How do you define scaling if a manual process controlled by another party is involved? Besides that, what do you think that Hetzner does not provide a 2 factor authentication? As Hetzner doesn't use HSTS on their client/api interface, it's quite easy to run ssl downgrade attacks, sniff your credentials and format all your servers, delete all your backups.
I think you're confusing elasticity with scalability. Just because you can't spin up instances within seconds doesn't mean you can't run at scale on traditional hosting providers.
Still, I do believe that's the direction the industry will move towards. OVH, for example, is already pushing pretty hard in that market, and their business model was pretty similar to the providers you mentioned not so long ago. It's probably just a matter of time.
We don't have sudden huge traffic spikes and so we don't need automatic scaling. We maintain a few extra serves for redundancy and small traffic spikes. When business grows and we notice that current servers isn't enough we simply order a new ones.
> what do you think that Hetzner does not provide a 2 factor authentication
It's ok for me. Easy solution is to run VPN on hetzner server and access Robot (their control panel) only inside their own network.
While they should implement HSTS, it's not really a problem for informed users; one can get the same protection by installing HTTPS Everywhere, which includes a rule for Hetzner.
