What is a small Internet
There is no single definition of "small Internet", and in the professional environment this phenomenon is understood in different ways. For example, Aral Balkan, the author of the idea of the Small Web and the open Kitten solution for website development, refers to the small Internet as minimalistic web0 services owned and operated by small teams of specialists.
In general, the Web0 movement, of which Balkan is a participant, implies the decentralized operation of such projects, but without blockchain technologies (although with open licenses).
Similar principles are followed by representatives of the IndieWeb movement, who refer to the small Internet as small solutions by independent specialists, as well as relatively well-known services and platforms. Moreover, the openness of developments is also important for the "individuals", due to which small projects can interest and attract third-party specialists, accelerating their development.
Others see the "small web" as a kind of rebirth of the "warm lamp" sites of the early Internet. Such projects not only resemble their predecessors visually, but are also often supported by developers for the sake of the idea itself. It is the absence of advertising and all kinds of "monetization" that attracts additional interest to them.
Other projects can be attributed to the "small Internet". For example, social networks and platforms for joint development like SourceHut and Codeberg, which are an alternative to the sites of large vendors. By analogy, in the field of technological media, the "relatively small Internet" is represented by resources such as Hacker News.
In general, small web projects vary in their goals, scale, and number of users. Moreover, according to the latter parameter, many of them can be classified as "average web". At the same time, most of these sites and services are supported by relatively compact teams, which often lack not only the resources, but also the competencies to protect projects from DDoS attacks.
Babies are under threat
DDoS attacks are becoming more powerful every year, their number is growing, and among the targets of intruders, not only large, but also medium and small resources are becoming more common. Not so long ago, SourceHut and Codeberg sites were hit by DDoS. The first one faced a 170-hour attack. The second one was exposed not only to DDoS, but also to a spam attack that lasted for several days.
Quite often, owners of small projects consider themselves insufficiently "concise" targets for intruders. Allegedly, it makes no sense for them to attack someone's blog or SaaS for a couple of thousand users - what is the benefit? And that's partly true: attacks on small sites don't really cause serious damage, but that doesn't mean there isn't any at all. There is a non-zero chance of becoming the target of some script kiddy who chose the resource just to practice (or for fun). His malicious activities are quite capable of causing inconvenience both for independent developers themselves and for users of their projects.
For example, the author of a small technical blog about the development of 2coffee.dev has repeatedly become a victim of DDoS attacks. Over the course of three years, he has experienced mild attacks that briefly slow down page loading, and more serious ones that lead to server unavailability. "They didn't cause major damage, but they were very tiring," the developer writes. "Most of the attacks were short—lived, and all I could do was sit with my teeth clenched and wait for them to end."
Another case study attacking a minimalistic note-taking app was described by solo dev Takuya Matsuyama. At that time, the project's user base did not exceed 20 thousand people. The attackers used a flaw in the registration API to create 34,000 fake accounts at once (apparently using mail from merged databases) and send phishing emails on behalf of a legitimate source — at the moment, the load on the application infrastructure increased sixfold.
What you need to know about protection
In the context of these events, experts draw attention to the importance of developing not only proprietary security solutions, but also open alternatives like DDoS Open Threat Signaling (DOTS), which could protect small and medium-sized Internet projects from classic DDoS attacks, and from the aggressive effects of bots and AI crawlers. The purpose of DOTS is to provide universal protocols for countering DDoS attacks. However, work on the initiative has been underway not so long ago, since 2021, and it has not yet gone beyond the scope of discussion.
If we talk about other open solutions for protecting small and medium-sized Internet networks, we can single out the FastNetMon project. This is a package for detecting and repelling DDoS attacks. You can use it to set thresholds for the number of connections and configure notifications. Custom scripts that perform similar functions and allow you to withstand small-scale DDoS attacks are also transferred to open source. However, such solutions often remain without active development and fresh updates.
In general, working with open-source tools requires a certain level of expertise that developers of small and medium-sized projects and private authors who host their own blog may not have. And it can be difficult to protect yourself from large-scale DDoS attacks in conditions of limited resources.
"I do not know how to effectively protect myself from large-scale DDoS attacks," writes the same author of 2coffee.dev. — I have set up limits on the number of requests; each IP address can send no more than ten. They tell me that I have to upgrade the server, but where will I get the money for it? As a result, I decided to migrate the project to the cloud."
There are quite a lot of tools and options for protecting against DDoS attacks that owners of small and medium-sized Internet projects can use. But experts are confident that DDoS will not cease to be a serious threat to compact projects, blogs, and minimalistic web0 services. Therefore, it is safe to say that the classic "shield and sword" fight will continue.
The MWS cloud infrastructure complies with legal regulations and has the appropriate security certificates. Reliable virtual infrastructure at no cost at the start.
