Strategic Decision

Self-hosted or web-hosted?

A direct answer to the operator's real question: which model wins, what the hybrid looks like, and why the friction you fear is the same thing protecting your margins.

Head-to-head

Two models, one clear winner -- with a nuance

Six dimensions decide the outcome. Walk each one and the answer becomes obvious before you reach the recommendation.

Self-hosted (today)
Electron desktop app. Runs on the user's machine, using their IP and their Facebook login.
Operator infra cost
~$0/mo
Zero. No servers, no proxies, no compute. GitHub hosts the installer for free. The user's machine is the runtime.
Facebook ban risk
Low
Runs on the user's real residential IP with their real, aged Facebook session. This is indistinguishable from a human using a browser at home.
Credential custody
None
The user holds their own Facebook cookies on their own machine. The operator never touches them. Zero liability.
Onboarding friction
High
Install the app, supply your own proxy, log in to Facebook. Hard enough that casual users churn before they see value.
Defensibility
Strong moat
The complexity is the barrier. Competitors cannot undercut you by $5/mo because the real cost they would face (residential proxies + ban management + cookie custody) erases their margin.
Margin per user
Near 100% of Whop revenue. No variable compute or proxy cost to subtract. Every incremental subscriber is nearly pure margin.
Web-hosted (hypothetical)
Cloud backend runs the snipers for every user. Users just log in to a dashboard.
Operator infra cost
$30-200+/user/mo
Compute per headless Chromium (0.5-1 GB RAM each), plus residential proxy pools at $50-200+/mo per user who runs Facebook snipers at meaningful concurrency.
Facebook ban risk
High
Datacenter IPs get Facebook-blocked aggressively. You need residential proxies per user, and even then Facebook can checkpoint or 2FA the session without warning.
Credential custody
Severe liability
You must store each user's Facebook session cookies server-side. This likely violates Facebook's Terms of Service. A breach exposes your users' Facebook accounts. You own that liability.
Onboarding friction
Low
Log in, enter watchlist, done. No install, no proxy configuration. The easiest possible user experience -- but see the cost column.
Defensibility
Weak
Any well-funded competitor can clone the experience. Winning becomes a margin war you will lose because your variable cost per user is high.
Margin per user
Potentially negative if a user runs the Facebook snipers heavily. Residential proxy costs alone can exceed a reasonable SaaS subscription price.
Dimension Self-hosted Web-hosted Winner
Operator cost / user
What you pay for each active subscriber
 ~$0 $30-200+/mo Self
Facebook ban rate
How often Facebook blocks or checkpoints
 Low (real IP + real session) High (datacenter IP) Self
Legal / credential exposure
Who holds user FB sessions and what happens on breach
 None (user holds own data) Operator holds credentials -- ToS violation + breach liability Self
Onboarding ease
Time from payment to first snipe
 Hard (install + proxy + FB login) Easy (web dashboard) Web (1 dimension)
Competitive moat
How hard is this to clone profitably?
 Strong (complexity + cost protection) Weak (pure race to the bottom) Self
Scale economics
What happens to unit economics as user count grows?
 Margin improves (fixed ~$0 cost) Margin degrades (variable cost scales with users) Self
The key insight

The friction you fear is the business

Hard onboarding is a feature, not a bug

You've described the problem as: hard to get started, no in-app proxies, steep learning curve. That framing treats onboarding friction as a product failure to fix. It is not. It is the exact mechanism that makes this business defensible and nearly free to operate.

Here is the actual causal chain: the Facebook Marketplace snipers (your most valuable monitors) require headless Chromium, a logged-in Facebook session, and a residential or mobile IP. The only way to provide those in a web-hosted model is to put the Chromium instance on your server, route it through a residential proxy pool you pay for, and store the user's Facebook cookies somewhere you control. That chain costs you $50-200 per active user per month in proxy fees alone -- before compute. At any subscription price a market will bear, you are underwater.

The self-hosted model sidesteps this entirely. The user's machine IS the Chromium runtime. Their home connection IS the residential IP. Their own Facebook login IS the authenticated session. You pay exactly nothing for any of it, and the ban rate is the lowest possible because Facebook cannot distinguish the scraper from a human sitting at that computer.

Every competitor who looks at this product and thinks "I could build a web version of this" will eventually run the same math and either price themselves out of the market or lose money on every user who runs Facebook snipers hard. Your moat is not technology. It is the cost structure the self-hosted model enables.

Verdict

The recommendation

Recommended hybrid
Keep Facebook self-hosted. Add a cloud "lite" tier for the cheap monitors.

Do not fully web-host this product. Do not move the Facebook or Mercari snipers to the cloud. The self-hosted Electron app is not a liability to fix -- it is the cost structure that makes this business viable at your scale. The one thing you should change is adding an optional cloud tier that covers only the request-based monitors (Wallapop, Vinted, OfferUp) as a paid upsell: "keep sniping when your laptop is closed." Those monitors are cheap to run, carry no Facebook credential risk, and give users a reason to upgrade without exposing you to the economics that make full web-hosting unworkable.

🔒
Keep self-hosted
Facebook Cars, Facebook Electronics, Mercari. All Puppeteer-based. Zero operator cost, real residential IPs, no credential custody. Touch nothing.
☁️
Add cloud lite tier
Wallapop, Vinted (catalog polling), OfferUp. Pure HTTP requests. A single small VPS handles dozens of users. Add as a paid upsell -- always-on sniping, no laptop required.
🚫
Never cloud-host FB
Storing user Facebook session cookies server-side likely violates Facebook ToS and creates a breach liability. The math also does not work: residential proxies at scale erase your margin.
$0
Operator cost per Facebook sniper user per month (self-hosted)
$50-200+
Estimated proxy cost per Facebook sniper user per month (web-hosted)
$5-12
VPS cost per month (handles dozens of lite-tier HTTP monitor users)
~100%
Gross margin on Facebook sniper users in self-hosted model
The upside move

What the lite cloud tier looks like

A cloud tier that only touches request-based monitors is both safe and cheap. Here is exactly what is in scope and what is permanently off-limits.

Hosted lite tier: always-on sniping, no laptop required

In scope (request-based, cheap, no FB custody):

Wallapop -- REST API, axios.get, no browser Vinted -- catalog polling, axios.get, token refreshed occasionally OfferUp -- impit.fetch (TLS-fingerprint), no browser

These three monitors are plain HTTP requests against public (or semi-public) APIs. They can run on any VPS or even serverless cron. A single Hetzner CX22 at ~5 EUR per month handles dozens of concurrent users polling every 30-60 seconds. No residential proxy required. No Facebook session.

Permanently out of scope (never host these in the cloud):

Facebook Cars -- Puppeteer + FB session + residential IP Facebook Electronics -- Puppeteer + FB session + residential IP Mercari -- Puppeteer + stealth + datacenter ban risk

Adding even one Facebook Puppeteer user to a cloud host immediately introduces FB session storage, proxy cost, ban management, and ToS exposure. The lite tier must be architecturally partitioned: a separate service with no FB credentials, no Puppeteer, and no residential proxy dependency. If a user wants Facebook sniping, that stays on their desktop app.

Counterarguments addressed

The case for web-hosting -- and why it falls apart

The honest objections, answered directly

There is one real argument for full web-hosting: lower onboarding friction means less churn. Here is why the math does not support acting on it for the Facebook snipers.

Objection

Hard onboarding causes churn. If users had to do nothing except log in to a web dashboard, conversion and retention would be higher. Every proxy-configuration dropout is lost revenue.

Answer

The users who churn on hard onboarding are the same users who will churn when they get banned or when Facebook checkpoints their session. The ones who get through setup are self-selected to be serious, technically capable users who will stick around. Churn from friction is real but it filters for the cohort that stays. The per-user economics on that cohort are excellent.

Objection

What about using cheap datacenter proxies for the cloud Facebook snipers? Could that keep costs low enough to make the math work?

Answer

No. Facebook blocks datacenter IPs at the network level. The Puppeteer stealth plugin mitigates fingerprinting but cannot change the IP reputation of an AWS or GCP address range. You end up in a cat-and-mouse loop: buy residential proxies, get banned, rotate, repeat -- and those rotations are billed per GB by every reputable residential proxy provider. At $3-8 per GB, a user running Facebook Marketplace snipes for several hours per day easily hits $50-200 per month in proxy fees before you count compute.

Objection

Could you bundle proxies as part of the subscription and negotiate volume rates to control that cost?

Answer

Volume rates help at scale but the business is not there yet. Even at scale, you are now a proxy reseller and a Facebook session custodian -- two new operational concerns neither of which is your core product. You are also now directly in Facebook's sights as a commercial scraping operation. The ToS risk (and potential legal exposure if a credential breach occurs) is not offset by a volume proxy discount.

⚠️

Facebook credential custody is a serious liability, not a product detail

Facebook's Terms of Service prohibit automated access and the storage of user credentials by third parties. A web-hosted model where the operator holds user session cookies is a violation of these terms and creates a credible risk of account suspension for the operator's platform, not just individual users. More critically, if that credential store is ever breached, the operator is holding the keys to every user's Facebook account. This is a potential data-protection liability that is entirely avoided by the self-hosted model: the user's cookies never leave their machine.

Bottom line

What to do next

Do nothing to the desktop app's Facebook snipers. They are working correctly and the model is sound. What you can do is reduce the friction perception by shipping better in-app onboarding docs and a proxy-verification step that tells users immediately whether their proxy is working.

Evaluate the lite cloud tier as a paid upsell. A small VPS (Hetzner CX22 or equivalent, ~$5-12 per month) running Wallapop, Vinted, and OfferUp polling for subscribers who pay a premium tier is a low-risk way to reduce churn from users who cannot keep their laptop on. It does not require proxies, does not touch Facebook credentials, and the cost per user is cents, not dollars.

Never move the Facebook snipers to a cloud backend. The credential custody risk alone is disqualifying, and the economics do not work at any scale you would reasonably reach in the next two years.

Cost figures are 2026 reference estimates based on publicly available pricing from Hetzner, DigitalOcean, and major residential proxy providers. Actual costs will vary by concurrency, polling frequency, and proxy usage patterns.