you are right, my bad. render publishes fixed CIDR ranges per region, you can get them from the dashboard and allowlist those in atlas instead of 0.0.0.0/0. updating the readme
posting to every community at once was dumb, yeah
i did read it — popup fix is in now. removed allow-popups from the iframe sandbox so embeds cant open new tabs. worth retrying if you want
popups came from the embed iframes, not the site itself. removed allow-popups from the sandbox so they cant do that anymore
yeah same answer as the other comment — render free tier has no static IPs so you cant restrict by IP at all. strong credentials are the actual protection, not IP allowlisting
fair point. render free tier has no static IPs so you literally cant restrict by IP, its 0.0.0.0/0 or pick a different host. but yeah the README made it sound like a feature rather than a tradeoff, updated it to be clearer that strong credentials + TLS are what actually protect you here
spamming too many communities was a mistake, wont do that again
believe what you want
ELI6 Movies is a free streaming site I built — vanilla JS frontend, Node.js/Express backend, MongoDB.
Runs entirely on free tiers (Vercel + Render + Atlas M0). Zero cost to deploy yourself.
Features: episode notifications, smart server failover, watchlist, i18n (EN/IT/RU), mobile-first.
ELI6 Movies — free streaming site for movies, TV shows and anime.
No ads, no subscription, no sign-up required. Just click and watch.
Built ELI6 Movies — includes a full anime section, completely free. No subscription, no ads, no account needed to watch.
Dubbed and subbed available. Stream directly in your browser.
Built ELI6 Movies as a side project to push how far a free-tier stack can go.
Tech:
Interesting bits:
Happy to answer questions about the architecture.
you are right, my bad. render publishes fixed CIDR ranges per region, you can get them from the dashboard and allowlist those in atlas instead of 0.0.0.0/0. updating the readme