Comments Page - Show HN: Hosting my website using my own C web server

« Back Show HN: Hosting my website using my own C web servergithub.comSubmitted by cozis 5 hours ago

danpalmer 22 minutes ago
> Show HN: Hosting my website using my own C web server
"But if you actually do this, WAT" – https://www.destroyallsoftware.com/talks/wat
As with much of HN, this is fun, a good thing to learn while making and reading about... but it likely needs the caveat that doing this is production isn't a good idea (although in this case the author does not appear to encourage production usage).
- x3haloed 3 minutes ago
  It’s a great way to get hacked
greenavocado an hour ago
Finally a website that doesn't crash when it shows up on the front page
- afavour 11 minutes ago
  Any site with a CDN in front of it can do that.
  Don’t get me wrong this is an awesome project but if you really care about this kind of thing in a production scenario and you’re serving mostly static content… just use a CDN. It’ll pretty much always outperform just about anything you write. It’s just boring.
- rubyn00bie 26 minutes ago
  Uhh… doesn’t the link go to GitHub? I’m a little confused by this comment. I mean the project is neat and cool. But I imagine most folks go to GitHub and don’t go to the link showing the webpage. Am I missing something?
cozis 5 hours ago
Hello everyone! This is a fun little project I started in my spare time and thought you'd appreciate :)
- yazzku 2 hours ago
  Appreciated indeed. I happened to want to mess around with the C11 concurrency API and write a server of sorts, mostly as a curiosity of how those constructs work out in C coming from C++.
litbear2022 14 minutes ago
You may be interested in this https://news.ycombinator.com/item?id=27431910
> As of 2024, the althttpd instance for sqlite.org answers more than 500,000 HTTP requests per day (about 5 or 6 per second) delivering about 200GB of content per day (about 18 megabits/second) on a $40/month Linode. The load average on this machine normally stays around 0.5. About 19% of the HTTP requests are CGI to various Fossil source-code repositories.
SPascareli13 an hour ago
Only 3.4k of C code for a full http and https server? I honestly thought you would need a lot more for it to be fully compliant with the spec.
- ironhaven an hour ago
  Http/1.1 is dead simple if you ignore most of the spec. If you only take get requests and set content-length on response you will be good for 99% of user agents. It’s not much more code to handle the transfer-encoding and byte-range headers. HTTPS is just http over a tls socket which is the level of abstraction you should have if you don’t roll your own crypto.
  It’s fun and not that bad really.
  AnotherGoodName 30 minutes ago
  Yeah I’ve done this for embedded devices. A website can be presented with nothing more than a raw socket and sending back a text string of http headers and html in a single text string when people connect to it.
  Hell if you’re really lazy you can forgo responding with the http headers and just socket.write(“hello world”) as the response and all the major browsers will render “hello world” to the user. Properly formatted http headers are just a text string extra and the html is just text. There’s not much to it.
xyst an hour ago
looks like it’s survived the HN front page hug. Congrats.
marcodiego 2 hours ago
How about embedding the contents of the HTML files so that no access to the filesystem is required?
That would make it not only faster but also safer.
- kevin_thibedeau an hour ago
  I recommend linking a romfs image into the program. It's a simple format and provides an easy way to manage a collection of resources.
chairmansteve 22 minutes ago
I did something similar in LabView once. There were reasons.....
system7rocks 2 hours ago
This is amazing. Seriously, more things should be custom-coded. Why not?
- bosch_mind an hour ago
  For fun, sure. Small mistake can be big security nightmare
  whiterknight an hour ago
  1000 lines are easier to secure than 5 million lines
  agentultra an hour ago
  “You can write software that has no obvious bugs or you can write software that obviously has no bugs.”
  I think that was ewd?
  mplewis 21 minutes ago
  Not if you’re the only author!
ezekielmudd 33 minutes ago
I love it!
It’s fast!
I have always wanted to try out something like this.
Good job!
TZubiri 2 hours ago
Nice. I've done this in the past. But I feel like attempting to make a file serving http server is like adding preservants and high fructose corn syrup to home made baked goods.
You have the opportunity to really make something custom and of high quality, hard code the paths of your files and avoid a whole class of vulnerabilities for example.
Configuration files? That makes sense when programmer and sysadmin are distinct, you can just modify variables and recompile.
- iveqy 38 minutes ago
  I think you'll like dwm and other suckless tools. They have configuration as code and require a recompile after a configuration change.
- jagged-chisel 2 hours ago
  Not sure if serious…
  heyoni an hour ago
  Not the only time it’s been brought up in this thread: https://news.ycombinator.com/item?id=41643198
  I’m waiting for someone to chime in and explain why that would be a bad idea cause I can’t think of it from a security perspective.
  its-summertime an hour ago
  Once at a certain level of complexity, e.g. having several hundred/thousand resources, then you start automating your hardcoded paths, and then you still can get bitten.
  vs just putting things in a subfolder of your repo or whatever and having the default handling not accept `..` path components