scaling up : Forums : PythonAnywhere

scaling up

Dear All

[sorry for the basic questions btw]

Could someone confirm that pythonanywhere is suitable as a production server (I think that's the phrase) as in is it just for development or is it suitable for public use.

I am just about to finish a project which once running could have hundreds/thousands of simultaneous requests on each route, and could also have the same number of sftp connections (download only).

Could someone point out any obvious potential problems with the above, if indeed there are any/

Kind regards and thanks

Paul

giffsmith1000 | 18 posts | Oct. 4, 2022, 9:17 a.m. | permalink

We have a help page on how to determine how many hits a site can handle: https://help.pythonanywhere.com/pages/HowManyHitsCanMySiteHandle/

As for sftp connections - unless you're giving all of your users your credentials (which we strongly advise against), that will not be possible.

glenn | 9498 posts | PythonAnywhere staff | Oct. 4, 2022, 5:02 p.m. | permalink

Hi Glen

Thanks v much.

Sftp wise, I have a smart phone app that would use sftp to download files periodically from PA.

The usets would not have access to the credentials, but there could be quite a few simultaneous connections.

If this is not possible, what would you recommend ?

Kind regards

Paiul

giffsmith1000 | 18 posts | Oct. 5, 2022, 5:17 a.m. | permalink

If you've embedded the credentials in the app, then anyone with a little knowledge will be able to extract them from the code and then they will have complete access to your account. We strongly advise you not to do this and we will not provide support on how to do it.

If your users need to download stuff, serve it through a web app and use http on the client to retrieve it.

glenn | 9498 posts | PythonAnywhere staff | Oct. 5, 2022, 11:36 a.m. | permalink

Hi Glen

Thanks v mich for your reply, if that's the case I definitely wont do that, but just to clarify:

When I say app, it will be used on node red.

This will installed on individual raspberry pi's

The editor will be password protected

There will be no direct internet access (3g NAT)

The flows are encrypted

The hard drive will be encrypted using a zymkey (https://www.zymbit.com/zymkey/)

Could you tell me if this makes any difference to your opinion?

Kind regards

Paul

giffsmith1000 | 18 posts | Oct. 5, 2022, 1:47 p.m. | permalink

Hello again,

Thinking about what you said, I can see the unnecessary risk now, if anyone does get the login credentials they have access to the entire server, not just the folders relating to the original sftp request

Out of interest is there anyway to restrict sftp access to certain folders?

I would still be interested to hear your opinion, but I will definitely now use PA to serve the files.

Many thanks and apologies for the noob questions

Paul

giffsmith1000 | 18 posts | Oct. 5, 2022, 2:33 p.m. | permalink

No, it is not possible to restrict the access to certain folders.

glenn | 9498 posts | PythonAnywhere staff | Oct. 5, 2022, 5:47 p.m. | permalink