Custom domains would be huge for me, but I totally understand. How would they ever manage to do it? They'd either need a zillion separate entries, or the broadest wildcard cert ever.
I just set up HTTPS in ten minutes using a free cloudflare account and github pages with my custom domain. You do kind of add the middleman of Cloudflare, but I'm totally okay with that.
It's like GitHub pages on steroids and includes free Let's Encrypt based SSL for custom domains, can run builds from your GitHub repo with any static site generator, supports rewrite/redirect rules/proxying/form processing/password protection and much more...
What sort of price would you consider good for static site hosting? GitHub provide theirs for free as it's a loss-leader, where as this is ther main business.
DO isn't in the same market as this, at least going off their websites. DO means doing all the work yourself. Netlify handles everything.
I don't think the pricing is too high. If anything, the high end is too low. It's not like they're aiming at personal sites, are they? And for a company, $39 is nothing -- plans should probably start there. (Seriously, who wants to service a customer for $7 a month?)
FWIW I've never seen or heard of Netlify before in my life.
You raise an interesting point. The prices seem too high for some commenters. They are presumably capable of doing this themselves on a DO box so they do not think it is valuable enough to justify that price.
However, one of the features of their highest price ($39/month) plan is that you can use 100 custom domains. If you have 100 domains hosted on Route 53 you will be paying over $50/month for domains, at which point $39/month for the service which actually hosts your static site is entirely negligible. I am curious how many people fall in to that bucket though - it seems more likely that people will run multiple sites with few custom domains, rather than a single site with 100 custom domains.
I am planning to offer some of Netlify's services in a product I am currently building. I'm still working on the pricing model but it is likely to be based on builds per month and bandwidth/storage, rather than the actual number of sites. My cost driver is not 'how many domain names are configured in my HTTP-routing layer', but rather 'how much pressure is each site putting on my build and web servers'.
Netlify never misses an opportunity to self-promote in these SSG related threads, but AWS S3/Cloudfront/route53 is so cheap and simple for the audience that would even understand the point of Netlify, it's difficult to understand their target market. Netlify is priced like Squarespace, Wix, Weebly, etc. which are quite a bit simpler.
The fact that I can click on their homepage and drag-n-drop a site folder and have it just work is pretty damn slick. $39 is nothing if you don't have to deal with stuff. The absolute cheapest guys I work with are at least $50/hr. So if it saves an hour here and there it's worth it. And more likely, you'll spend 3-4 figures in time if there's any sort of hiccup in your AWS setup.
I don't think people are thinking how nice it is to have someone take care of stuff for you, totally. If there's any sort of issue, one email, and you're done. And people aren't thinking how tiny $39 is.
Again, I've never heard of Netlify before, but the product sounds great. HN is just messed up on pricing because they're looking at AWS costs instead of customer value.
I think HN also devalues their own time: I've been running webservers since the 90s, so I know it's "easy" to do, yet it's one more thing to have to think about. Although I suppose some might enjoy it.
I think they could be much improved by allowing all the features to be modified with sliders and checkboxes with the Free/Advanced/Pro presented as presets.
Does that actually work? I know it's appealing to tech types, but it's confusing to people in general. They probably are better off going unlimited on a few things if they can. People are incredibly weird about usage-based pricing.
Plus it creates barriers by giving people something to bikeshed over before buying. In fact, I'd wager they're probably better off going to Unlimited on a few more things where they can, and only really focusing on the things that separate high paying customers from smaller ones.
They are advertising in a thread about GitHub pages. I'd expect private pages/unpaid open-source projects are the vast majority of users of GitHub pages.
Plus a lot of headaches of maintaining a machine and an OS running on that machine that cost you if you value your time. Static sites + platform = stateless.
I'd compare this service to CDNs + HTTP Object storage combos like CloudFront+S3. (Still makes this look expensive since those cost cents/GB)
Same. It took me all of ten minutes to do, with a free account. Now, if I were running some service or a huge site, I'd probably want https setup on the server side and not just use Cloudflare as an inbetween. But for a personal blog it does everything I need it to do, with zero hassle.
That doesn't actually create a properly encrypted connection. It only encrypts between the user and the site (at CloudFlare), not between the site and Github. Without that last hop being encrypted, you have to weigh whether this is an improvement or not.
It significantly decreases the attack surface, since most of the connection will be encrypted inside CloudFare's network or over HTTPs. Should be a clear win for most cases.
You can now actually use CloudFlare to issue a custom certificate for your origin server that it will accept (CloudFlare Origin CA), but of course GitHub pages won't support installing it.
Yes it does - this is all a setting you can choose and since Github does support HTTPS (and has for a while) you can always set it on "strict" and ensure a continuous encrypted connection on both sides of CloudFlare.
But what certificate will Github present for your custom domain? I don't think you can tell CF to accept Github pages's cert for your own domain. They either use their own CA or don't do auth, right? At least on non-enterprise plans.
This is where the breakdown is. Cloudflare will get the certificate for *.github.io, however it is making the request for the custom domain. It is unable to validate the certificate.
It is impossible to enable "strict" SSL mode, because it cannot validate the certificate. And as such, a bad if able to trick cloudflare to resolve username.github.io to themselves could use any SSL certificate they choose.
This is admittedly an edge case, but in such an event, the end user would see a trusted certificate and be proxied to a bad site.
How do you do that in CloudFlare? I didn't know you could change the host in non-enterprise versions. All I've seen is the ability to proxy request to a specific IP or CNAME.
If you CNAME your site to foo.github.com, it doesn't change the R-URI or Host header.
Frequently changing pk enc key to setup tls connections with different certs can have a performance impact too. Let alone security implications of managing someone else's private keys.
[1]: https://help.github.com/articles/securing-your-github-pages-...