
I'm running a website that gets ~1500 visitors a day. It's not a ton, but I want to make sure this site stays up nevertheless. Currently, we're hosted on a shared hosting provider and the site has gone down once or twice due to DDoS attacks.

What are my options for making sure the site stays up? We're willing to pay extra for more servers or load-balancing solutions, but we don't have a huge budget.

It's your typical LAMP setup.

Duplicating the code to multiple servers is easy, but I'm more concerned about database replication -- I've never dealt with that and nor have the people I've talked to. Is it really that hard to set up?

Also, how do I distribute the traffic? Should I funnel everyone through a balancer that pings each of the servers to make sure they're alive before forwarding them? I imagine this adds a bit of latency and also still gives us a single point of failure.

OTOH, we could use a DNS-based solution, but that also has naysayers.

If it's mainly about ddos protection https://www.cloudflare.com/ might be worth checking out.

Cloudflare is a basically a distributed/cloud-based CDN/reverse-proxy that also automatically provides ddos protection. This is perfect for static content, eventually a bit more challenging with dynamic content. Basic features are free of charge, advanced features require a paid subscription.

  • I watched their little video but I still have no idea how it works. If they don't host your website and you don't have to change your code..... how exactly do they work? – mpen Mar 29 '14 at 20:42
    They run as a reverse proxy to your site. – Jacob Mar 29 '14 at 21:08
I'd be looking at AWS. You can create autoscaling groups and you can use RDS to solve your database issues.

MySQL replication isn't that hard to set up on your own:


Any modern load balancer will do health checks. E.g., hit your app and return a 200 if okay. If the LB gets a non-okay, it can remove the node from the pool.

DNS load-balacning is generally not a good idea because you have less control over health checking and there are caching issues.

Those are the basics.

    "we're hosted on a shared hosting provider" -- Moving the site to AWS will be astronomically more expensive, especially for something as trivial as 1500 users/day. – Ben Wilber Mar 29 '14 at 21:54

You have several valid options.

You can go with an architecture where the requests are handle at the front by a load balancer (with nginx for example in a separate server or in one of the servers, or using a load balancer provided by your hosting company), the balancer redirects these requests to two or more "identical" servers that contain all the stack (code plus database), also you'd need to replicate the databases and possibly files (if users upload files for example).

DNS-based balancing is also an option, some people like it (easy to set up, no need fo separate load balancer), some people don't (DNS switches take a bit of time and client browsers with cache info won't update immediately etc).

Replicating Mysql is not hard, and if if you don't need instant db updates you may host the second server in a different provider and data center, which is recommended if you are looking for high(er) availability.

Also as suggested, if you have mostly static content you'll benefit greatly from a CDN like cloudflare or others.

