Announcements > Site & Forum Discussion

HTTPS By Default

<< < (4/4)

celso:
Cloudflare doesn't cache html content by default (it always fetches pages from origin), so unless you want CF to cache pages, the 20 page rules included on the Pro plan should be enough to force them to cache images/js/css/etc and enable security features for important areas of the site (eg: admin). And as @nallar said, it's possible to keep the existing headers.

I've used ~80TB/month on a Pro plan for a few months before they contacted me to upgrade... so yeah, this plan should be enough. Anyway, does a website like Kitz, where costs are an issue and users come from the same place were the server is hosted, needs a CDN?

Many websites use Cloudflare because they offer a "flexible ssl" option were the connection between the user and CF is encrypted, but between CF and the origin server is not. It's easier for the website owner, but this creates a false illusion of security... and sometimes funny things happen. Not 100% sure, but TBB seems to be doing this.

kitz:
Whilst I do appreciate suggestions, sorry this is a no.   
I did spend quite a bit of time looking into it a while back when Chrys mentioned it.   Whilst I appreciate that cloudflare may work very well on WP type sites, I don't feel that it would be of much benefit here.  It's not just one thing - there are several reasons why.


--- Quote ---Not 100% sure, but TBB seems to be doing this.
--- End quote ---
I'd doubt it.  Seb owns NetConnex.   They're right in Telehouse.   
If you're based in the UK right at the co-lo and your target audience is UK based then that negates one of the reasons for using a CDN.
He has no need to worry about bandwidth or servers..  he owns a shedload of them.

I deliberately chose UK hosting for the same reason.  If you're using shared hosting abroad then CF is probably brilliant. 

You can usually spot sites straight away who use CF.   Reddit does.  Teamspeak is another that Ive seen it on.   Note how slow it is the first time you visit and sometimes you even see weird messages about checking if youre a bot.   First time I saw it I wondered wth was going on which is how I know reddit uses it.

celso:
I agree, a CDN is not needed in this case.

TBB
--- End quote ---

uses Cloudflare on their main website, but not on the forums/other subdomains. I think they are using Cloudflare's flexible ssl because their speedtest page was, until a few days ago, available only via http while the other pages were using https. This suggests that the backend (cf <-> server) is (was?) not secure. I only mentioned this because we teach people to trust the green padlock, but even with https we don't know if the connection is really secure...

(btw, reddit and imgur moved from Cloudflare to Fastly 1-2 years ago)

Navigation

[0] Message Index

[*] Previous page

Go to full version