Feedback thread for centminmod.com DNS update
I saw that SSL certificate error but It was for less than a minute before this thread, also, in the morning (my local time now is 19:20) I had that sucuri web error page.
Yeah it's a delicate switch over from AWS Route53 DNS + Sucuri Cloudproxy WAF to Cloudflare DNS + Cloudflare CDN/proxy + Sucuri Cloudproxy WAF combination complicated by local visitor's ISP and web browser DNS caching
Right now using Cloudflare free plan with $5/month cert and $5/month for additional 5 page rules and testing that with Sucuri Cloudproxy WAF sandwiched between Cloudflare and origin server. Then for next few weeks evaluating if I should just do away with Sucuri and go for Cloudflare Pro plan as they cost about the same per month. But will ultimately save alot of $$$ from moving off AWS Route53 DNS
And it's slow behind Sucuri . Rate Limiting and Argo (with PRO plan) are very great features but very expensive.
Yeah those cloudflare features are too expensive given current Premium Membership uptake, out of my budget heh Yeah evaluating the configurations right now
Why do you use the pro now? (purely out of interest?) Giving the fact it is out of your budget, only yesterday. centminmod.com DNS update
Well cancelled my Sucuri WAF paid subscription which is ~US$22/month after GST 10% tax and opted for Cloudflare Pro at US$20/month - so essentially saved $2/month for faster speed Also for the simplest of reasons - visitor browser cache level control ! Sucuri doesn't me give browser level cache control for static file assets. I honestly overlooked this in the past ! From Sucuri support Example for curl header and cache-control/expires header checks for css file on Cloudflare, Sucuri and backend Centmin Mod Nginx origin. Origin is set for ~30 days expires but Sucuri adds 19 yrs to expires and 10 years to cache control header and that throws Cloudflare cache-control off as it takes the value from Sucuri origin in current setup. Code (Text): curl -sI -H Accept-Encoding: gzip,br https://community.centminmod.com/styles/xenbase/font-awesome/css/font-awesome.min.css Content-Encoding: gzip Expires: Thu, 11 May 2028 18:49:49 GMT Cache-Control: public, max-age=315360000 Server: cloudflare curl -sI -H Accept-Encoding: gzip,br --resolve 'community.centminmod.com:443:SUCURI_IP' https://community.centminmod.com/styles/xenbase/font-awesome/css/font-awesome.min.css Server: Sucuri/Cloudproxy Content-Encoding: br Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 curl -sI -H Accept-Encoding: gzip,br --resolve 'community.centminmod.com:443:ORIGIN_IP' https://community.centminmod.com/styles/xenbase/font-awesome/css/font-awesome.min.css Content-Encoding: br Server: nginx centminmod Expires: Wed, 13 Jun 2018 18:49:50 GMT Cache-Control: max-age=2592000 Cache-Control: public, max-age=2592000 Now with Cloudflare only without Sucuri proper cache-control is set Code (Text): curl -sI -H Accept-Encoding: gzip,br https://community.centminmod.com/styles/xenbase/font-awesome/css/font-awesome.min.css | egrep -i 'curl|^content-encoding|^expires|^cache|server' Expires: Thu, 14 Jun 2018 00:20:06 GMT Cache-Control: public, max-age=2592000 Server: cloudflare
Code: sys 0m0.143s Download pcre-8.42.tar.gz ... --2018-05-15 15:41:16-- https://centminmodparts.centminmod.com/pcre/pcre-8.42.tar.gz Resolving centminmodparts.centminmod.com... 104.25.163.115, 104.25.164.115 Connecting to centminmodparts.centminmod.com|104.25.163.115|:443... connected. HTTP request sent, awaiting response... 403 Forbidden 2018-05-15 15:41:17 ERROR 403: Forbidden. Error: pcre-8.42.tar.gz download failed. Visit in my browser https://i.imgur.com/YS2Wwm7.png
Thanks hit that one too centminmod.com DNS update so reverting this change Beta Branch - move local mirror downloads to own subdomain in 123.09beta01. Seems Cloudflare doesn't like Centmin Mod Nginx reverse proxying to a Cloudflare frontend location.
@Shmee problem should be fixed in latest 123.09beta01 now Upcloud 2 cpu VPS install test on CentOS 7.5 64bit Code (Text): --------------------------------------------------------------------------- Total Curl Installer YUM or DNF Time: 145.0002 seconds Total YUM Time: 14.264046709 seconds Total YUM or DNF + Source Download Time: 42.4776 Total Nginx First Time Install Time: 233.6441 Total PHP First Time Install Time: 209.4609 Download Zip From Github Time: 3.9991 Total Time Other eg. source compiles: 274.1485 Total Centmin Mod Install Time: 759.7310 --------------------------------------------------------------------------- Total Install Time (curl yum + cm install + zip download): 908.7303 seconds --------------------------------------------------------------------------- 2 Intel(R) Xeon(R) CPU E5-2687W v4 @ 3.00GHz 2 2999.998 ---------------------------------------------------------------------------