| github has a lot of constraints due to their size and services, most startups don't have those same issues. cloudflare is a good way to do it on the cheap. as revenue comes in, you can either do internal, self-hosted mitigations and the like, or you can go with cloud mitigation providers. both cost a bunch and require significant IT/operations spending and staffing (self-hosted more so) to afford it and make it possible. once your at a sizable pipe to your upstream provider(s), talk to them to find out where to call BEFORE an attack occurs, figure out how to navigate their offers as needed QUICKLY and efficiently to keep your service outage minimized, and see what it will cost you. almost every big ISP does this. if all you do is buy a firewall, so what - your pipe will still fill up. that's why you need the upstream ISP. in short, it's not cheap or easy but do this NOW before you need to. if you're cloud hosted - e.g. DO, AWS, Azure, etc - look at your terms of service and call your account manager and find out what they can do for you and what it costs. again, do it before hand. |