solution without handing the keys over to the big players.