Get best of the week

Eternal server - how to get rid of monthly hosting payments



- There are not enough funds in your account to extend the service. All your work in 10 years will be destroyed within 2 business days.


Everyone is familiar with the situation when the charges for the hosting occur at the wrong time: the money ran out on the card or it has expired, the notification letter fell into spam, you have a move at this moment and gives birth to a cat. As a result, services are blocked, everything breaks down, and urgent need to run to pay. And also a crisis, you need to try not to die from the coronavirus and you have to choose between buckwheat and paying servers for personal projects.

In this article, we will tell you how to get rid of regular payments for hosting content, domain names, SSL certificates. And how to make the most autonomous server that will survive the zombie apocalypse.

Eternal domain



To create a project that can survive any crises, you need to optimize all entities and get rid of monthly and annual payments as much as possible. Although the domain name is small, it’s an expense item, we’ll try to optimize it.

When choosing a domain name, it is important to consider that the policies of different domain zones are different. Some domains can be renewed for 10 yearsand forget, and others need to be renewed every year. In addition to the renewal date, there may be other restrictions on the period that the domain will operate without interference. For example, a recent ICANN initiative sometimes requires you to manually confirm the validity of the email addresses provided on whois. Choosing a domain that you can pay once and forget for a long time, you need to consider all the features of the domain zone rules. Let's try to figure out which domain is best suited for eternal projects.

The privacy of personal data in the zone .RU


There is a misconception that all domain zones (TLDs - top level domain) belong to one organization like ICANN, but this is not so. ICANN only establishes general rules and coordinates the work of organizations that manage their domain zones.

Each domain zone has its own organization that sets the rules for it. For example, the .ru zone was previously managed by RosNIIROS (Russian Research Institute for the Development of Public Networks), and now a separate organization, the Coordination Center for the National Internet Domain , has been created .

This organization sets the rules for registration and resolution of disputes within the domain zone.
It is important to consider that according to the regulations of the RU domain zone. I.RF, your personal data may be disclosed by the registrar upon a lawyer's request.



According to clause 11.2.4 and 11.2.3 of the rules of the domain zone of the RU and the Russian Federation, information about the domain owner can be issued by lawyer or court request to the registrar. The registrar has the right to provide information about the exact full name (name) and location (residence) of the administrator only upon written request for the purpose of filing a lawsuit.

This means that anyone who turns to a lawyer who is a member of any Russian college of lawyers and has a lawyer's certificate can find out the full details of your domain name.
Anyone can disclose the registration data of the individual to whom the .RU or . domain is registered, including his home address, phone number, full name, passport number, etc.
Here is the response to a lawyer's request using the example of a registrar reg.ru:


[Clickable] Answer to a lawyer's request with full details of the domain owner

At some point, someone may not like your project, or vice versa, your beautiful domain will be liked, and they will want to talk with you personally to discuss issues. It’s rather unpleasant to see people on your doorstep who have come to discuss your site. This should be borne in mind when registering a .RU or . domain, if your goal is to register and forget.

How to buy a domain for 10 years?


The maximum domain renewal period is determined by the domain zone regulations. For the .RU zone it is 1 year, for the .COM and .NET zone it is 10 years . However, not all registrars offer an extension of 10 years. It is important to note that some registrars offer domain renewal services for a longer period than the domain zone rules allow. This is a marketing ploy, in fact, they simply charge you for paying for several renewals and then secretly renew the domain without notice. The real term for which the domain is renewed is indicated in whois in the Expiry Date line .


The real domain expiration date is specified only in whois

It is important to be able to distinguish the real domain expiration from what the registrar shows in his panel, because the prices and terms of the renewal can change, and then the registrar can review the renewal obligations. Also, when transferring a domain to another registrar, only the real renewal period will be taken into account.

So we decided to renew the domain for the longest possible time, remember that .COM and .NET can be extended for 10 years. To do this, you need to choose a registrar who truly renews the domain for this period. There are not so few of them, most large foreign registrars can do this, for example: uniregistry.com , domain.com and others. Cloudflare ServiceIt doesn’t allow you to register domains with them, but it allows you to transfer a domain to yourself with an extension of 10 years.


Not all registrars can renew a domain for 10 years

Can I buy a domain forever?


To date, I do not know of a single domain zone offering such an extension option. Free domains like .tk, .ml, .ga, .cf, .gq require regular confirmation by email and can be deactivated at any time. According to rumors, if your site on a free domain becomes quite popular, the registrar can select it under a far-fetched pretext and hang a blank with advertising there. In addition, they can be easily blocked for any complaint, so I do not recommend choosing them as an option for a long time.

Even domains renewed for 10 years may require confirmation by email. Sometimes ICANN initiates a contact verification process and requires the registrar to send a letter with a link to customers. If, within a certain period of time, you do not click on the link and confirm the data, the domain may be temporarily blocked. Therefore, it is important to view the mail to which the domain is registered so that it is not suddenly selected.

Perpetual SSL Certificate




Every year, browsers and operating systems are increasingly strict about the unencrypted HTTP protocol. Google Chrome in new versions promises to show a warning that you are visiting an insecure site using the protocol if the site does not have HTTPS support. Search sites lower in sites without HTTPS. Therefore, it is obvious that without an SSL certificate will be difficult.

How not to suffer from the constant expiration of SSL certificates and buying new ones? Of course use Lets Encrypt! This is a popular free service for automatically issuing SSL certificates. It allows you to forget about releasing SSL certificates forever and entrust this to automation. For him, there are many implementations and clients, just like the setup instructions. For a bundle with the nginx web server, the most popular certbot client. Most likely lets encrypt with us for a long time, and in the next 10 years its protocol and conditions are unlikely to change much.

The usage description of lets encrypt is beyond the scope of this article, so we will only cover important points. When issuing a certificate, you are invited to optionally specify an email. Notifications will be sent to this address if the certificate for some reason could not reissue itself. The ACME protocol on which lets encrypt runs is sometimes changed and requires a client update. Notifications that you are using an outdated client will also come to this mail.


Deprecated protocol reminder letter from Lets Encrypt

During the existence of Lets Encrypt, its protocol has been amended several times, and it can be expected in the future that this will continue. So it’s important to keep track of his reminders so that the certificate does not suddenly break.

SSL certificate without domain


It is impossible to issue an SSL certificate without a domain, but what if you deploy the server for internal API or tests, and you don’t want to buy a domain just for the sake of a certificate. And it’s not necessary, because you already have a domain bound to your server! The SSLip.io service provides pre-generated domains for all existing IP addresses in the world.

Simply convert the IP address of your server to a special subdomain entry.

Here's what it looks like:

If the IP address of the server is: 123.45.67.89
The domain will be: 123-45-67-89.sslip.io

Check if this is true:

$ host 123-45-67-89.sslip.io
123-45-67-89.sslip.io has address 123.45.67.89

So you can instantly issue a certificate for a new server without having to configure any domains and DNS. SSLip.io can be used in scripts in conjunction with automatic detection of the server’s external IP address, and generate a fully configured server right at the first boot.

Eternal server


For those who are annoyed by the monthly and annual hosting payments, we have come up with a new type of tariff - eternal servers. It is enough to pay for the server once and never again think about it, the server will work until the end of the century or until a new virus destroys us all.

This is especially useful for developers who use the server to host hobby projects, tests, and development. No need to worry that the server will shut down for non-payment or at the right time there will be no money on the card, which is especially true during times of crisis.



Features of the most popular perpetual rate:


Processor: 2 cores, processor frequency up to 4.5 GHz. Processors of the Intel Scalable family are used.
RAM: 2 GB DDR4
Disk: 40 GB NVMe
Traffic: 32 TB / month
Channel width: 500 Mbps
OS: Linux or Windows license cost is already included in the tariff

Is the server eternal?


Yes, as long as our data centers exist and the Internet works, the service will be provided. The tariff will never be changed to a paid one. The reason for disconnecting the service are: violation of the rules of use, in particular the distribution of prohibited content, malicious activity, fraudulent actions or a court order.

Are there any hidden charges?


No. No separate installation fee will be charged. The price includes 1 IPv4 address. You can reinstall the OS on the server from the control panel for free, without limiting the number of times.

What happens if the traffic ends?


The quota for the total volume of traffic is 32TB per month, incoming + outgoing is taken into account. Exactly this number is obtained when the channel 100Mbit / s is fully loaded for a month. If the quota is exceeded, 200 rubles will be deducted from the account. for 1TB. If at this moment there is no money in the account, then the server will be suspended.



Automatic Security Updates


If a zombie apocalypse comes, you are likely to be too busy to read regular reports on security and new vulnerabilities. In the struggle for survival in the bunker, you can easily not notice that the software on your server has become vulnerable.

If you do not patch vulnerabilities in time, you will be quickly hacked and a cryptocurrency miner will be launched on it or added to the DDoS botnet. In this case, there is a high probability that you will be blocked for malicious activity or resource overruns.

To combat such situations, there are automatic security updates. In Ubuntu, this is called Unattended upgrades , but there are analogues in other distributions.

Consider setting up on Ubuntu:

#   
apt-get install unattended-upgrades

#     
dpkg-reconfigure  unattended-upgrades


Activating automatic security updates

By default, the system will check for security updates once a day, and if updates are available, then automatically install them. To do this, the server can be automatically restarted, so it is important to configure the necessary services to automatically start at startup. It should be remembered that unattended-upgrades installs only critical security updates, the versions of installed programs and distribution will not be changed.

Conclusion


All the tips described in the article still require you to carefully monitor your mailbox in order to respond to urgent notifications. Unfortunately, one cannot get rid of this yet, so falling into a coma for a long period is still risky.

But it will help you optimize your expenses and not depend on monthly payments. Of course, large projects cannot be left in autopilot mode for a long time, they always require attention and completion. Described in the article is more suitable for hosting hobby projects, development, smart home applications, monitoring, personal VPN server, Telegram-bots, etc.

Please share in the comments what you have found ways to optimize costs.

More articles:


All Articles