techhub.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A hub primarily for passionate technologists, but everyone is welcome

Administered by:

Server stats:

4.7K
active users

#cdn

8 posts7 participants4 posts today

🏕️ my adventures in #selfhosting - day 211 (CDN edition)🛡️

A "micro" blog post detailing recent experiments with my #Wordpress blog and efforts to protect it against the Mastodon Hug of Death / stampede:

🔗​: https://elenarossini.com/2025/07/my-adventures-in-self-hosting-day-211-cdn-edition/

Was 🐇​ CDN successful? I'll publish an update soon.

#MySoCalledSudoLife #Fediverse #Wordpress #CDN #webdev #Mastodon

Elena Rossini · My adventures in self-hosting: day 211 (CDN edition) — Elena Rossini
More from Elena Rossini

https://elenarossini.com/2025/07/my-adventures-in-self-hosting-day-211-cdn-edition/

My dear federated WordPress blog,

Sorry for all the tests I put you through in the last 48 hours.

First, I changed your Webfinger setup, which broke federation. Then I reverted back those changes… I posted a test message that immediately federated (yay) but when I replied to it from my Mastodon account, I set off the infamous Mastodon stampede: 5000+ requests in the span of seconds, which took you offline (ouch). I had to delete my reply on Mastodon, flush your cache, and you were back online (yay).

Ever since, I have been on a mission to safeguard you against the Mastodon Hug of Death – a very familiar phenomenon that I experienced with my self-hosted Ghost blog.

The solution I found for it (on Ghost) was installing Varnish Cache. And my oh my has it been effective! A real champion, even at times when my blog posts trended all day on Mastodon (like the one announcing the release of my Fediverse promo video).

But I’m digressing.

My dear WordPress blog, you need protection against sudden surges of traffic brought on by the Fediverse.

This morning, I tried it all:

  1. My plan A was setting up Cloudflare for you. I am SO GLAD that didn’t work out, though, because in the past year I have developed a real distaste for all things Big Tech and I couldn’t really reconcile using Cloudflare as your Content Delivery Network. Why this didn’t work out? It’s a very convoluted explanation… it had to do with DNS records and the way it’s set up. Basically if I manually connected Cloudflare to some DNS records for elenarossini.com, this association would take over ALL DNS records from the POV of my hosting provider, including subdomains… even if I didn’t add them. And I have LOTS of subdomains linked to self-hosted instances for Fediverse software and did not want to do that. I’m probably explaining things badly, but suffice it to say, it wasn’t ideal to tinker with DNS for a variety of reasons. Moving on.
  2. My plan B was exploring how to set up Varnish cache for this website by using shell access. That, unfortunately, is impossible: Varnish needs Nginx or Apache and on a shared hosting plan you simply cannot tinker with that stuff. What to do?
  3. My plan C was setting up BunnyCDN for this site. I first heard about it via the superb website European Alternatives (basically, a database of alternatives to Big Tech platforms and services from the US). Bunny is based in Slovenia and I heard praises of it. Now, I had tried to use it for Ghost earlier this spring, but never managed to complete its setup, and opted for Varnish instead. I decided to give it another go. Guess what? Bunny didn’t ask me for DNS records – its setup was easy and instantaneous, with its native WordPress plugin. I connected it to my Bunny account and was good to go – no tinkering with DNS.

I have double-checked in Developer mode that this site’s images are already going through Bunny. All good!

Disclaimer: unlike Cloudflare, Bunny doesn’t offer a free plan, so I will need to monitor costs. But I’m curious to see how it will do and how much it will cost on a monthly basis. Of course, I will report back about this (at the moment I have $50 in free credits).

Now the real test will be hitting “publish” on this blog post… and replying to the federated post with my Mastodon account. This simple action took my site offline yesterday.

If the site doesn’t go offline, I would up the ante and actually share the link to this blog post from my Mastodon account (to an audience of 8000+ people on hundreds of different servers).

Wish me luck!!!

Elena

Update: how did the test go? Well, the post federated and appeared immediately on my Mastodon feed. I replied to it and within seconds the site went offline, showing an “error establishing a database connection.” I refreshed the page and saw the homepage – fully functional, but extremely slow. If I tried to click on any items in the navigation menu, nothing happened. I deleted the Mastodon reply, flushed the cache… and the site remained largely unresponsive. Needless to say, I need to conduct more tests with Bunny. I am not giving up quite yet…

Elena Rossini · My adventures in self-hosting: day 211 (CDN edition) — Elena Rossini
More from Elena Rossini

Never a dull day in this #selfhosting journey: editing important #DNS records while your child is on summer holiday - and may come see you every few minutes - is a very interesting exercise in concentration.

Special thanks to nonna (grandma) for helping with childcare this morning 😅

I'm hoping I'm successful in setting up a more solid #CDN for my personal website because I keep DDOS'ing myself (from a simple Mastodon reply to a federated Wordpress post - 8k followers will do that).

Wish me luck!

P.S.: another moment of gratitude / deep appreciation for #VarnishCache which has been providing rock solid caching to my #Ghost site. Now I need to take care of my #Wordpress site with a pro CDN solution (Varnish isn't an option sadly bc of the Wordpress setup / I don't have direct access to the server)

Someone mentioned using #BunnyNet as a CDN on here (I wish I remembered to get a referral code from them... they shoulda gotten some credit).

I moved my only serious web site to it. What's interesting to look at is how much visibility I got over traffic, and then how it gave me the ability to fight off the bots. There's a story in this graph.

On the 11th I switched over. You can see this huge spike in green 4XX traffic. Some bot out of Singapore hammered the site overnight. I got up and turned on bot detection, but it was in detect only mode. So you can see the yellow line at the bottom (5XX errors) and the green line still quite high. These bots trigger a lot of errors (possibly intentionally).

There's a mysterious 2-hour window yesterday where it seems I did no traffic at all. I don't think it was -that- bad, but I was definitely messing with stuff.

Finally I put the bot detection into "challenge" mode. The 5XXs have basically stopped, and the 4XXs represent (I think) failed challenges, plus the inevitable bots looking for wp-login.php and various attack probes. So far, I'm quite happy with it. I've pretty much moved all my websites to it, though everything else adds up to basically nothing. 😃

I also added the overall traffic graph to show the normal traffic for comparison. And I included some graphs of the VM's performance over roughly the same time period.

And of course, if you want to give it a go, here's my referral link. (I'm gonna have to figure out who I saw mention it and just paypal them some cash or something)

bunny.net?ref=otfq1cq96c

How to Enable QUIC.cloud #CDN on Your cPanel Website Using CNAME (5-Minute Quick-Start Guide)

This article discusses how to enable QUIC.cloud CDN on your cPanel website using CNAME DNS.

If you’re running a website and looking for a way to improve speed, security, and overall performance, enabling a Content Delivery Network (CDN) is a great choice. QUIC.cloud is an excellent CDN that enhances site loading speeds and reduces latency, ...
Continued 👉 blog.radwebhosting.com/how-to- #quic #quiccloud

How to Enable QUIC.cloud CDN on Your cPanel Website Using CNAME
RadWeb, LLC · How To Enable QUIC.cloud CDN On Your CPanel Website Using CNAME (5-Minute Quick-Start Guide) - VPS Hosting Blog | Dedicated Servers | Reseller HostingThis article discusses how to enable QUIC.cloud CDN on your cPanel website using CNAME DNS.

How to Enable QUIC.cloud #CDN on Your cPanel Website Using CNAME (5-Minute Quick-Start Guide)

This article discusses how to enable QUIC.cloud CDN on your cPanel website using CNAME DNS.

If you’re running a website and looking for a way to improve speed, security, and overall performance, enabling a Content Delivery Network (CDN) is a great choice. QUIC.cloud is an excellent CDN that enhances site loading speeds and reduces latency, ...
Continued 👉 blog.radwebhosting.com/how-to- #quiccloud #quic

How to Enable QUIC.cloud CDN on Your cPanel Website Using CNAME
RadWeb, LLC · How To Enable QUIC.cloud CDN On Your CPanel Website Using CNAME (5-Minute Quick-Start Guide) - VPS Hosting Blog | Dedicated Servers | Reseller HostingThis article discusses how to enable QUIC.cloud CDN on your cPanel website using CNAME DNS.

More progress in the setup of #talos on #kubernetes, now on a 2 node cluster! Next item on the checklist is done: setup Cloudflare CDN with Backblaze for S3 storage! I tested #longhorn backing up a volume and now #cdn is working! 1.7s load time down to 120ms :) The servers are in the EU and I'm in the US. Next up for the future #fediverse app hosting is to get #postgres running in HA mode. I figure since these apps are read-heavy, this may be a good approach for this size cluster.
#selfhosting

How to Enable QUIC.cloud #CDN on Your cPanel Website Using CNAME (5-Minute Quick-Start Guide)

This article discusses how to enable QUIC.cloud CDN on your cPanel website using CNAME DNS.

If you’re running a website and looking for a way to improve speed, security, and overall performance, enabling a Content Delivery Network (CDN) is a great choice. QUIC.cloud is an excellent CDN that enhances site loading speeds and reduces latency, ...
Continued 👉 blog.radwebhosting.com/how-to- #quiccloud #quic

How to Enable QUIC.cloud CDN on Your cPanel Website Using CNAME
RadWeb, LLC · How To Enable QUIC.cloud CDN On Your CPanel Website Using CNAME (5-Minute Quick-Start Guide) - VPS Hosting Blog | Dedicated Servers | Reseller HostingThis article discusses how to enable QUIC.cloud CDN on your cPanel website using CNAME DNS.

Наконец-то приходит крандец этой порочной практике завязываться всем дружно на одного CDN-провайдера. И в этом плане ТСПУ оказываются крайне полезны, для принудительного воспитания криворуких и толстозадых владельцев онлайн-сервисов.
Какого фига вообще российские онлайн-сервисы должны хоть как-то в плане зависеть от политизированного и пронизанного двойной моралью иностранного CDN-провайдера, не желающего работать в РФ официально и с соблюдением российского законодательства?

Вы ещё онлайн-систему записи в районную муниципальную поликлинику начните хостить в облаке какого-нибудь Amazon Web Services. В современных реалиях CDN-провайдер имеет доступ ко всему содержимому TLS-трафика гуляющему между вашим бэкендом и тонким клиентом в лице браузера пользователя.
Давно прошли те времена, когда был SSL вместо TLS, а такие вещи как CDN всего лишь ускоряли загрузку статического контента и ускорял подгрузку тяжеловесных скриптовых библиотек. Именно эту функциональность сейчас может предоставить огромный спектр поставщиков. А вот тот же самый Cloudflare, который якобы CDN-провайдер, пытается смотреть, что же именно там в трафике мелькает и гуляет. Всё ради блага клиентов, во имя балансировки нагрузки веб-приложений, защиты от атак и т.д. и т.п.

Иначе говоря, онлайн-сервисы или веб-сайты или веб-ресурсы использующие Cloudflare создают лишь театр безопасности, не имеющий никакого отношения к гарантиям защиты TLS-трафика. Поскольку отдают его весь целиком и полностью со всеми рисками сторонней коммерческой компании. Которая абсолютно официально производит анализ и разбор его в рамках законодательства и постановлений госрегуляторов с чиновниками исполнительной власти и судебными решениями. Не разу не российскими, а того государства, в юрисдикции которого Cloudflare официально зарегистрировано (где является налоговым агентом).
Это такой кошмар, которого боялись, когда рассуждали о том, что ФСБ вынудит всех депонировать ключи шифрования TLS-трафика. Только тут АНБ в данной роли с её бездонными хранилищами и вычислительными мощностями, крупнейший в штате Юта.
Можно сказать отказ, что и уход коммерческих структур российских от такого CDN-провайдера как Cloudflare, целиком и полностью окупает всё то зло, что успел Роскомпозор совершить в сфере ИТ за время своего существования.

#РКН #роскомнадзор #роскомпозор #ТСПУ #CDN #Cloudflare @russian_mastodon@mastodon.social @Russia@3zi.ru

Former politician #CDN who was scandalized for faking a radio interview, driving under the influence and violating federal election laws, wants to make a comeback and run for office again. Of course he’s a conservative. What gave it away? #Jaffer
apple.news/AkbW9K2qZS8OgaDY-di

apple.newsFormer federal politician who once faked radio interview looks to re-enter politics — The Canadian PressDecades after making headlines for faking a radio interview, driving under th