Very vague. Doesn’t specify if it is in-line or offload. Linode, with some research you can figure out they use Corero appliances that will cover 40 gbps floods.
Also didn’t see what their policy on tweaks are and or expectation on mitigating a more advanced attack.
I.e. DNS, NTP floods are low hanging fruit but it doesn’t take much nowadays to do something more custom.
Depends what you are protecting. A website or http traffic? Stick it behind cloudflare. Services on other ports or protocols like TCP or UDP? You could rent a cheap VPS at a provider that DOES have inline protection and use that instance to reroute traffic to your own server via a GRE tunnel.
Nothing, if your self hosting in your home. Volumetric floods will saturate your ISP link.
If you’re hosting with a provider, your maximum factor will be how much your provider will “tank” for you.
Otherwise harden your ports, drop anything via IPTables, turn on NOTRACK. Better but more advanced would be to use tc (traffic control) to drop bad packets before they enter the net filter lifecycle
Late to the party and this may get buried, but wanted to add a contextual POV. I'm an Apollo user, and I am also someone who was Reddit's earliest enterprise advertisers. As in, the campaigns I've green lit are perhaps still in their advertising media decks as case studies.
Reddit for the past few years have been changing the UX to benefit their revenue streams. Visit any reddit thread on a mobile browser, and get a nag to download the official app. Their app is less likely to be blocked by ad blockers, has advertising SDKs, and can link advertising parameters.
I believe certain threads need you to login. It is also in their best interest to find opportunities for you to login to again link browse behavior. Forgot to mention, the app also allows a logged in state to persist easier than browser.
TL;DR All of Reddit's UX decisions have been to grow their revenue stream.
Do they have the right to do so? Of course. Does it suck for this audience in particular, probably. In my opinion, they will lose their early adopters and perhaps some power users. Is that a risk they are taking? Clearly.
The downside is what makes Apollo great, is the time to content for the consumer. It is in Reddit's best interest in their current business model to have the user spend as much time on a page as possible, in a format that has advertising. Apollo does not have advertising. The official Reddit app does.
This topic always garners a lot of polarizing views. One thing I would recommend people take a look at is the caffeine and cortisol relationship.
I'm the CEO of Rasa, one of the "coffees" made from chicory root and other adaptogenic herbs. If anyone has questions, happy to bring in our Chief Herbalist to answer.
What credentials does a "Herbalist" require? Is it a protected field? Or is this like all the supplements that say they are "lab tested" by a lab owned by the supplement industry?
The question becomes how you define "herbalism" and in what cultures? i.e. Chinese herbalism is different from Jamaican. That said, in the United States, you can become a registered herbalist with the American Herbalist Guild, which involves seeing at least 200 patients over 2 years, a board interview with case studies.
As for the supplements that are "lab tested" by a lab owned by the supplement industry, I can't speak for other companies, but I'm sure that happens, unfortunately. I know that we test ours by independent and good labs, though. I wish there was more transparency around this, but it's been up to the companies to be transparent and the consumer to seek the information.
Edit: Sorry, was off on one number, not 200. 80 patients over 2 years, 400 total hours of clinical experience.
Speaking from my experience in Poland for example, in order to open legal herbalism therapy practice or herbal shop you need to pass two exams (usually preceded by a course with both theoretical and practical lessons) and gain government registered certificate. In case of a shop you also have to adhere to quire strictly controlled requirements based on what type of products you want to sell. If you want to grow and then sell herbs you have to obtain separate certificate (again by passing exams and complying with all requirements for your plantation and rest of the process) and grow them using seeds originating from government mandated sources.
Check out Rasa (https://wearerasa.com/). We use adaptogenic herbs instead of caffeine that manage your cortisol (stress) levels. One example is Rhodiola[0] which promotes increased energy, and mental capacity. We have a "dirty" version that includes coffee at lesser caffeine levels as well.
Also didn’t see what their policy on tweaks are and or expectation on mitigating a more advanced attack.
I.e. DNS, NTP floods are low hanging fruit but it doesn’t take much nowadays to do something more custom.