Blog‎ > ‎

CDN, Web Bots, WiFi Portal, rsa8192, Web vs App

posted Dec 24, 2017, 12:03 AM by Sami Lehtinen   [ updated Dec 24, 2017, 12:04 AM ]
  • Just some random thoughts about Content Delivery Networks (CDN) topic. TL;DR; Using one CDN is better than using several in parallel
    Cloudflare is almost scarily awesome when they added all the pops. Compared to something like CacheFly or MaxCDN. I think Cloudflares network is almost overkill. Something like MaxCDN should be enough.
    Actually it seems that the jsdelivr site hasn't been updated with latest Cloudflare development. It doesn't list all sites, as well as the KeyCDN they're referring is clearly inferior compared to Cloudflare at the moment. Also looking up multiple domains does add extra DNS requests and latency etc. That's why I think using one source, whatever it is, would be better than using multiple separate. Of course if you use jsdeliver everything, and then rest of stuff from your-domain.example via CF that's good.
    I've got a feeling, many web developers haven't checked out the Cloudflare network map either. It's currently really dense. My guess is that it's probably densest CDN after Akamai. I've pretty much stopped following CDNs because CF is so dominant, especially if you're not going to pay really big bucks. I'm not saying, I've got any 'conclusive data'. These are just my random thoughts and feelings, not based on facts.
    On the other hand actually the CF network is so dense, it might start to lower hit ratios for not so heavily trafficked sites? What? - Yes, because the cache storage is site specific. Therefore if I got N users downloading something hourly in Europe. Now it's much more likely that they'll hit different cache locations, and therefore do not benefit from the cache. Than if there would be just a few cache locations.
    Isn't that funny? Of course that's not a problem for more popular resources. But for low traffic sites, that effect might be very true. Of course refreshing each cache, just corresponds to one 'regular visitor' hit, so this is real niche issue. But in theory, CDN with less POPs could be more efficient with certain edge cases.
    Why have corporate caching server (ignoring security point, just caching) when each browser got their own cache anyway? ;) More cache(s) isn't always better. Of course it might be so that other CDNs are more popular than others, and therefore time required to do DNS lookup is reduced or eliminated (cached). As well as the libraries might be already cached by the browser.
  • Banned a few bots, using robots.txt and similarly found these new ones: Yooz, WotBox and Mojeek. I guess only worth of mentioning is Mojeek. Check it out. They're totally independent search engine. And not just Bing search results resellers, as so many are. Including: Oscobo and DuckDuckGo.
  • WiFi (WLAN) captive portal fail fail fail. You're doing it wrong. Many older WiFi portals hijack network traffic. When that's combined with HSTS and SSL only sites, it's a problem. Instead of getting the login page, users get SSL error. Many users don't realize that they should try to access some HTTP site without HTTPS to gain access to login page. I've seen this happening over and over again. - It's similar usability issue compared to the WiFi (WLAN) password change issue. When network password is changed, Windows systems 'break down'. Because users don't just get it that they should first disconnect the network and forget / remove it, and then add it back to get password the prompt and enter the new password. Instead of that they claim that the network is broken. - There are technical reasons, but user experience totally sucks, and it requires an expert to get the sh, bleep, to work.- This is one of the reasons most of free WiFi's do not use stupid captive portals in Finland.
  • If we're talking about annoying and useless, those Cookie warning pop-ups on many sites, especially on mobile are insanely annoying and useless thing to do. Ok, ok, I get your cookie policy. Over and over again. Sigh.
  • Wikileaks is using paranoid security rsa8192 OpenPGP key - Nice! - But would ECC still be better, probably yes. - Sorry no link, I've posted those several times.
  • Replaced a few Android Apps (with adds) with HTML5 single page web apps, and it's awesome. No need to install junk. Apps load instantly, provide better functionality. Don't permanently reserve space from phone etc. - This is the direction I've been wanting to go for a long time.
  • Watched: Mikko Hypponen at Le FIC 2017 talk. - It was nice, as always.