Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Low End Provider service exchange?
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Low End Provider service exchange?

I've thought about cutting some costs by moving our WHMCS out of AWS, and bringing our phone service inhouse with our own asterisk server.

But, we like the idea of whmcs being remote.... it would survive if the whole datacenter was offline/DDoSed etc. So I don't really want to host our own whmcs here at the DC.

I was asking around locally if other DCs might want to trade services. i.e. give eachother a dedi box to be used for ticket system, pbx, etc. Anything that we need to be online when we're not.

I've thought a little bit about doing it with other Low End Providers. But I'd probably want to do a 3-way exchange if it was providers I didn't personally know. Three providers get together, each of us has a box at the other two. I'd want to set up some sort of load balancing or failover between the two that host my stuff, but I imagine we could get it done for cheaper than AWS.

And then there's the issue of data secrecy. It'd be pretty easy for me to set up encrypted boot and drive to a provider in town we were trading with. With a remote LowEnd provider, that's not going to happen, and there's not really a way to be sure the box isn't rigged, keylogged, etc. I realise there is equally no proof that amazon/azure/google/DO isn't. But they have more to loose.

Do any other providers do this sort of exchange of services? Good idea? Bad idea? I'm probably going to forget about it, but thought it was an interesting idea to pitch.

Comments

  • seriesnseriesn Member
    edited July 2020

    That’s a lot of work just to save 20 bucks a month.

  • XsltelXsltel Member, Host Rep

    rm -rf this idea from your brain. don't put your client data at risk with your competitors.

  • Our AWS node runs around $60/mo that's quite a few clients-worth of profit, wiped out.

    I do get it's a lot work though. probably going to focus efforts elsewhere. just curious if anyone else does it. And in a way, AWS is a competitor too right?

  • hzrhzr Member

    @UnrealServers said: Our AWS node runs around $60/mo that's quite a few clients-worth of profit, wiped out.

    Don't compete with low end.

  • XsltelXsltel Member, Host Rep
    edited July 2020

    @UnrealServers said: AWS is a competitor too right?

    I would say a partner (an untrusted one along with all cloud providers). get yourself a dedicated, encrypt its harddisk. (I prefer to get down than leaking my client's data). I learned that the hard way, unfortunately.

    Hosting providers no matter how big they are. are still managed by humans and those humans can be easily socially engineered.

    do you remember how UGNazi leaked thousands of WHMCS hosting providers data through their host in 2012?

    Encrypt the dedi server hosting your client's database, let it die when its rebooted without your authorization. (VPS can get decrypted so don't waste your time with this approach) .

    Thanked by 1vimalware
  • deankdeank Member, Troll

    The end is nigh.

  • jackbjackb Member, Host Rep
    edited July 2020

    @UnrealServers said:
    Our AWS node runs around $60/mo that's quite a few clients-worth of profit, wiped out.

    I do get it's a lot work though. probably going to focus efforts elsewhere. just curious if anyone else does it. And in a way, AWS is a competitor too right?

    If the savings are worth it to you, you could always move to somewhere like hetzner or ovh.

    I'd always suggest using a dedicated server for this. Doing a deal with another small provider and renting something from the big players are completely different in terms of potential risk.

    Thanked by 1Ouji
  • @UnrealServers said:
    Our AWS node runs around $60/mo that's quite a few clients-worth of profit, wiped out.

    I do get it's a lot work though. probably going to focus efforts elsewhere. just curious if anyone else does it. And in a way, AWS is a competitor too right?

    If $60/mo is a lot for core infrastructure of your business, you're going to have a bad time. Summer hosts have larger budgets than that.

  • It's not that $60 is too much. It's that we are continuously looking for opportunities to reduce costs.

    Also, we've had some trouble in the last couple months sending mail from the EC2 host, even though it's a reserved EIP. RDNS is set up, dkim, spf, dmarc and BIMI are set up. I know how to troubleshoot delivery and it's not a standard problem that all reciepients have. It was just some beef between Amazon and Microsoft.

    No doubt spammers got ahold of other EIPs close to ours and abused it, but Microsoft was blocking the whole /18 or something at the time. It's since been resolved, but it is a risk of using AWS that would be nice to avoid.

    Then again to be honest I doubt any low end provider will have a better ip reputatio than AWS right? grumble grumble. Maybe our best shot reducing AWS cost is demoting it another level of instance size. No Employees have complained about whmcs being slow yet. That probably means I'm paying too much for too much excess cpu :-) Customers mostly interact with it through email which is not going to suffer from latency the same as a webpage.

  • serv_eeserv_ee Member
    edited July 2020

    If you really consider doing that Id say use someone who is well known and well established in their market. Like @Clouvider using someone like that would minimize your risks (cant say there wont be any as life doesnt work like that). (My apologizes to clouvider if he wouldnt even consider something like this)

    On the flip side, reducing costs usually leads to something giving in as youre cutting corners.

    Good luck on your hunt!

    Thanked by 1Clouvider
  • hzrhzr Member

    @UnrealServers said: No doubt spammers got ahold of other EIPs close to ours and abused it, but Microsoft was blocking the whole /18 or something at the time. It's since been resolved, but it is a risk of using AWS that would be nice to avoid.

    First rule of AWS is to not send email from it that isn't SES

    Thanked by 1Aidan
Sign In or Register to comment.