What good is Cloudflare via DH?


#1

My sites are WordPress based. I had hopes that CloudFlare would work as a WAF but all those functions are turned off due to contract with DH.

So then it is only for optimization and image loading? I’d have to have yet another plugin or service to act as a firewall? (which I do already)


#2

As another WP user, my understanding is that the CloudFlare offering is only for optimization, not for WAF. So yes, another solution is required.

I use the Defender plugin from WPMU DEV plus IP Geo Block. Both have different and common features so the combo covers a number of bases for blocking the bad guys. Many people use WordFence, as Defender doesn’t yet support some of the WF premium features. I don’t know how rigorous you want your WAF to be but if you need a hefty solution then you might want to look an OS-level WAF rather than WP-specific.

[ad] If you find yourself drawn to WPMU DEV, please let me know. As a member/subscriber there I can get credit for new memberships. [/ad]

HTH


#3

I use WordFence and have used…another with a bunch of alphabet soup. Can’t recall the name now. The problem with both of them (but WF is not as bad) is whenever I try to use them for on-demand scans or “live traffic”, my RAM allotment with DH raises and the server is reset. I’ve followed all the hardening stuff and haven’t been hacked (again) in a while. And good god they are expensive! My sites are “just” hobby and information/education sites.

I’m looking at the one you suggested now. I’ll let you know if I want to go further with it.

I don’t need optimization. And if I decide I do, I’d rather use a plugin and donate to the developer than pay Cloudflare.


#4

From your note about pushing the RAM limit, I take it you’re using a shared account. If you look at my forum postings over the last year you’ll see a lot of soul searching on that topic, and many suggestions to alleviate the problem of triggering the DH resource bot. One of those suggestions is simply to use different server user accounts for each site. It’s slightly inconvenient but might get you over that hump temporarily.

As much as I’d like to think shared space is ideal as a cheap-n-easy solution, the reality is that for any significant site size in terms of code (plugins) or concurrent users, shared space just doesn’t cut it. For your purposes, VPS might be better - but I understand as a hobby host the cost for that can be prohibitive. For myself, with a need to host a number of small sites and a desire to control my own destiny, I went with DreamCompute/cloud where there is no support for the LAMP stack, but on the other hand the cost is much better.

To be clear, we get Cloudflare for free but I think it’s the WAF part that you want which is not free. That was a fairly recent bonus addition to us. It’s only suitable for stable sites that are not undergoing a lot of development, and personally I’m concerned about how it works with dynamic WP sites … what can it really cash aside from assets if the content is always changing?

Related, and not to sound like a shill … WPMU DEV offers CDN hosting when you use their Hummingbird plugin for optimization. So they minimize, compress, and bundle assets, then put them into a CDN to separate traffic from our DH servers. No WAF but it should be as good as Cloudflare. (Being in perpetual development mode I haven’t used it yet. :wink: )

HTH


#5

Just looked at the price for the dedicated servers. That’d be a nope. While it would be cool, I can’t justify that cost PER MONTH.

I think I’ll just stick with WordFence.


#6

The DH version of the handshake also opens up the possibility of using non-RSA certificates that can improve performance, including ECDSA keys.

You can also download Psiphon for Mac and make it work for you like it works for Android and Windows. As a matter of fact, there is also a way to download Psiphon app for Ubuntu if you’re a fan of the Linux-based OS.


#7

I didn’t say “dedicated servers”, I said “DreamCompute”. For a single 256MB RAM server we’re looking at a max of US$6 per month. Big difference between that and a dedicated server, eh?


#8

Oh. You said VPS and to me that is dedicated server. My bad.

I have never looked at the DreamCompute. I am procrastinating a project and will look into this option.


#10

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.