Posts tagged cdn

Update on the Anti-Spam Txt

In the never ending fight against spam, i decided to update my imageboard anti-spam list, but im also centralising it and caching it (cdn and stuff on our oito.eu mirror domain), so its easier and quicker to use and update, so now the spam list is here at spam.txt just copy it over to your own spam list or just use as an extension! Voilá bad-guys gone!

As a note, it mostly includes common bad hosts,spam sites,short url providers and overall nasty sites that have spammed one of our image boards on one time or another, also if you think your site is wrongfully added to our spam list, then just send us a mail on the contact page and if you are right, we will remove you at once!

Cloudflare Review Part 2

So a couple of months ago i did a test and review of Cloudflare, it was getting popular and i wanted to check it out, so why a second part? Well 2 reasons, first instead of using it for a week, now i’ve used it for a couple of months on a couple of my sites, so i have a better view of the service, second cause i still have a couple of gripes with Cloudflare but also some nice tips to share.

My Hits with Cloudflare!
So like i said i’ve been using Cloudflare for a while now and i would say, its still a hit and miss for me, but mostly a hit, even with hosting your DNS through Cloudflare (and therefore losing control of your DNS ), but to be honest, unless you are paying for the really good DNS hosting, Cloudflare’s DNS service is far superior, i know, cause i’ve used a lot of free and paid dns hosters and hosted my own and i checked it here, with just a couple of tweaks/added services their DNS could compete with the best.

Now in terms of site performance i would say its pretty spanky awesome, i’ve had sites that were literally hanging for dear life bashing the server and just by turning Cloudflare on, it not only relieved a lot of the stress on the server but also turned the site speed way up, that’s by far the best thing about it, how much performance and how easy their CDN/Proxying system is.


My Misses with Cloudflare

But there are still today a couple of gripes, the first and largest is with their security settings and their intermission publicity type of thing they do when they block a user, as far as feedback from my visitors, i would say 100% of my visitors freak out when they reach a site and they are greeted with the cloudflare “you might be infected”! its just a fact, they expect to see a site, it really doesn’t matter if they are infected, their network is bad or they have an unlucky ip, its just not standard web usage to go to a site and be greated with something else, it feels like a pop ad or intermission ad to force someone to do something, what sites like wiki-whatever.info/exclusive-experts.com (i made them up, but you know what kind of sites im talking about) do all the time while spamming Google, its a disaster in terms of usability and no type of customization will ever change my mind, people never expect a warning from a site, even Google disabled their “you might be infected” because people freaked out even if it was with the best of intentions.

There are also some misses with the “html,css,js…” optimizations, with external objects (javascript mostly), with search engines, 1 of my site was heavily penalized while switching to cloudflare (and yes turning it back after a week made it slowly return to normal, it was weird and it was reported to cloudflare staff), but 2 other saw a huge increase on traffic (I MEAN FREAKIN 400% more 300.000 users HUGE WAY!), probably due to getting faster, hehehe so again hit and miss.

What is the Cloudflare Structure?
Cloudflare seems to work a bit like this, they get datacenters on popular internet hubs around the world, popular in the sense that a lot of traffic goes through them, i would bet that altough they spend quite a bit on hardware, that they dont pay or pay very little for bandwith and do what most large providers do and have peering agreements, thats were the free cloudflare users come in, altough clouflare provides a free service they kinda need those users to have enough critical mass for these peering aggrements to be worthwhile for both parties, so altough we arent paying they need the free users, note that this isnt something evil, its awesome win-win for everyone.

The Economics of Cloudflare
How do they get paid! Humm i would say affiliates (through their detestable intermession security warning and through some of the plugins), and of course paid accounts, on this i wonder why they start the price at 20$, maybe they think most of their free users have only 1 site, and if they have more they only have to pay 5$ for each after that, well in my case at least for now its simply not economicaly viable to pay for clouflare pro, for 20$ a month you can buy yourself a whole lot of hosting, even with the added savings of a Pro account.

How do I use Cloudflare

  • Basic Security Level: Essentially Off (because the bonus of blocking potential bad users doesnt outweight the really horrible spammy intermission alert)
  • Caching Level: Aggressive
  • Minimim Expire TTL: 4hours (but adjust this to the update schedule of your site)
  • Auto Minify: JS=OFF CSS=ON HTML=ON (avoid the JS, until now it hasnt work in any of my sites and also makes Googles PageSpeed Apache Addon freakout)
  • Rocket Loader: OFF
  • Outbound Links: OFF
  • E-Mail Address Obfuscation: OFF
  • Server Side Exclude: OFF
  • Always Online: OFF (still a good feature, it only shows a bar on top saying that the site is currently offline, i just turn it off as a personal preference)
  • IP Geolocation: OFF
  • Browser Integrity Check: OFF
  • Hotlink Protection: OFF

Yeah i disable most of the features, dont get me wrong if you need it or its good for you, please turn it On, still the only feature i really cant live with is the Basic Security Level for the reasons i already ranted about hehehe, but hey, freaking thumbs up for Cloudflare its free and it works pretty damn good, my only real gripe is with the security warnings, i would prefer pure blocking than any kind of  warning, the more transparent and white-label the better and im really waiting for their announced new pricing scheme to see if i can get a few pro accounts for a couple of my sites, but even so Cloudflare isnt perfect, well damn if it isn’t pretty close.

Cloudflare Review – Should You Use It?

Since i run lots of sites, things like performance, security, caching, stats are part of the daily routine of running them and of course of extreme importance, whats the point of having a kick ass site if its slow or insecure, so a couple of months ago i heard of cloudflare, basically its a proxy/caching system, but by using this caching system they provide caching for your dns, for site files, as well as intrusion detection, stats and a series of other niceties, this happens mostly because every time anyone wants to visit a site that is using cloudflare it will pass through cloudflare servers before reaching the site.

At first it sounds like an awesome product, first of all the basic package is already extensive and free, but even the paid version seems to have even nicer features and at a very affordable price (it would be nicer if it was $5 each site, and not $20 the first and $5 the remaining), especially comparing to somewhat equivalent CDN and Security systems available online, also impressive is the control panel, very simple but with lots of features (comparing with something like google analytics, its way better at presenting a one page overview), so i decided to test cloudflare and see if it was a good fit for the S2R network.

The testing was done with 3 sites, that have different functions, frameworks, servers, performance and traffic, this way i could see how effective cloudflare is, i do this by doing a initial setup and testing and then having a couple of site monitoring services checking up on the site as well as me randomly visiting them and testing again.

So the simple site was a domain hosted, blogspot powered site, basic template and its mostly a placeholder site while it isnt developed, so low traffic (about 30 uniques a day), low content, quick site.

Following cloudflare instructions and setup, change the dns and waited for it to change, it took about 5minutes for dns to refresh and the site showed first a nginx error (nginx is a webserver software), then after 5minutes a cloudflare logo saying that the cache was being made and after a total of about 15minutes the site was running on cloudflare, first of all this initial caching sucked, first errors, then cloudflare logos, the caching should be done in the background, start in offline mode and then turn itself on when it can cache so users should always see the site, although not too long, this was far from a transparent change, the site remained on cloudflare for around 3 weeks,

after about 2 weeks i got a site down warning, when i visited the site i got a topbar from cloudflare saying that the site was in offline mode (one of cloudflare features), after about 2 minutes of refreshing the site went back to normal, i don’t think it was down at all, still what made me not so happy was putting cloudflare logo and links on that topbar.

Site 2 – The Heavy Duty but Simple Site

So the HDBSS is a domain hosted on a shared server that runs a simple image board software, it caches all the pages in html, so basically its html and pictures, still the site is popular and has higher traffic (about 3000 uniques a day), large but simple content, and because of all the images it is slower to load (altough we do use caching for a lot of things, but i turned them off during this trial).

Again the cloudflare setup, this time around i didnt see any cloudflare logos or problems and the site runned fine from what i could tell, however somethings didn’t work, connecting to the backend (running php) was no problem, but the forms wouldnt work, my only doubt was that probably the captchas or ips were not matching (because of the proxy nature of cloudflare) and therefore the form wouldnt work, the strange thing is that other people could post, so on one part i was having some complains and could see that it wasnt working but posts still kept coming, i did try some workarounds like disabling the form captchas, disabling other settings, but that didnt work so the trial on site 2 was cut short to one day and a half, so after the dns change was complete, the site returned to normal, so the likely culprit was indeed cloudflare, so FAIL!

Well not that complex, but its a domain hosted on a server that runs 2 copies of wordpress (long story), its somewhat popular (about 1000 uniques a day), its a ecommerce site, with large dynamic content, in this case i left wordpress caching (w3 caching) and installed the wordpress plugin from cloudflare.

Setup run smooth, but this time around when dns kicked in i only saw the ngix error, i went to cloudflare help and there said it might be my firewall, so i checked, no, but i put the exceptions anyways and contacted the server host for them to check (later i received that they didnt blocked anything as well as my firewall and that the ips from cloudflare connected correctly), i waited for 30 minutes and then reverted the changes, so again a FAIL!

Conclusion
Humm this didnt went at all like i expected, i didn’t do all of these at the same time, this was done randomly during about a 2 month period, so if there were problems on cloudflare side, then they were recurring, however there are 2 things that concern me regarding cloudflare,

First all the links and logos from them, anytime something is wrong they show their logo, i dont think that is userfriendly it should show the logo of the site in question or just a plain text warning from the site in question, showing cloudflare is confusing to any visitor, ohhh whats happening i thought i was going to vacationparadise.com, where is the site? what is this cloudflare??? is cloudflare there to catter to webmasters or to the general public? cause if i buy CDN from Akmai or Amazon they wont show their logo’s in my site, now would they.

Second it seems too forceful, its make it or break it, if it runs at first it probably will run fine, if it doesn’t, then it doesn’t at all, also their system is purely proxying, so you have to install plugins to make it work fine and for example report links, its too easy to break your site, that risk just for some caching and some security is not a good tradeoff, better to optimize and use caching.

So my opinion of cloudflare is that its actually a pretty impressive product, especially their site, the features and customization even on a free product, but their caching seems limited, i didn’t see any real performance boosts from my tests (even though their panel says its like twice as fast, real life tests from multiple sources didn’t show me that, its more like a few ms and i think mostly cause i don’t use gzip and cloudflare uses it) as well as all the links and logos to cloudflare are ridiculous in my view, from the offline mode and from the initial cache, and probably for the “question pages” as well, even tough i didn’t get any, but i did have one my visitors complaint that the site was blocking him from visiting because he had javascript turned off (probably noscript or something), so that’s a bit worrisome as well, i would say the service has good promise but for now it shouldn’t be used by anyone that runs more than a hobbist site.

Update: I’ve done another updated review of cloudflare! check it out!

Faster Faster! FASTER!

Yep, been doing a lot of improvements, mostly speed and optimisation, almost every site was improved, stuff like css compression and image optimisation, also i’ve created a cnd/mirror system to help improve speed of mostly used stuff (layouts and stuff), so you will probably see an increased speed on most sites ^-^ <br />
<br />
on other news, been working on a couple of new projects as well as major reconstruction of tentakle and minor improvements on smutish … ahhh think thats all