> According to ICANN's SSAC,[1] SMTP requires at least two labels...
ICANN does not define SMTP, and the "relevant quote" from SSAC in the article footnotes mentions nothing about it, either.
In fact, RFC5321 makes explicit reference to the possibility of an email address using a TLD as the domain in section 2.3.5.
By nulbyte a day ago
I've known people back in the 90s with user@tld domains, and they were definitely sending and receiving mail. So, even if it wasn't spec-compliant it certainly got through all the early mail relays.
I mean.. you can use emoji domains right now. They work most places for email. The part I found didn't work so well is emoji usernames on emoji domains. That has poor deliverability.
By qingcharles a day ago
> you can use emoji domains right now
ICANN, by the way, heavily discourages such domain names, even though it can't actually prohibit them: yes, RFC 5892 explicitly prohibits emoji code points in internationalized domain names but so what? If registrars allow (and many acually do allow) registration of such names that only means that they violate some RFC and they already violate quite a lot of them. Who cares! Just pay the money and we will delegate you whatever names you want.
sure, and you can use it internally, or with your own private/internal DNS (or other name resolution system), but in practice it means that for new gTLDs it's a no-go, right?
By pas 20 hours ago
Similarly, browsers also accept IP addresses in decimal form, for example http://16843009 for 1.1.1.1
By tech234a a day ago
And the shortened form, eg. http://127.1/ (for 127.0.0.1)
Usually they'll also accept octal with a leading zero (010.010.010.010 is 8.8.8.8), hexadecimal with a leading 0x, and omitted 0 octets (127.1 is 127.0.0.1). IIRC these are all adopted from BSD's sockets library, or some similar early IP implementation
By ranger207 a day ago
Which doesn’t conform to RFC 3986, by the way.
The syntax rule for host is ambiguous because it does not completely
distinguish between an IPv4address and a reg-name. In order to
disambiguate the syntax, we apply the "first-match-wins" algorithm:
If host matches the rule for IPv4address, then it should be
considered an IPv4 address literal and not a reg-name.
But it does comply with WHATWG’s URL Standard, which declares the goal of obsoleting RFC 3986, providing something that’s actually robustly implementable, and reflecting reality.
Some things do definitely try to follow RFC 3986 still, but my feeling is that it’s mostly legacy stuff, and the URL Standard is much more important these days. Though RFCs dealing with URLs will probably still cite it (e.g. RFC 9110, HTTP Semantics, June 2022).
True, though the WHATWG algorithm still raises validation errors internally for all these cases. Meaning, while these representations are leniently accepted, they aren’t intended to be valid representations.
By layer8 18 hours ago
They will accept IPv4 addresses in IPv6 addresses too:
What's decimal form (base ten?) and why is that 16843009 the decimal form of 1.1.1.1?
By esperent a day ago
1.1.1.1 is 0x01010101 and 0x01010101 is 16843009 in decimal
By fluidcruft a day ago
> 1.1.1.1 is 0x01010101
Huh, in many years of web development I never knew that. Thanks!
By esperent a day ago
Once you got that you will have a way simpler time to understand netmasks and similar and calculate IP ranges etc. it's just a 32bit integer (in ipv4; 64bit with ipv6) and the dots separate the individual bytes to give a "human friendly" representation.
By johannes1234321 20 hours ago
Um no.
Parent is exactly right:
p256^3+q256^2+r*256+s
By ForOldHack a day ago
Your homework is to read up on the structure of the IP4 dataframe header.
By fluidcruft a day ago
Both of these are the same thing
By bawolff a day ago
00000001 00000001 00000001 00000001 = 16843009 in base 10 (concatenate each dot-separated 8bit number as one big base 10)
By itsgrimetime a day ago
IP addresses are 4 bytes, each in the range 0-255. In binary bits xyz would be equivalent to decimal x2^2+y2+z. Similarly, bytes abc would be equivalent to decimal a256^2+b256+c.
IP address p.q.r.s is decimal p256^3+q256^2+r*256+s.
By phanimahesh a day ago
I'm bad at math. What's the algorithm for this? Something about 256^(1..4)?
By 90s_dev a day ago
You can think about it like the IP address in hex if you like: 0x01.0x01.0x01.0x01 becomes 0x01010101 which is 16,843,009. So the first 0x01 is 0x01000000 which is the familiar 16,777,216 which then gets the further "base 256 digits" added to it.
Or maybe in your terms it's 256^(0..3) where you can think of it like each dotted component is a symbol (like 0-9 in base 10) where each component is a position digit. Where the right-most element is the "256^0" ("ones") digit, and the left most element is the "256^3" ("16,777,216s") digit.
By opello a day ago
IPs are 4 octets, normally represented as a decimal between 0 and 255, or 00000000 and 1111111 in binary.
Remove the dots and concat the binary value for 1.1.1.1 and you get 00000001000000010000000100000001.
Convert that binary value to decimal and you get 16843009.
By hug a day ago
echo 256^3+256^2+256^1+256^0|bc
16843009
By davejagoda a day ago
Ha, then I was right, but with a one-off error!
By 90s_dev a day ago
I think this post is trending because of a comment on the announcement about the new Pope, where someone pointed out the redundancy in the vatican.va domain.
The vatican.va domain has long been an outlier for not operating a web server at that shortened address.
They insist on using the “www.vatican.va” only, and my browser’s autocomplete history reflects this.
By AStonesThrow a day ago
They might as well then just use www.va!
By pimlottc 9 hours ago
Well I suppose they could. But as we've seen, there are plenty of 2nd level domains under .va, and in fact, many if not most of those, especially vatican.va, actually refer to the Holy See.
It's very common and understandable for folks to conflate the Holy See with the Vatican, but they are distinct entities with two different functions and purposes.
If we're discussing the administration/governance of the Church and the organs which make up the Roman Curia, then we're definitely looking at the Holy See. It's the Holy See, not the Vatican, which is a Permanent Observer to the U.N.
But again, if we're looking at any sort of physical presence, it's the Vatican City State. The actual territory that's an enclave and microstate is the Vatican. It's where people live, work, and worship. "The Vatican" is the entity selected for the ".va" ccTLD simply because of the way the rest of the world works. But only a few of those 2nd level domains can properly be considered more "Vatican" than "Holy See".
By AStonesThrow 6 hours ago
This is such a beautiful thing, it gets you in the head as much as in the heart... alas, probably nobody else feels this way about it...
By pelagicAustral 20 hours ago
> There 86 domains names starting with "www" in the .va zone,[6] with many more email-only subdomains.
There was once a domain named funkware, no extension. I learned about it in 1996 or 1997 from a fellow Microsoftie. It was maintained by a kid at Network Solutions who literally hid a server in one of their closets solely for that purpose. To my knowledge it was always a blank page.
Most browsers treat one word not as a domain but as a search key. This was an issue when companies started getting their own TLDs. Could you just type "amazon" or "microsoft", which are TLDs, and go there without being diverted to a search engine? The answer is no. Even if you put a dot after the domain name.
DNS lookup and web browser domain lookup are not quite the same. This is the price of a unified input bar.
By Animats a day ago
> This is the price of a unified input bar.
I never saw what was wrong with having a URL and a search box in the same bar. It was fine, and I knew that whatever I typed into the URL bar would be treated as a URL.
Fast forward a few years, and URLs I type into the bar are not treated as URLs (internal HTTP URLs get rewritten to HTTPS when a server is restarting).
By eadmund 19 hours ago
A forward slash at the end usually does the trick for me.
Mobile Safari likes to do this to me w/ machines on my tailnet. Whether dropping "foo:8080" in the address bar takes me to the webserver or to Google is random and I swear there is no pattern
By wibbily a day ago
in my experience you have to explicitly add the https:// prefix to get it to consistently load the address
By dgellow a day ago
Drop a slash at the end, it tends to turn it into an actual NS lookup not a search.
By Tsiklon 12 hours ago
Putting a slash '/' at the end consistently gets you there, at least in Chromium-based browsers. We use this a lot at work (via DNS search suffixes, not private TLDs).
By thedufer 17 hours ago
The "correct" way would be to add a dot at the end
By Biganon 17 hours ago
At least in chrome the final period doesn't seem skip search, so I guess you want tld./ (or foo/ if you want to use your search domain)
By tuckerman 14 hours ago
At a previous company, our intrasite was a bare custom domain, and the most reliable way to get there was to add a / at the end. This is likely browser dependent though
By CraftThatBlock a day ago
Ahh, I actually ran into this question, at least indirectly, about a month ago!
I was writing an email validator for my project which I'm so excited to announce soon. And my research (some stackoverflow answers) suggested that, yeah, you can have "a@b" as a valid email, as long as there's a one-letter TLD that can have MX records.
Which it seems there can be!
So my email validator is essentially just /^.{1,}@.{1,}$/ ... yay.
By 90s_dev a day ago
Last time I checked the RFC the bit before the '@' can actually be empty. And the root zone is just '.', but we generally can leave off the trailing dot in domain names. So I believe '@' on its own is a valid email address.
Many years ago I managed to get a cctld owner to point their tld MX records at my smtp server, modified postfix to allow empty usernames (even although the RFC allows them, postfix didn't), and successfully had someone send me email to '@tld', in order to win a bet. :) (And it was a 2-letter tld.)
By jph00 a day ago
> So I believe '@' on its own is a valid email address.
Then the owner of "@" cannot use my site. I'm fine with that.
By 90s_dev 19 hours ago
I don't know if it is still required but hostnames used to require a minimum of two chars and the first shalt not be an integer. Given that DNS does not put a proper boundary on host/domain, that might extend to your top level ... thingie.
However, there is absolutely no technical reason that I can think of that precludes u@x. In the end DNS query -> DNS answer. Given that say, PowerDNS has LUA built in, I can make it respond with "my little pony's stable is in {random_country}" - to A record requests, which might make the requester a little queasy!
Bugger standards, they are so 1990s!
By gerdesj a day ago
the first shalt not be an integer
I recently came across the 3.ie domain so I guess that's more of a guideline than rule.
By esperent a day ago
I believe that the rule has been deprecated due to better parsing.
In the mid-90s, 3M was a customer of the ISP I worked for. Unable to procure the domain name “3m.com” they settled for the alternate “mmm.com”: mildly hilarious considering their lines of business.
By AStonesThrow a day ago
Funny to see mmm.com still works, but it loads up the 3M site without its stylesheet and shows a 404 page. I guess the redirect has been forgotten about at some point.
My site doesn't use HTML so that's not gonna help here.
By 90s_dev 19 hours ago
out of curiosity, why are you trying to validate emails?
By qaisjp a day ago
Just a base level regex before sending emails, to avoid some errors sending to non-email addresses and logging otherwise unnecessary errors.
By 90s_dev a day ago
The best you can hope to do is reduce a small class out of possible errors. But you'll never get a test that can prevent errors like name@gnail.com, name@gmaip.com, nane@gmail.com etc. So is it really worth doing any checks at all?
I have a .blue email address and it's amazing how many sites still won't accept it. I keep a spare Gmail account for these.
By esperent a day ago
> But you'll never get a test that can prevent errors like name@gnail.com, name@gmaip.com, nane@gmail.com etc. So is it really worth doing any checks at all?
You can do quite well at this, if you're willing to not restrict yourself to regexes and commit to some amount of hackery. One system I worked on used a simple regex (just what is described here IIRC - assert the existence of an @ sign), plus did an MX check on the domain, plus warned (not errored) if the domain was within 1 or 2 Levenshtein distance of any of a list of most common email domains (yahoo, gmail, etc). Statistically it seems like we saved people a lot of grief with this simple filtering.
By thedufer 17 hours ago
> So is it really worth doing any checks at all?
People accidentally typing their name in the email field, stuff like that. I've done that.
The problems with your .blue is obviously completely unrelated to the "email.contains('@')" check the poster is doing.
By arp242 a day ago
I resent being called a poster! I am not flat, nothing was ever printed on me. I am a human being, you.. you... you piece of sheet!
By 90s_dev a day ago
.blue is 11 years old and still has issues. Same with several of the gtlds I have. I had an argument with a major backend email provider recently who refused to open an account for me as my gtld wasn't "valid." (they backed down eventually and fixed their code)
I keep a Gmail for the same reason.
I tried to add a .wiki link to a Reddit profile recently and their filters also say that domain is invalid.
By qingcharles a day ago
> I tried to add a .wiki link to a Reddit profile recently and their filters also say that domain is invalid.
That's absurd, there's a .wiki that's almost definitely in the top 20 most visited websites in Korea, if not higher.
By jjani a day ago
In other words, /^.+?@.+$/ is a user-friendly reminder that you forgot the @ sign or something. That's all.
By 90s_dev a day ago
Does this block things like the unconventional Google-filing trick of:
myemail+90sdev@gmail.com
which gives me the “90sdev” tag for my emails, which still go squarely into my “myemail@gmail.com” address? I don’t know what the best route is, but I’ve certainly run into bad validators that block things that otherwise work, and that’s annoying. It seems to me the best thing might be to have a user twice input their address, then have the next step/confirmation done via email.
By bch a day ago
> unconventional Google-filing trick
Documented as "subadressing" in RFC 5233, and the default for both sendmail and postfix, amongst others. As such, often 'accidentially' supported by many mail providers even when undocumented. Google didn't introduce them, nor are they 'unconventional'.
I don't do blocking or differentiating. Emails are literal, for better or worse.
By 90s_dev a day ago
> bad validators
Possibly these validators are working exactly as intended and don't want you to know which service sold your email to spammers.
Then again maybe spammers are smart enough to strip of the + from email lists they purchase.
By esperent a day ago
The latter was motivation to get my own domain so I can have unlimited unique addresses with a wildcard entry.
By kevin_thibedeau a day ago
Does your regex support emoji usernames and domains? (both of which are in use, e.g. https://mailoji.com/)
By qingcharles a day ago
Both parts are limited to 7-bit ASCII or a subset thereof. Emojis have to be in punycode. You could theoretically use UTF-7 for the local-part but nothing supports it in practice.
By kevin_thibedeau a day ago
My project doesn't even support emojis or unicode. In context, it's not an issue.
By 90s_dev a day ago
That is officially the most cursed thing I've read all week. People really do love to do bizarre things just for the hell of it sometimes.
By bigstrat2003 a day ago
You should know there is a standard regular expression for validating email addresses mentioned in an RFC.
By andrewmcwatters a day ago
The real validation is the link in the confirmation email.
Tbh though ideally you would use the most restrictive validation that exists in the mail server. If mail server accepts '@tld' you do too.
By Xss3 19 hours ago
I'm sure there is. And I'm sure many email servers deviate from it.
By 90s_dev a day ago
All domains including TLDs are sub domains of “.”
That’s why there is a trailing dot you see in NS records for example.
By tzury a day ago
Trailing dot is complete record, don't add any search domains onto it. (https://en.wikipedia.org/wiki/Search_domain) It's why NS records should have trailing dot in return to prevent unexpected lookup behavior.
Technically you can put just hostname for CNAME record. Obviously, any clients that don't have that domain as search domain will fail but for internal domain, you could do it.
By stackskipton a day ago
Seems Chrome also adds the dot at the end in the address bar.
By Salgat a day ago
AFAIK calling DNS root the "." is quite recent phenomenon.
I'm fairly old guy who did work with DNS about 35 years before retirement and what I recall from the beginning when I was reading my first copy of DNS and BIND somewhat quite soon it came out -92 I think the second chapter which describes DNS root "A null (zero-length" was already there.
So a FQDN (Fully Qualified Domain Name) well known www.google.com the would be www.google.com."" where between the quotation denotes where the DNS root is shown.
However, resolvers don't recognise that syntax. Don't be fooled by
$ host www.google.com.""
www.google.com has address 216.58.209.164
www.google.com has IPv6 address 2a00:1450:4026:802::2004
from the shell as it removes those double quotes. Using single quotes around shows how that fails and you can check it easily.
$ host 'www.google.com.""'
Host www.google.com."" not found: 3(NXDOMAIN)
The way I learned to understand it the dot in DNS name is (it signifies) the DNS-tree separator, not part of the DNS name. A bit like in some languages (Pascal) use semicolon (;) a sentence separator not an end of sentence like it's in C and many it's practise adopted later.
OK, here's an excerpt from DNS and BIND by Cricket Liu & Paul Albitz, O'Reilly ISBN 0-596-10057-6, Fifth Edition 2006 book which I still have a printed copy in my shelf and shows what I'm referring above.
Chapter 2: How Does DNS Work, page 12, text after Figure 2-1 they write:
"Domain Names
Each node in the tree has a text label (without dots) that can be up to 63 characters long. A null (zero-length) label is reserved for the root. The full domain name of any node in the tree is the sequence of labels on the path from that node to the root.
Domain names are always read from the node toward the root ("up" the tree), with dots separating the names in the path.
If the root node's label actually appears in a node's domain name, the name looks as though it ends in a dot, as in "www.oreilly.com." (It actually ends with a dot—the separator—and the root's null label.) When the root node's label appears by itself, it is written as a single dot, "", for convenience. Consequently, some software interprets a trailing dot in a domain name to indicate that the domain name is absolute.
An absolute domain name is written relative to the root and unambiguously specifies a node's location in the hierarchy. An absolute domain name is also referred to as a fully qualified domain name, often abbreviated FQDN. Names without trailing dots are sometimes interpreted as relative to some domain name other than the root, just as directory names without a leading slash are often interpreted as relative to the current directory.
...
"
I don't have old book copies any more, I've just this one with me.
By mesrik a day ago
Oh. Thank you. I had wondered.
By jfengel a day ago
At one point we were looking at moving a bunch of separate domains under a single dotless domain, due to the threatened death of 3p cookies, so that cookies could be dropped directly onto the cctld (think "you're logged into the entire TLD"). As the owners of the cctld it felt like a neat use that technically could work but ICANN and other groups are explicitly against that.
To me it felt very AOL keyword
By hirsin a day ago
I think done well, AOL keywords are actually a good idea.
They could also cut down on the fraudulent websites out there.
Not sure how to fully implement it but given the safe browsing features already implemented in web browsers it could perhaps be part of that. Or a new TLD.
By mattl a day ago
I imagine they'd have all the lovely problems of both EV certs (sure, you're legitimately PayPal Corp, in Malawi) and limited real estate price squeezes.
Curation of "good" or "real" websites has been tried before - I don't envy anyone that wants to try another go at it.
By hirsin 13 hours ago
I knew someone who had email ??@ua (two letters masked for priivay) which might have been one of the shortest email addresses in the world. Unfortunately it was not very useful as most email systems failed to recognize it as a valid email address. :(
By vzaliva a day ago
I know that Len Sassaman had r@ai for quite some time, so your friend didn't have the absolute shortest address. Still a cool one though
By thequux a day ago
> two letters masked for priivay
You do realize there are not that many two-letter combinations…? :)
By codethief a day ago
That doesn't impact the privacy much. Much like being able to guess every phone number.
By Dylan16807 11 hours ago
It's funny seeing that list of MX apex records. In response to me trying to show off how I had acquired a single letter domain, and had a single letter e-mail address (which resulted in *@*.**, replacing asterisks with letters), my boss showed how he was able to receive an e-mail address under one of those two-letter 'MX apex records'...
By zatkin a day ago
This website has been temporarily rate limited
You cannot access this site because the owner has reached their plan limits. Check back later once traffic has gone down.
I had a teacher in high school who once wrote a URL on the whiteboard like this: com/foo/bar.html
Upon informing him that he had forgotten to write the domain, I learned that the site was actually www.com, and he had just left the http://www part off because “the web browser adds that automatically”. I assured him that, while in principle he was more or less correct, but in this case it wouldn’t work. He ended up adding the www, but I could tell he was skeptical that I was just being a smart ass.
By zoky a day ago
I used to work with a very gifted old school systems engineer who used to run the network and systems behind a country TLD; I remember him telling me about how he sent an email from the TLD itself out to the world - something that baffled and shocked me as a junior at the time, simply thinking it wasn’t possible.
By Tsiklon 12 hours ago
Every ten years I fiddle around with DNS and look for these weird names where the top level domain resolves to an actual address.
It's funny to refer to these as "dotless" since you still need a dot, on the end, to "canonize" the name and tell your DNS recursor 'hey, stop appending domains to see if you can find this.'
And, our recent history has "Canonized" a new pope, and you could (maybe?) look it up against one of the few dotless global DNS entries, but it's still going to need the trailing dot to tell your recursor that it's a canonical name...
By cduzz 19 hours ago
i remember back in the old days a MX queary for a single letter between 'a' and 'm' would be sent to that root. if they wanted to, they could resolve the response.
i remember having a conversation w/ paul vixie that he had either set it up (or was presenting it as a thought experiment) that he could have the email address "p@f". and i trust paul knew what he was doing with respect to DNS and RFC822 email.
By OhMeadhbh 18 hours ago
My uncle had one of these in the 90s. All I knew was he was a higher up at the university in his smallish country, and ran their internet stuff. It confused the heck out of me when he verbally told me to bring his website up at Thanksgiving dinner, and after I typed a dot, he said "no no, no dot. just enter" And it worked. Baffled me as a kid. Nice to finally have some explaination for that fever dream of a memory.
By geor9e a day ago
Temporarily rate limited?
By sebmellen a day ago
Hug of death
By avipars 16 hours ago
Slashdotted
By webprofusion a day ago
hahaha siteless website due to "global cdn" not being paid lmfao
By adwawdawd a day ago
Is it just me to whom it showed cloudflare rate limit.
And then I clicked on the HN to see an archive link and then it worked perfectly.
Jeez, If I am going to build any blog, I am just going to publish to archive.
By altprivacypls 16 hours ago
yea the people at uz have no idea what theyre doing lmao
By kreativ_py a day ago
Does HN really have that many lurkers that it can can cause a hug-of-death on a website behind cloudflare like this??
By notepad0x90 a day ago
Wasn't Cloudflare supposed to prevent DDOSing?
It seems only a privacy leak tool now.
1000 requests / min @ 10ms limit / request. That's 16 requests per second. Any reasonable CMS, wiki or blogging tool should be able to do one request in 62.5ms. Add on cacheing for non logged in users and nginx serving anything static, that's less than the power a $5 VPS provides.
At these rates, the case for Cloudflare is a lot less than it was.
By throwaway519 a day ago
Obviously a $5 VPS would give you more raw compute than the Cloudflare Workers free tier.
However:
1. It would run in a single location in the world, whereas Workers (even on the free tier) will run in Cloudflare locations all around the world, close to the end user, reducing latency.
2. If you're going to compare against a $5 VPS, the $5 Workers paid tier is probably a better comparison? It can instantly scale to millions of requests per second.
(Disclosure: I'm the tech lead for Cloudflare Workers.)
By kentonv 19 hours ago
A privacy leak tool, and an annoyance generator. Every time I have to click their silly "prove you're human"-thing I feel a little more dehumanized.
there a fine line between DDOS from bots and 30k real users accessing your site at the same time
cloudflare do not provide resource for the latter
By tonyhart7 a day ago
don't they offer caching?
By singularity2001 a day ago
isnt the point of a DDOS being unable to differentiate the traffic and therefore not block it? ideally it would look like organic 30k
By 93po 21 hours ago
Yes, I have had to block all of Asia before on forums, at verisign. It was more than 30k IPs.
By genewitch 3 hours ago
62.5ms for a non-cached request? In my experience that’s really fast response time for a blog even on a dedicated bare-metal server.
By mklepaczewski a day ago
That is reasonably fast. We wrote entire games in PHP where we aimed for wall time under 100ms. That is a challenge, but often doable. Some routes managed to respond in under 50ms.
By ahofmann a day ago
Go on—I'll bite! What did you write?
I spent a colossal amount of my childhood and teens playing browser-based games and have zero regrets!
By hammyhavoc a day ago
You probably haven't heard of them. We were a German studio, and most of our games only reached a few tens of thousands of players. The biggest hit was Xhodon — it had a bit of a following among World of Warcraft fans. It was a fun time.
By ahofmann a day ago
Really? Why?
Blog posts don’t change much. Even if your rendering code is horrendously slow (though, why?), you can just cache the resulting html and serve it up with each request. Or slap nginx in front of your web server locally and let that deal with the load. ‘Course you’ll need your http headers set correctly, but you needed that anyway for cloudflare.
Your server has to be pretty badly configured for a personal blog to run out of CPU handling requests.
By josephg a day ago
Everything you wrote is true, but this is not how it works in practice. Usually, the person running the blog uses WordPress, and doesn't know about caching. They add a few plugins that significantly increase response time and make the response dynamic (for example, CSRF nonces). Add to that some "static" AJAX requests (which usually are POSTs and not cacheable), and it all adds up.
I wouldn't bet on an average dev being able to set up and configure nginx + Cloudflare correctly.
>Course you’ll need your http headers set correctly, but you needed that anyway for cloudflare
Not if you don't use CF to cache "dynamic" content.
By mklepaczewski 3 hours ago
mklepaczewski was probably talking about end-to-end. I.e. the number you see in the network tab for request duration - whereas the pricing will only care about the time that the application is actually doing something.
That basically means it starts after the connection was established by the proxy (cloudflare) and terminates before the response is delivered to the client.
Doing the whole round trip within 65ms is actually pretty challenging, even if you are requesting over the wire. It would mean you have maybe 10-20 Ms to query data from the database and process them to html or json. Any kind of delay while querying the database is going to ruin that.
If you had a 65ms in the application, you would probably get a round trip average of something above 90, likely closer to 150 then 90.
By ffsm8 a day ago
For a blog? Why is a blog fetching data from a database on every request?
If you cache the response yourself (or use nginx), the server should be responding to queries in <1ms.
By josephg a day ago
This isn’t a performance hug of death, it’s a rate limit one.
By ezfe a day ago
Yes, and it does that well. This user has exceeded the 100,000 free workers invocations per day, a different service.
By reassess_blind a day ago
Looks like it's not "behind cloudflare", but served using Cloudflare Workers. Probably on the free tier, which is capped at 100000 req/day.
By franga2000 a day ago
The Cloudflare Workers free tier is not unlimited. They offer two options on how to handle the situation [1].
It’s because it’s a poorly made Cloudflare worker site that prob ate up their free tier credits quickly
By systemswizard a day ago
This is an Cloudflare Worker issue right now. Although I have no idea what the site is and why does it not work.
Most site, on simple page like CMS or wiki should be static. And serving it from cache even a $5 VPS could do a few hundred page view per second, or 1000+ Request per second. I dont believe HN generate these amount of traffic. From previous note on other HN front page page it is actually much smaller than most expected. Something like IIRC 30K to 50K Page views - over the course of 24 hours.
By ksec a day ago
A $5 vps can handle around 15k req/s with a normal setup (you then hit the limit of what a webserver can serve, maybe up to 35k but then it's really over).
Mind you, at that point you serve more requests slower, before that you don't even notice a latency increase.
By lionkor a day ago
Yeah I was thinking of being limited by the pipe of 100mbps rather than CPU. But I just checked on Linode and DO turns out those low cost VPS no longer has this limitations. I guess I need to update my mental model.
Just shows again we really don't need CDN for most things. Just keep it simple.
By ksec a day ago
$5 doesn't mean to everyone what it means to you. Not everyone lives in America
By efilife 20 hours ago
Functionally a raspberry pi 2, that's what I consider $5/month tier. AWS had the t1.micro, but they also have the tiny lightsail VMs, ~1vcpu, 512mb RAM, slow disk, 100-1000mbit nic.
By genewitch 3 hours ago
User would have to enable caching in CF and the response from the server would have to be cacheable for CF for caching to kick in.
By lazaruzLong a day ago
By nulbyte a day ago
By qingcharles a day ago
By Joker_vD a day ago
By rzzzt a day ago
By pas 20 hours ago
By tech234a a day ago
By bingo-bongo a day ago
By leshokunin a day ago
By 0points 21 hours ago
By ranger207 a day ago
By layer8 20 hours ago
By chrismorgan 19 hours ago
By layer8 18 hours ago
By ryao a day ago
By efitz a day ago
By immibis a day ago
By Mindless2112 a day ago
By esperent a day ago
By fluidcruft a day ago
By esperent a day ago
By johannes1234321 20 hours ago
By ForOldHack a day ago
By fluidcruft a day ago
By bawolff a day ago
By itsgrimetime a day ago
By phanimahesh a day ago
By 90s_dev a day ago
By opello a day ago
By hug a day ago
By davejagoda a day ago
By 90s_dev a day ago
By FlamingMoe a day ago
By 90s_dev a day ago
By AStonesThrow a day ago
By pimlottc 9 hours ago
By AStonesThrow 6 hours ago
By pelagicAustral 20 hours ago
By rat87 a day ago
By tomcam an hour ago
By tony-allan a day ago
By Animats a day ago
By eadmund 19 hours ago
By anticrymactic 16 hours ago
By wibbily a day ago
By dgellow a day ago
By Tsiklon 12 hours ago
By thedufer 17 hours ago
By Biganon 17 hours ago
By tuckerman 14 hours ago
By CraftThatBlock a day ago
By 90s_dev a day ago
By jph00 a day ago
By 90s_dev 19 hours ago
By gerdesj a day ago
By esperent a day ago
By AStonesThrow a day ago
By leslielurker 2 hours ago
By Dylan16807 11 hours ago
By 38 a day ago
By 90s_dev 19 hours ago
By qaisjp a day ago
By 90s_dev a day ago
By esperent a day ago
By thedufer 17 hours ago
By arp242 a day ago
By 90s_dev a day ago
By qingcharles a day ago
By jjani a day ago
By 90s_dev a day ago
By bch a day ago
By rendx a day ago
By bch 16 hours ago
By 90s_dev a day ago
By esperent a day ago
By kevin_thibedeau a day ago
By qingcharles a day ago
By kevin_thibedeau a day ago
By 90s_dev a day ago
By bigstrat2003 a day ago
By andrewmcwatters a day ago
By Xss3 19 hours ago
By 90s_dev a day ago
By tzury a day ago
By stackskipton a day ago
By Salgat a day ago
By mesrik a day ago
By jfengel a day ago
By hirsin a day ago
By mattl a day ago
By hirsin 13 hours ago
By vzaliva a day ago
By thequux a day ago
By codethief a day ago
By Dylan16807 11 hours ago
By zatkin a day ago
By maximilianthe1 19 hours ago
By a3w 17 hours ago
By zoky a day ago
By Tsiklon 12 hours ago
By cduzz 19 hours ago
By OhMeadhbh 18 hours ago
By geor9e a day ago
By sebmellen a day ago
By avipars 16 hours ago
By webprofusion a day ago
By adwawdawd a day ago
By altprivacypls 16 hours ago
By kreativ_py a day ago
By notepad0x90 a day ago
By throwaway519 a day ago
By kentonv 19 hours ago
By elric a day ago
By imiric a day ago
By bryanrasmussen a day ago
By tonyhart7 a day ago
By singularity2001 a day ago
By 93po 21 hours ago
By genewitch 3 hours ago
By mklepaczewski a day ago
By ahofmann a day ago
By hammyhavoc a day ago
By ahofmann a day ago
By josephg a day ago
By mklepaczewski 3 hours ago
By ffsm8 a day ago
By josephg a day ago
By ezfe a day ago
By reassess_blind a day ago
By franga2000 a day ago
By pxeboot a day ago
By systemswizard a day ago
By ksec a day ago
By lionkor a day ago
By ksec a day ago
By efilife 20 hours ago
By genewitch 3 hours ago
By mklepaczewski a day ago