30 comments

[ 3.1 ms ] story [ 46.6 ms ] thread
Previously I thought of NFSN as a place to host a low-traffic static site for $1/year, or host an unmanaged WordPress site for $1/month. It sounds like it can now run web frameworks like Rails or Node.JS, as well as internal services like Redis.

I'm not sure where they fit in a world with free Google App Engine tiers and $5/mo VPSes. But they've been around a while, doing their thing, so that must be worth something to folks that are leery of the big guys and weary of being victims of acquisitions and product re-imaginings.

> Ruby on Rails, Django, Catalyst, Node.JS, Network.Wai? Sure, technically you can run them here, but it’s not what you’d call a good idea.

Don't get your hopes to high on deploying your rails/node app on NFSN.

They're describing how things used to work. Read the very next line in the blog post:

> Take that long-standing well-known fact about our service, and pitch it straight into the trash.

Oops. I kind of read that bit over and over and still came away with the wrong idea. Reading comprehension failure I guess.
Weirdly, with a bare-bones Wordpress install with barely any traffic, I still spend about $5 every month or two. Not sure what's going on there.

For blogs, I've found that Github Pages offers one of the best deals in the industry. It's free and it allows you to use your own domain; all you have to do is provide static HTML, or alternatively a bare-bones Jekyll site. With a few simple files, it's possible to have a custom domain and 404 error pages. Because it uses git, you automatically get a complete historic archive of your site without having to resort to archive.org. For once, without paying any extra money, you can have your own custom content and not have to manage any server stuff. Just write and publish.

Wordpress requires MySQL which is an added cost of $0.05 a day
It's actually $0.02 for the first process (which can have as many databases as you like) AFAIK.
There are some benefits to using a managed service instead of setting everything up yourself on a vps. The management tools are usually better, and many of the common services are already installed and configured for webhosting. Also its generally less work to deal with scaling using a hosting provider compared to doing it yourself, but it really depends on how much you value your time.
I love NearlyFreeSpeech and they were my first and current web host, although now I primarily use others. They are so incredibly cheap for those who want to host a simple site, and they come with a slew of interesting options like interesting pricing schemes. I hope they never go out of business.
Don't hope! Support!
In the same boat here - do they have a Europe presence yet? Probably the only reason I don't host small sites/landings with them

Still use them for domains

How would you rate their support? Are they good with fixing issues or are there fewer issues than the other hosts you use? Would you recommend them for a site with, say 100K visitors per day?
Hi, eight+ years of using NFS.net. Support is great, they handle stuff quickly and JDW is also very active in the NFS forums.
I've had a site hosted on theirs (Wordpress + MySQL) for 3 years with no problems. Very cheap as well especially since the site is not heavy in traffic, so it doesn't get charged much. Only had 1 support ticket which was my fault and they resolved it quickly.
I am not a fan of their support in general.

I've had to rescue a few people from NFS after a well-intentioned but short-sighted web developer somewhere set up their client's website on NFS, and then the relationship fell apart or the web developer moved on, and the client is left with some issue at NFS but not the technical knowledge to deal with it.

NFS has an entirely inflexible policy towards this situation: nobody but the account holder is allowed to access the account or contact support on the account holder's behalf, period, no exceptions. This is still in their TOS: "You may not set up a membership for an individual other than yourself, access any membership other than your own, or let anyone else access your membership."

If you violate this rule and they catch you at it, they will not only stop talking to you, they will also punitively disable the account.

The end result of this all is that I have to lie through my teeth when dealing with NFS and go through a song and dance that isn't necessary at any other hosting service. (I even like GoDaddy better in this regard; I call up all the time saying, "Hi, I'm a technician for your customer _____, I'm working with them to ______, their account number is _____ and their password is ______...", and it's never been a problem.)

I was an NFS customer about 7 or 8 years ago. It's an OK service. I don't dislike them except for this one obnoxious support issue that bites innocent people in the ass.

I wonder what they're afraid of here? How would allowing this harm them? There must be some reason (even if it's ultimately misguided), but I've been trying to figure it out, and I can't.
I don't really know. If I had to guess, it's because they want to cater only to people that are technically proficient and don't require a lot of support.
If you ever lose both your login & access to the email address from which you signed up, you will lose everything you host with nearlyfreespeech.

I was trying to help a friend recover his own site after the pre-paid credit expired. A mutual journo friend had set it up years earlier but lost access to an old email address. It was down because the pre-paid credit had expired, but wouldn't even take payment from someone they didn't know to get it back up.

Support wouldn't empathise or even help "in principle", i.e. "Given that we've lost access to the original email address that our friend signed up with, how can we go about recovering this account, give you some money saving the domain"? The answer was essentially: we don't care, you're dead to us.

I run an ISP in the UK that takes backup contact options, so I was trying to go through what options they _might_ have to help, but they weren't interested.

Cheap is good, especially when you're setting up sites for friends, but always think twice about the support you might need years down the line.

Personally, I think this is a feature. It's nice to know that a third party cannot socially engineer them into access to my site.

Of course now it all hinges on the social engineerability of my email provider, but they're getting better and better at this too.

There's a difference between "asking to recover an account of that's in active use" and "asking to recover an account which is in arrears and unreachable for the last two months", though. I don't think I'd mind if people were able to socially engineer the latter; they'd have to pay my account off to use it!
Actually they have improved on this a lot. If you lose access to your account and your configured mail address, there are various actions (like sending bank statements, government ID, secret question/answer pair, ...) you can take to get it back. But instead of relying on a single verification method, you are required to submit at least X different proofs of identification, where X can be set by yourself (before you lose access, of course).

This is a lot better than blindly trusting that every "lost password" request is legitimate.

For more information you can check out their FAQ entry on the issue: https://members.nearlyfreespeech.net/faq?q=LostEverything#Lo...

This is not true. There are several recovery options offered by NearlyFreeSpeech. They are defined in great detail on their website. They offer two factor (TOTP) as well:

"Our membership recovery procedure comes into play when you lose your password and access to your email at the same time, or if you have 2-factor authentication configured and lose the second factor. To regain access, you will need to contact us and perform a certain number of verification actions."

Possible verification actions:

* You provide a scanned copy of a government-issued photo ID.

* You provide a scanned copy of a statement showing both the most recent deposit and a name and address matching one of your accounts.

* You complete SMS verification. (SMS must be previously configured.)

* You complete 2-factor verification. (2-factor auth must be previously configured.)

* You correctly answer your security question. (Security question and answer must be previously configured, below.)

* You use an ssh key to create a file with a specific name on one of your sites hosted here. (Must be previously configured, won’t work if account is empty.)

* We try and fail to contact you via your currently configured email address. (This one may take a long time.)

Recovery Thresholds:

* Scorched Earth. If you lose access to your membership, you won’t be able to recover it. But neither will anyone else. (This is not a joke. If you set this option and lose access to your membership, it and everything on it will be inaccessible until it expires.)

* All possible actions. Excessive security. Just because you’re paranoid doesn’t mean they aren’t after you.

* Five actions. Very high security. Regaining access will be a huge pain for you, and rounds-to-impossible for anyone else.

* Four actions. High security. Provides enhanced protection but if you need to recover access to your membership, it’s probably going to be pretty inconvenient.

* Three actions. Default security. Provides good protection without making membership recovery too miserable.

* Two actions. Reduced security. We really don’t recommend this, but if you’re really forgetful and really sure nobody would ever target your membership, this option exists.

* One action. No security. All it takes is an email bounce and your membership goes to the first person to ask for it. (This is a joke. Don’t pick this.)

Confirmation:

* I understand the recovery setting I'm picking, and I am solely responsible for the consequences.

To be fair, that level of customizability is fairly new; It was only announced about 8 months ago[1]. I don't know how strict the previous recovery procedure was, since I never had to make use of it.

[1]: https://blog.nearlyfreespeech.net/2014/02/28/price-cuts-more...

My "computer says no" support experience was in November 2013.

If there were any options to save my friend's data and domain registration, their support guy didn't know about them, or wasn't willing to tell me.

They also have an adjunct member feature: "Any members added will be able to use FTP and ssh to access the site just as you can."

That feature has been there for as long as I remember. (over 8 years)

This is great.

I love NFSN - I've hosted a lot there. It's brilliant for sticking up something simple, and they've weathered a number HN frontpages / stuff going viral on Twitter / etc, etc without any problem.

I get that they're incredibly low cost, but their MySQL support (MariaDB 5.3 with InnoDB disabled by default) seems not that great to me. Also, they say that their optional InnoDB support uses "MariaDB's advanced high-performance XtraDB implementation" -- XtraDB is made by Percona, not MariaDB.
(comment deleted)