Re: [google-appengine] CloudFlare or Custom SSL + DynDNS + Custom security
We've been using it for over a year now (maybe 2?). Other than the time Google blocked all of CF (apparently they are now whitelisted), we've been reasonably happy. The only downside is that once or twice they got slow (fetches from origin were significantly faster). We turned off all the munge your website and secure your website features. If we have problems we can turn it on in an instant. I like their DNS configuration. And yup, we fixed the ssl naked domain with a pagerule. At $20/mo, it's cheaper than Google's SSL offering and it's way easier to set up. Jeff On Wed, Aug 21, 2013 at 3:40 PM, Kaan Soral kaanso...@gmail.com wrote: Yes, I was thinking of heightened limit in certain situations / feedback based improvement etc. -- decided to revise things now I went with CloudFlare - at least until it doesn't work out - the risk is probably ~ 2 hour downtime at max. during switch from CloudFlare services to custom dns/ssl, not much of a risk Experience: - Really fast and fun integration - 30 minutes max. - Easy work-around using Page Rules for AppEngine's naked domain issue, you can redirect naked.com/* to https://www.naked/com/$1 - Really simple SSL - just works - Simple DNS - Gives a confident vibe - might be even a con - if it doesn't work out - it would be hard to match CloudFlare's simple functions On Wednesday, August 21, 2013 12:41:53 AM UTC+3, Joshua Smith wrote: On Aug 20, 2013, at 5:29 PM, Kaan Soral kaan...@gmail.com wrote: in real life, I'm not sure whether there are scenarios, where a high-number of people share the same IP address and use a service/app There are many such scenarios. Any place lots of people get free wifi (stadiums, airports, etc.) this will happen. Also, most large corporate internet access is proxied through a very small number of concentrators. -Joshua -- You received this message because you are subscribed to the Google Groups Google App Engine group. To unsubscribe from this group and stop receiving emails from it, send an email to google-appengine+unsubscr...@googlegroups.com. To post to this group, send email to google-appengine@googlegroups.com. Visit this group at http://groups.google.com/group/google-appengine. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Google App Engine group. To unsubscribe from this group and stop receiving emails from it, send an email to google-appengine+unsubscr...@googlegroups.com. To post to this group, send email to google-appengine@googlegroups.com. Visit this group at http://groups.google.com/group/google-appengine. For more options, visit https://groups.google.com/groups/opt_out.
[google-appengine] CloudFlare or Custom SSL + DynDNS + Custom security
I was going to finally configure the SSL for my domain/app, however I was really demotivated because the process is, in my opinion, really complicated, however this shouldn't affect the final decision I also decided to switch to DynDNS from standard godaddy dns Both processes are complicated in my opinion, yet for the end result, they might be better then CloudFlare The reason I'm avoiding CloudFlare is false positives, I used to be identified as an attacker occasionally (while I wasn't), didn't happen in almost a year, but there was a time it happened a lot, If I'm seeing it, probably everyone experienced it once or twice, it would be devastating if an actual user experienced it The second reason is old AppEngine incompatibility, however I haven't seen any complaints here in months, so that seems to be fixed too I always build for really high traffic, whether that will be the case or not, I'm always all in in terms of premature optimization I've also built a custom IP based security system, blocks access to functionality if recent actions/visits are over a limit, I'm a bit concerned whether this system will cause problems in real life, I'm not sure whether there are scenarios, where a high-number of people share the same IP address and use a service/app I'm also not sure whether CloudFlare can block the hobbyist robot runners, I personally used to do it myself, built greasemonkey/chrome scripts to continually execute routines on a service, my IP solution would prevent it, would CloudFlare prevent it? Maybe they can be used together, I don't remember exactly, but I guess CF was sending over the user-IP in headers too Anyway, I would love to hear any experiences in this area -- You received this message because you are subscribed to the Google Groups Google App Engine group. To unsubscribe from this group and stop receiving emails from it, send an email to google-appengine+unsubscr...@googlegroups.com. To post to this group, send email to google-appengine@googlegroups.com. Visit this group at http://groups.google.com/group/google-appengine. For more options, visit https://groups.google.com/groups/opt_out.
Re: [google-appengine] CloudFlare or Custom SSL + DynDNS + Custom security
On Aug 20, 2013, at 5:29 PM, Kaan Soral kaanso...@gmail.com wrote: in real life, I'm not sure whether there are scenarios, where a high-number of people share the same IP address and use a service/app There are many such scenarios. Any place lots of people get free wifi (stadiums, airports, etc.) this will happen. Also, most large corporate internet access is proxied through a very small number of concentrators. -Joshua -- You received this message because you are subscribed to the Google Groups Google App Engine group. To unsubscribe from this group and stop receiving emails from it, send an email to google-appengine+unsubscr...@googlegroups.com. To post to this group, send email to google-appengine@googlegroups.com. Visit this group at http://groups.google.com/group/google-appengine. For more options, visit https://groups.google.com/groups/opt_out.