Prevent Netlify from mistaking my multi-IP load testing for a ddos

Hi,

I’m about to run multi-IP load testings against my own netlify-hosted static website because we might have a massive exposure shortly.

Is it worth making such a test, since the website is static ?

If so, how can I prevent Netlify from mistaking that testing for a ddos ?

Thank you for your help.

Hi there,

You should not run any tests against Netlify without extensive consultation with our Support team about best practices. Such tests, when set up naively, are rarely very good estimators of how our CDN performs under real traffic. Further, tests without explicit written permission, which we will only grant you AFTER consultation, and WITH a paid account usually at the Enterprise level, are not allowed as you can see in our terms of service:

(see section 4.8).

Our network is capable of handling tens of thousands of requests per second, so our usual advice, especially for customers not on the enterprise network or willing to pay to be on it for the purposes of a test, is that we have plenty of capacity for anything up to and including getting on the front page of hacker news, being on shark tank, and airing a super bowl commercial - all 3 of those have happened to more than one customer and we’ve had no trouble handling the traffic.

If you’d like to talk with sales about an enterprise account so we can permit and advise you on ways to load test, let me know and I’ll have them get in touch!

Hi,

Thank you for your reply.

Let’s skip the load testing and focus on bandwidth scalability first, please.

When I benchmarked all the solutions to host my static website, a key argument that made me choose Netlify is the fact that, among other great features, automatic bandwidth scalability was provided in the Starter plan: 20$/100GB.

Until your reply I believed this meant I didn’t have to fear my website to gain massive visibility without any notice, as long as my bank card was filed to pay 20$ per extra 100GB. Should I be afraid ?

Or do I have to pay a 1000$/month enterprise account to support such a sudden massive number of requests ?

Thank you for your help.

We automatically grant extra bandwidth packages as needed, and we’ll keep your site up while you work out payment details (for a couple of weeks if needed). There is no need to preemptively upgrade or pay us, based on potential bandwidth; we’ll only charge you if you overrun the free limits (or limits on your account type, in case you’d rather pay 45 for the pro team, for an extra 60 worth of bandwidth a month). You can use as much bandwidth as you like on any plan.

I feel reassured now. Thank you.
Just to make sure, since this is the core question behind my post :

  1. With a Starter Plan : what is the maximum requests per minutes allowed ?

  2. Same for a Pro Plan ?

Thanks.

There are no such maximums set on any plan; we don’t rate limit at any level. Our CDN can handle tens of thousands of requests per second, so you can extrapolate to what it can handle per minute :slight_smile:

If your traffic is so vast that it is impacting our service for other clients, we will work to mitigate that, but in practice, that has only happened a handful of times and in every case I can recall, it was a long-running attack.

Thank you very much for these explanations.