If your data is metered, is a good idea for peace of mind. Otherwise you risk someone dosing you and getting a large bill. That applies to both static or dynamic content.
Could you explain how that would work? I thought DOS generally worked by overloading a host with mostly invalid incoming packets.
Are DOS attacks that cause lots of outgoing bandwidth common? And wouldn't launching such a DOS attack be somewhat expensive in the first place?
Also, I don't think any of the hosting companies I use have metered bandwidth. I assume that if I used excessive bandwidth I'd just end up saturating the network, but for a blog with mostly text and a few images that shouldn't be an issue.
As example: The comment above explicitly mentioned using GCP. GCPs "free" tier includes a whopping 1 GB of free traffic each month, everything over that is individually billed. (Arguably the correct answer is "don't use cloud hosts for such things, their bandwidth is stupidly overpriced for this use case", not "use a CDN to mitigate that")
It's perfectly normal for legitimate traffic to accidently DDoS you if you have low specs (or a huge unwieldy site) and get a link somewhere popular like HN.
I run a blog on a small cloud VM. If it made front page of HN all those visitors would DDoS my site "by accident" in no time.
Don't forget, accessing a website the normal way is outbound bandwidth.
Incidentally, I like to use my blog to explain topics that aren't widely understood outside of tech people or domain specific experience.
Maybe I should be a bit more active and explain things like this?
