Learn about Centmin Mod LEMP Stack today
Register Now

centminmod.com DNS update feedbackup

Discussion in 'Forum Feedback & Suggestions' started by eva2000, May 13, 2018.

  1. eva2000

    eva2000 Administrator Staff Member

    37,227
    8,133
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,521
    Local Time:
    4:56 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
  2. JoeDer

    JoeDer New Member

    27
    8
    3
    Feb 22, 2015
    Ratings:
    +21
    Local Time:
    8:56 AM
    Nginx 1.13.x
    MariaDB 10.1.x
    I saw that SSL certificate error but It was for less than a minute before this thread, also, in the morning (my local time now is 19:20) I had that sucuri web error page.
     
    • Informative Informative x 1
  3. eva2000

    eva2000 Administrator Staff Member

    37,227
    8,133
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,521
    Local Time:
    4:56 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    Yeah it's a delicate switch over from AWS Route53 DNS + Sucuri Cloudproxy WAF to Cloudflare DNS + Cloudflare CDN/proxy + Sucuri Cloudproxy WAF combination complicated by local visitor's ISP and web browser DNS caching :D
     
    • Like Like x 1
  4. rdan

    rdan Premium Member Premium Member

    4,417
    1,059
    113
    May 25, 2014
    Ratings:
    +1,542
    Local Time:
    2:56 PM
    Mainline
    10.2
    So you are on Pro plan and having the $5 per month custom cert?
     
  5. eva2000

    eva2000 Administrator Staff Member

    37,227
    8,133
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,521
    Local Time:
    4:56 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    Right now using Cloudflare free plan with $5/month cert and $5/month for additional 5 page rules and testing that with Sucuri Cloudproxy WAF sandwiched between Cloudflare and origin server. Then for next few weeks evaluating if I should just do away with Sucuri and go for Cloudflare Pro plan as they cost about the same per month. But will ultimately save alot of $$$ from moving off AWS Route53 DNS :)
     
    • Like Like x 2
  6. rdan

    rdan Premium Member Premium Member

    4,417
    1,059
    113
    May 25, 2014
    Ratings:
    +1,542
    Local Time:
    2:56 PM
    Mainline
    10.2
    And it's slow behind Sucuri :D.

    Rate Limiting and Argo (with PRO plan) are very great features but very expensive.
     
  7. eva2000

    eva2000 Administrator Staff Member

    37,227
    8,133
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,521
    Local Time:
    4:56 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    Yeah those cloudflare features are too expensive given current Premium Membership uptake, out of my budget heh

    Yeah evaluating the configurations right now :)
     
    • Like Like x 1
  8. bassie

    bassie Well-Known Member

    1,025
    246
    63
    Apr 29, 2016
    Ratings:
    +726
    Local Time:
    7:56 AM
    Why do you use the pro now? (purely out of interest?) Giving the fact it is out of your budget, only yesterday. centminmod.com DNS update
     
  9. eva2000

    eva2000 Administrator Staff Member

    37,227
    8,133
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,521
    Local Time:
    4:56 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    Well cancelled my Sucuri WAF paid subscription which is ~US$22/month after GST 10% tax and opted for Cloudflare Pro at US$20/month - so essentially saved $2/month for faster speed :D

    Also for the simplest of reasons - visitor browser cache level control ! Sucuri doesn't me give browser level cache control for static file assets. I honestly overlooked this in the past !

    From Sucuri support
    Example for curl header and cache-control/expires header checks for css file on Cloudflare, Sucuri and backend Centmin Mod Nginx origin. Origin is set for ~30 days expires but Sucuri adds 19 yrs to expires and 10 years to cache control header and that throws Cloudflare cache-control off as it takes the value from Sucuri origin in current setup.
    Code (Text):
    curl -sI -H Accept-Encoding: gzip,br https://community.centminmod.com/styles/xenbase/font-awesome/css/font-awesome.min.css
    Content-Encoding: gzip
    Expires: Thu, 11 May 2028 18:49:49 GMT
    Cache-Control: public, max-age=315360000
    Server: cloudflare
    
    curl -sI -H Accept-Encoding: gzip,br --resolve 'community.centminmod.com:443:SUCURI_IP' https://community.centminmod.com/styles/xenbase/font-awesome/css/font-awesome.min.css
    Server: Sucuri/Cloudproxy
    Content-Encoding: br
    Expires: Thu, 31 Dec 2037 23:55:55 GMT
    Cache-Control: max-age=315360000
    
    curl -sI -H Accept-Encoding: gzip,br --resolve 'community.centminmod.com:443:ORIGIN_IP' https://community.centminmod.com/styles/xenbase/font-awesome/css/font-awesome.min.css
    Content-Encoding: br
    Server: nginx centminmod
    Expires: Wed, 13 Jun 2018 18:49:50 GMT
    Cache-Control: max-age=2592000
    Cache-Control: public, max-age=2592000
    


    Now with Cloudflare only without Sucuri proper cache-control is set
    Code (Text):
    curl -sI -H Accept-Encoding: gzip,br https://community.centminmod.com/styles/xenbase/font-awesome/css/font-awesome.min.css | egrep -i 'curl|^content-encoding|^expires|^cache|server'
    Expires: Thu, 14 Jun 2018 00:20:06 GMT
    Cache-Control: public, max-age=2592000
    Server: cloudflare
     
    • Like Like x 1
  10. Shmee

    Shmee New Member

    15
    2
    3
    Aug 27, 2014
    Space
    Ratings:
    +3
    Local Time:
    4:56 PM
    Code:
    sys     0m0.143s
    Download pcre-8.42.tar.gz ...
    --2018-05-15 15:41:16--  https://centminmodparts.centminmod.com/pcre/pcre-8.42.tar.gz
    Resolving centminmodparts.centminmod.com... 104.25.163.115, 104.25.164.115
    Connecting to centminmodparts.centminmod.com|104.25.163.115|:443... connected.
    HTTP request sent, awaiting response... 403 Forbidden
    2018-05-15 15:41:17 ERROR 403: Forbidden.
    
    Error: pcre-8.42.tar.gz download failed.

    Visit in my browser
    https://i.imgur.com/YS2Wwm7.png
     
    • Informative Informative x 1
  11. eva2000

    eva2000 Administrator Staff Member

    37,227
    8,133
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,521
    Local Time:
    4:56 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
  12. eva2000

    eva2000 Administrator Staff Member

    37,227
    8,133
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,521
    Local Time:
    4:56 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    @Shmee problem should be fixed in latest 123.09beta01 now :)

    Upcloud 2 cpu VPS install test on CentOS 7.5 64bit
    Code (Text):
    ---------------------------------------------------------------------------
    Total Curl Installer YUM or DNF Time: 145.0002 seconds
    Total YUM Time: 14.264046709 seconds
    Total YUM or DNF + Source Download Time: 42.4776
    Total Nginx First Time Install Time: 233.6441
    Total PHP First Time Install Time: 209.4609
    Download Zip From Github Time: 3.9991
    Total Time Other eg. source compiles: 274.1485
    Total Centmin Mod Install Time: 759.7310
    ---------------------------------------------------------------------------
    Total Install Time (curl yum + cm install + zip download): 908.7303 seconds
    ---------------------------------------------------------------------------
    2 Intel(R) Xeon(R) CPU E5-2687W v4 @ 3.00GHz
    2 2999.998
    ---------------------------------------------------------------------------
    
     
..