Kitz ADSL Broadband Information
adsl spacer  
Support this site
Home Broadband ISPs Tech Routers Wiki Forum
 
     
   Compare ISP   Rate your ISP
 
Please login or register.

Login with username, password and session length
Advanced search  

News:

Pages: 1 [2]

Author Topic: HTTPS By Default  (Read 1316 times)

celso

  • Just arrived
  • *
  • Posts: 8
Re: HTTPS By Default
« Reply #15 on: November 07, 2017, 04:48:01 PM »

Cloudflare doesn't cache html content by default (it always fetches pages from origin), so unless you want CF to cache pages, the 20 page rules included on the Pro plan should be enough to force them to cache images/js/css/etc and enable security features for important areas of the site (eg: admin). And as @nallar said, it's possible to keep the existing headers.

I've used ~80TB/month on a Pro plan for a few months before they contacted me to upgrade... so yeah, this plan should be enough. Anyway, does a website like Kitz, where costs are an issue and users come from the same place were the server is hosted, needs a CDN?

Many websites use Cloudflare because they offer a "flexible ssl" option were the connection between the user and CF is encrypted, but between CF and the origin server is not. It's easier for the website owner, but this creates a false illusion of security... and sometimes funny things happen. Not 100% sure, but TBB seems to be doing this.
Logged

kitz

  • Administrator
  • Senior Kitizen
  • *
  • Posts: 30620
  • Trinity: Most guys do.
    • http://www.kitz.co.uk
Re: HTTPS By Default
« Reply #16 on: November 07, 2017, 06:39:42 PM »

Whilst I do appreciate suggestions, sorry this is a no.   
I did spend quite a bit of time looking into it a while back when Chrys mentioned it.   Whilst I appreciate that cloudflare may work very well on WP type sites, I don't feel that it would be of much benefit here.  It's not just one thing - there are several reasons why.

Quote
Not 100% sure, but TBB seems to be doing this.
I'd doubt it.  Seb owns NetConnex.   They're right in Telehouse.   
If you're based in the UK right at the co-lo and your target audience is UK based then that negates one of the reasons for using a CDN.
He has no need to worry about bandwidth or servers..  he owns a shedload of them.

I deliberately chose UK hosting for the same reason.  If you're using shared hosting abroad then CF is probably brilliant. 

You can usually spot sites straight away who use CF.   Reddit does.  Teamspeak is another that Ive seen it on.   Note how slow it is the first time you visit and sometimes you even see weird messages about checking if youre a bot.   First time I saw it I wondered wth was going on which is how I know reddit uses it.

Logged
Please do not PM me with queries for broadband help as I may not be able to respond.
-----
How to get your router line stats :: ADSL Exchange Checker

celso

  • Just arrived
  • *
  • Posts: 8
Re: HTTPS By Default
« Reply #17 on: November 07, 2017, 07:38:09 PM »

I agree, a CDN is not needed in this case.

TBB uses Cloudflare on their main website, but not on the forums/other subdomains. I think they are using Cloudflare's flexible ssl because their speedtest page was, until a few days ago, available only via http while the other pages were using https. This suggests that the backend (cf <-> server) is (was?) not secure. I only mentioned this because we teach people to trust the green padlock, but even with https we don't know if the connection is really secure...

(btw, reddit and imgur moved from Cloudflare to Fastly 1-2 years ago)
Logged
Pages: 1 [2]