6
Is there a way to prevent T_D.win and similar sites from getting taken down?
posted ago by Oodles ago by Oodles +6 / -0

Is there nowhere in the world a server farm could be set up outside the reach of Google, AWS, the U.S. government and the like?

What needs to be done to protect free speech platforms like T_D.win from being silenced?

7 comments
7 comments share save hide report block hide child comments
Comments (7)
sorted by:
You're viewing a single comment thread. View all comments, or full comment thread.
2
Jeremyrem 2 points ago +2 / -0

Yes, bulletproof hosting using reverse proxies or chaining multiple tunnels with a ddos solution (like cloudflare)

i.e.

Backend hosts (multiples) -> NGINX in upstream mode that only serves on localhost -> (Proxy, SSH tunnel, or Multiple SSH tunnels chained together) w/ NGINX/APACHE reverse proxy to prev connection -> Anti DDoS service (cloudflare)

It would prevent anyone from being able to discover the backend servers ip addresses and the upstream mode will distribute the load so 1 server does not get bogged down.

It would also prevent the DDOS service (or anyone) from knowing the ip addresses of the backend servers to get them shutdown.

Worst they can do is get one of the proxies taken down which can be had to pennies on the dollar.

It would look like this is someone were to visit the site

website.win -> cloudflare -> proxy1/reverse proxy (stunnel1 -> stunnel2 -> stunnel3) -> upstream/HA server -> (backend1, backend2, backend3, etc)

Normal traffic will only be able to see to cloudflare, cloudflare/gov will only be able to see to proxy1 (which will look like the main site but will not be accessible unless coming through CF). They would need a warrant for proxy1 as well as one for each one in the chain.

permalink save report block reply
1
Oodles [S] 1 point ago +1 / -0

Thanks for the in-depth response. Why aren't companies like Parler doing these things instead of putting their entire business in the hands of AWS?

permalink parent save report block reply
2
Jeremyrem 2 points ago +2 / -0

Because they are legit and do not need to hide (or shouldnt) hence the AWS or self hosted like gab (nothing illegal so no risk in a raid) and each additional hop will slow down the response time a bit and you would eat through quite a bit of bandwidth on each hop as its pretty much forwarding each request as is.

Thats also a very very paranoid example, just a FYI

permalink save report block reply