How many users to run out of bandwidth? What about DDoS attacks?

Hi, this might be a stupid question but I asked the AI and it couldn’t give me an answer

I’d like to create a few pages for local businesses. I don’t expect big amounts of visitors. I used some tool to check the website sizes, it says they’re around 2.5mb but not sure how accurate that is. Assuming it is accurate, that means I can get around 40k visitors?

Netlify AI told me the Free and $19 Pro plans don’t have spam protection and my main concern is that the website might get hit with some attack that will drain all the bandwidth? How realistic is that?

I found an information about Netlify and the $100k ddos attack incident,

Is there anything I can realistically do to prevent that from happening?
It says the sites will go down after 100GB/1TB of bandwidth usage, but is there a way to prevent that
happening at all? Like bandwidth limits?

Thanks

Update:

I just read more about the issue and that there’s no protection at all, even in the paid plan and that it’s not that uncommon and nothing has been done since the $104k incident, thats pretty unfortunate.

I guess I’ll stick to netlify only for testing, thank you.

Hi @mtkjkb, thanks for reaching out and asking these questions.

The free plan and Pro plan do have different limits. On the free plan, there are hard limits as outlined here: Pricing and Plans | Netlify

One you reach those hard limits, in order to prevent charges, sites are suspended until the start of the next billing cycle. Here’s some more details:

  • 100% free: Deploy with no credit card required and no fees. Ever.
  • Generous monthly limits: Each month receives 100 GB bandwidth, 300 build minutes, 125,000 function and 1 million edge function invocations, 10 GB storage, and more.
  • Transparent usage warnings: We’re investing in notifications so you’ll receive updates as you approach 50%, 75%, 90%, and 100% of your monthly limits.
  • Instant upgrades: If your app or site exceeds the Free plan limits for the month, your sites will pause for the remaining days in the calendar month. At any time you can reactivate your site in seconds by upgrading to a usage-based plan.

On the Pro plan, once limits are reached, you are automatically upgraded and charged for usage beyond that limit. This ensures sites stay up-and-running at all times.

We do have protections on both of those plans, as outlined here:

Of course, those protections are not foolproof and sometimes customers will see an increase in bandwidth charges for various reasons, whether that be an increase in legitimate traffic, an increase in web crawlers, or on the rare occasion, a DDoS attack. In those situations, the support team is here to help. If we determine traffic is not legitimate, we are happy to waive bandwidth charges. I do want to emphasize that these DDoS attacks are incredibly rare. Of course, the situation you mentioned received a lot of attention, which may led some to believe this happens frequently. I want to reassure you that we have security protections on all plan levels and the support team is incredibly willing to help in any case where unexpected traffic may occur.

I hope that’s helpful!

Hey @sid.m , thanks for the response,

I was actually looking to get the Pro for the few additional features like password protection, and just to support the software at least with my $19 since I liked how it works, but it’s a shame it doesn’t have the option to turn on any limits.

Especially since it’s $55 for any additional 100GB which is ridiculous in case something weird happens.

I’ll keep using the free plan for testing and look for something else until Netlify changes something about the Pro plan.

Thank you

1 Like