thoughts about robust server design
I developed a windows application for my server with c++ to host a website (streaming files) and have some API endpoints. The application is designed to be super efficient be responsive under any traffic load, including DDOS attacks. Of course i have firewall rules, Cloudflare proxy and some other protections like block access if someone do direct request by server IP. The server has 4 cores and 4GB RAM and it survived L7 attacks, even without cloudflare between with the peek load of 16%. So i thinking to move to 2 cores and 2GB RAM to minimize the cost as much as possible. My application use 1 thread for every open socket, i not limit how many threads can have open at the same time. I afraid in a case of a huge attack it may open too many threads at the same time and server goes down, at the other hand if limit threads to a specific number, server will still go down as it will start denying opening more threads. Which approach you think is better? Does it matter to limit active threads or will be useless?