[bxk1]

> I will admit that after the RIAA/youtube-dl story I felt that it confirmed my belief that it was a mistake for anyone to host anything on US based servers. This takedown with complete lack of transparency from a French provider (OVH) really proves me wrong.

There is a huge difference between these two cases. Most hosting providers in the world are not going to challenge law enforcement in their jurisdiction and will just cooperate. That's what OVH did, as everyone should have expected.

But at the same time most hosting providers in the world will oppose overreach of copyright trolls. That's what Github didn't do.

Still, if you need some minimal resilience it's never enough to rely on a single hosting provider from a single jurisdiction. Multiple different providers in different countries for frontend servers with some primitive DNS failover can easily solve this and similar problems.

[rsync]

"Still, if you need some minimal resilience it's never enough to rely on a single hosting provider from a single jurisdiction."

Or don't use a "hosting provider" at all.

A full rack at he.net with 15a of power is USD $350/mo[1] - and that's probably not a super competitive rate. You can probably do better elsewhere.

Now you are the host. The notices go to you.

I don't know why we have this collective amnesia about what it takes to run a simple website.

[1] At their Fremont, CA HQ building.

[owenversteeg]

I thought the issue with doing that kind of thing is that they can easily go after the colo provider as well. "xxx is in your building, please pull the plug or you're liable also" is pretty convincing. Or am I mistaken?

[tinus_hn]

Sure but then the solution is that you go and pick up the servers and move them somewhere else, instead of suddenly finding yourself with absolutely nothing and no way out.

[otterley]

Until you are served with a court order to preserve evidence for forensic inspection and then you are stuck with a powered off pile of hardware while you wait for the forensic analyst to show up and make bit level copies of everything; or you are served with a temporary restraining order/preliminary injunction forbidding you from reconnecting the hardware at all until the case is decided.

[nextweek2]

A better approach is to have a reverse proxy in a difference account/hosting provider. That way the take-down is of the proxy which should be minimal config and no data.

Setting up another reverse proxy in the event of a take-down should be minimal effort.

It then becomes a game of whack a mole if anybody wants to take down a service. I assume this is how The Pirate Bay stayed up for so long.

Downside is doubling bandwidth costs.