Show HN: OneSite – Free, unlimited web hosting with cPanel and support. Yep (opens in new tab)

(onesite.co)

19 pointsMatoBo9y ago24 comments

24 comments

One major issue I see with free: there's no implicit contract and thus no expectation of long service life. Which is a real biggie when it comes to hosting.

Even paying a nominal fee for hosting (see https://www.nearlyfreespeech.net) is better than paying nothing. Because the exchange of money creates the expectation of services rendered.

The issue is security. Not in a technical, hardened web-server sense. But in the legal sense. A shared web host has root access to your databases. It has access to your API keys. It controls what files are served for your domain name. Paying for a service creates a business relationship, and at least the expectation of liability should a web host act maliciously.

MatoBoOP9y ago

Hello, We've developed a sustainable business model. Without the free hosting, OneSite wouldn't make sense. Our main objective is becoming a high quality cheap web hosting. To do this, instead of spending a lot of money on advertising, we are providing free hosting, to reach the same point, at a lower cost. Free hosting is what will make OneSite make sense. We will make a profit with AdSense in our website and with paid upgrades. But we do not plan to discountinue free hosting, and I even believe it would be illegal to do so.

zerognowl9y ago

What's the catch?

brianjking9y ago

Their parent companies website is just as vague - https://every.international/. They were just founded on the 6th of September and the website purchased just about a month before that.

https://www.crunchbase.com/organization/every-llc#/entity

brianjking9y ago

Seconded.

MatoBoOP9y ago

Hello, What we want to prove is that in this industry, paid customer acquisition costs are so high, that it's better to save these by increasing your server costs. We offer free web hosting, which essentially gets promoted alone. We have higher server costs, true, but it's still worth it. We earn money through Google AdSense on our site and through paid upgrades we'll soon be offering.

2 more replies

webtechgal9y ago

I just registered, authenticated my email, logged in, and now I can't do anything.

My Services -> Place a new order

Could not load any product groups.

Open Ticket

No support departments found. Please try again later.

Wonder what gives.

evolve2k9y ago

Do you offer any email redirection/forwarding?

MatoBoOP9y ago

Yep, we do. You can set it up through cPanel :)

nsgi9y ago

The cPanel login should be HTTPS.

MatoBoOP9y ago

Hello, At OneSite, we use strict security measures to ensure that your information is always safe, and of course, we will never sell your information to third parties. Our servers are secure and the information you provide us through the whole https://onesite.co/ (including cPanel) is encrypted.

Our cPanel uses self-signed certificates. Self-signed certificates work exactly like a certificate purchased through an SSL Certificate Authority, except that they are NOT signed by a Certificate Authority. Instead they are signed by your server; hence the term “self-signed”.

At OneSite, your data is always safe

nsgi9y ago

Self-signed certificates are not secure as they are vulnerable to man-in-the-middle attacks.

https://security.stackexchange.com/questions/8110/what-are-t...

With free/cheap certificates widely available through e.g. Let's Encrypt and AWS Certificate Manager, there's absolutely no reason to use self-signed certificates.

The cPanel login page linked to in the footer isn't using any HTTPS, self-signed or otherwise. This means that anyone controlling the network can inject javascript to steal your users' passwords.

dustyfresh9y ago

Do you guys have a bug bounty?

MatoBoOP9y ago

No, but this has been the most helpful comment so far! Do you think we should implement it?

nsgi9y ago

Definitely.

2 more replies

rmarmorstein9y ago

you found a big with their site already? lol

j / k navigate · click thread line to collapse

24 comments

leepowers9y ago

One major issue I see with free: there's no implicit contract and thus no expectation of long service life. Which is a real biggie when it comes to hosting.

Even paying a nominal fee for hosting (see https://www.nearlyfreespeech.net) is better than paying nothing. Because the exchange of money creates the expectation of services rendered.

MatoBoOP9y ago

zerognowl9y ago

What's the catch?

brianjking9y ago

Their parent companies website is just as vague - https://every.international/. They were just founded on the 6th of September and the website purchased just about a month before that.

https://www.crunchbase.com/organization/every-llc#/entity

brianjking9y ago

Seconded.

MatoBoOP9y ago

2 more replies

webtechgal9y ago

I just registered, authenticated my email, logged in, and now I can't do anything.

My Services -> Place a new order

Could not load any product groups.

Open Ticket

No support departments found. Please try again later.

Wonder what gives.

evolve2k9y ago

Do you offer any email redirection/forwarding?

MatoBoOP9y ago

Yep, we do. You can set it up through cPanel :)

nsgi9y ago

The cPanel login should be HTTPS.

MatoBoOP9y ago

At OneSite, your data is always safe

nsgi9y ago

Self-signed certificates are not secure as they are vulnerable to man-in-the-middle attacks.

https://security.stackexchange.com/questions/8110/what-are-t...

With free/cheap certificates widely available through e.g. Let's Encrypt and AWS Certificate Manager, there's absolutely no reason to use self-signed certificates.

The cPanel login page linked to in the footer isn't using any HTTPS, self-signed or otherwise. This means that anyone controlling the network can inject javascript to steal your users' passwords.

dustyfresh9y ago

Do you guys have a bug bounty?

MatoBoOP9y ago

No, but this has been the most helpful comment so far! Do you think we should implement it?

nsgi9y ago

Definitely.

2 more replies

rmarmorstein9y ago

you found a big with their site already? lol

j / k navigate · click thread line to collapse