Protection of online project from the "removal"

In the light of the latest attacks on online resources, we had to think about how to secure a project that is sufficiently loaded and has a project that does not have a small database from external attacks. This does not apply to DDOS - quite a lot has already been written about protection against this type of attack. Speech about the guys on call, who can come and in favor of their own or, which by the way is very often in our time, someone else's custom interests, endure everything.

My personal opinion is exceptional - today's legislative base and the owners' appetites have long ceased to respond to the spirit of the times and are already a brake on progress, but let this topic be revealed elsewhere, here I would like to describe the theoretical option of hosting an online project using the torrent tracker example which can be called conditionally safe enough for its owner.
')
A bit of theory - the most applicable torrent tracker architecture is a forum engine, a forum database, an anonser responsible for working with torrent clients, and a statistics database, you can also add image hosting to this. Of course, if the torrent tracker serves up to 30-40 thousand hands at the same time and around 500 active users are at the peak of the forum, then it all gets along on one server, in a fairly standard configuration, but further transition to the big leagues is accompanied by separation of storage and management this whole household.

All this economy is hosted and rotates on 2-4 (maybe more) servers until a certain moment without consequences, until one day the guests came and took the server (s) out. Practice shows that this happens quite suddenly and the owner of the resource is not quite ready for this.

What kind of system can be built to minimize risks and conflicts.

1. ORGANIZATIONAL COMPONENT.

We will need two faces - either this is IE, or this LLC, is not essential; to describe the scheme itself - this is already the choice of who will implement. To describe the scheme, I will name one person, Face LLC, the second LLC Base.

Both of these persons rent each server individually, the main thing de jure is two completely different subjects of law.

2. TECHNICAL PART.

On the first server (Faith LLC) we place upstream - only the web muzzle of our torrent tracker and forwarding of processing requests to the LLC Baza servers. That is, all the work of transferring traffic to clients goes to this server, the DNS record leads to it, and it is, so to speak, “the first to give out.” No data is stored on it - all the logs are in / dev / null. The ideal version of such a server would be a server that we load from a flash drive, he considered all the configs in the RAM and plowing, scattering requests and responses at cruising speed to the joy of customers. You can use other variations of this technical solution - downloading configs from another remote server and the like (I think the problems will find techies for myself without any problems), one principle is important here - if the server is turned on in the right place and with the right parameters it does its job and chops logs in / dev / null, and if the inclusion conditions are not met, then it does nothing, and knows nothing about it. That is, in fact, as soon as he disconnected from the power supply and moved to the department for experiments, he became a stupid empty piece of iron.

On data servers that act as backends, all data processing and storage is performed. They are registered on OOO Base. Here, the usual work of the project, no special requirements other than the delivery of content and data only in the right direction. This is to say the core of the project, which you need to save and save.

3. RESULT

Suppose that as a result of any actions of ill-wishers or competitors, problems arose that are legal in this project. As a result of extreme measures, physical removal of servers may occur. But that in this case will be withdrawn - only Faith LLC server, on which there is absolutely nothing. Even logs. All data remained on the servers of Base LLC and was safely stored and remained safe and sound at your disposal.

4. CONCLUSIONS.

Of course, this decision is not a panacea, it is clear to everyone that if you want, you can close anything, but firstly it will take a lot of time and information - they looked for Bin Laden for 10 years - they didn’t care. But nevertheless, competent use of technical solutions can and should be accompanied by competent legal and organizational support, and then your risks will noticeably decrease. All of the above is applicable for any kind of projects, the torrent tracker in this note is mentioned only as an example of an information system.

Note: I deliberately do not mention in this article about other aspects of protection - domain registration in Libya, hosting in an underground bunker in Sweden, and similar actions.