Hi all
The topic CloudFlare came up a couple of times in the moodle.org. What is it doing here?
The Wikipedia is not too flattering about it: http://en.wikipedia.org/wiki/CloudFlare.
In reply to Visvanath Ratnaweera
Re: What is the funtion of CloudFlare in moodle.org?
by Richard Oelmann -
A query having read that wikipedia article, particularly the parts of the terms of content as quoted there
- Add cookies to your domain to track visitors, such as those who have successfully passed a CAPTCHA.
- Add tracking codes or affiliate codes to links that do not previously have tracking or affiliate codes.
How does this relate to UK/EU legislation re cookies?
Richard
In reply to Richard Oelmann
Re: What is the funtion of CloudFlare in moodle.org?
by Visvanath Ratnaweera -
It strikes me that not much information come from Moodle HQ on CloudFlare: http://moodle.org/mod/forum/search.php?id=5&words=CloudFlare.
Detailed observations can be found in http://tracker.moodle.org/browse/MDLSITE-1714.
But that doesn't answer, What CloudFlare is doing in moodle.org? Why? Why it jams my Firefox http://moodle.org/mod/forum/discuss.php?d=204364 ?
Detailed observations can be found in http://tracker.moodle.org/browse/MDLSITE-1714.
But that doesn't answer, What CloudFlare is doing in moodle.org? Why? Why it jams my Firefox http://moodle.org/mod/forum/discuss.php?d=204364 ?
In reply to Visvanath Ratnaweera
Re: What is the funtion of CloudFlare in moodle.org?
by Dan Marsden -
From what I understand Cloudflare is used to improve the performance of moodle.org and does this quite succesfully although it has taken a lot of work to get working correctly.
Unfortunately moodle.org has been the subject of many DOS attacks which have caused unnecessary and significant load on the moodle.org servers and cloudflare prevents a lot of that traffic from hitting the main servers so that they can cope with a lot more normal users on the same hardware. I presume they are also making use of cloudflare's CDN but I'm not sure on the exact cloudflare features that are being used.
Jordan (Moodle HQ Sysadmin) has done an amazing job at configuring cloudflare and improving the performance of moodle.org. I've been bugging him for a blog post outlining the experience and benefits he's seen from using cloudflare but unfortunately he hasn't had the time.
Sorry,
I wasn't responding in any way to criticise what Jordan has been doing - or the choice of using Cloudfare, that has been discussed and explained in a number of places and while I may not have agreed with it (based on the early experiences - although those have improved dramatically, for me at least), the tech people (Jordan et al) are happy with the job it does and that's fine with me
My query was a genuine one asking about the links in their terms and conditions relating to the EU/UK legislation on cookies as the cookies issue is one I have been asked about in other contexts and have been researching myself recently, so asking out of interest and clarfication and NOT criticism.
Richard
In reply to Richard Oelmann
Re: What is the function of CloudFlare in moodle.org?
by Visvanath Ratnaweera -
Hi Richard
I don't see why you apologize. Nobody can deny that http://en.wikipedia.org/wiki/CloudFlare page says, "Add cookies to your domain to track visitors, such as those who have successfully passed a CAPTCHA" or "Add tracking codes or affiliate codes to links that do not previously have tracking or affiliate codes". That is exactly what I meant by "not too flattering" in the OP.
Obviously there are other things on that page. As Dan pointed out apparantly CloudFlare boost performance: "Add script to your pages to, for example, add services or perform additional performance tracking" or "Intercept requests determined to be threats and present them with a block page" or "Other changes to increase performance or security of your website".
The final quote also suggests a security aspect. I believe what people mean is that the servers the CloudFlare network intercept the network traffic to moodle.org and block possible DDoS flood.
Finally Tim asks me to learn what a http://en.wikipedia.org/wiki/Content_delivery_network is. "What else do we need?"
This kind of unnecessary discussions are easily prevented by informing the community in ahead. In this case about the technology change and planned down times. For example today moodle.org was not reachable for me, the CloudFlare message came up with a link to https://www.cloudflare.com/wiki/I_keep_seeing_%22My_Site_is_Offline%22. My simple tests showed that moodle.org must be down, but cant be sure because I don't know the equivalent of direct.yourdomain.com for moodle.org.
And the whole discussion is what CloudFlares is. But my OP was, "What is it doing here?" and later "Why [CloudFlare]? Why it jams my Firefox http://moodle.org/mod/forum/discuss.php?d=204364"
FYI. My Firefox (Icewease 11) can not even display the "site not available" message from CloudFlare. Still the http://ajax.cloudflare.com/cdn-cgi/nexp/v=3029832572/cloudflare.min.js Line 15 problem. I have to open Chrome browser to even to read the error message.
I don't see why you apologize. Nobody can deny that http://en.wikipedia.org/wiki/CloudFlare page says, "Add cookies to your domain to track visitors, such as those who have successfully passed a CAPTCHA" or "Add tracking codes or affiliate codes to links that do not previously have tracking or affiliate codes". That is exactly what I meant by "not too flattering" in the OP.
Obviously there are other things on that page. As Dan pointed out apparantly CloudFlare boost performance: "Add script to your pages to, for example, add services or perform additional performance tracking" or "Intercept requests determined to be threats and present them with a block page" or "Other changes to increase performance or security of your website".
The final quote also suggests a security aspect. I believe what people mean is that the servers the CloudFlare network intercept the network traffic to moodle.org and block possible DDoS flood.
Finally Tim asks me to learn what a http://en.wikipedia.org/wiki/Content_delivery_network is. "What else do we need?"
This kind of unnecessary discussions are easily prevented by informing the community in ahead. In this case about the technology change and planned down times. For example today moodle.org was not reachable for me, the CloudFlare message came up with a link to https://www.cloudflare.com/wiki/I_keep_seeing_%22My_Site_is_Offline%22. My simple tests showed that moodle.org must be down, but cant be sure because I don't know the equivalent of direct.yourdomain.com for moodle.org.
And the whole discussion is what CloudFlares is. But my OP was, "What is it doing here?" and later "Why [CloudFlare]? Why it jams my Firefox http://moodle.org/mod/forum/discuss.php?d=204364"
FYI. My Firefox (Icewease 11) can not even display the "site not available" message from CloudFlare. Still the http://ajax.cloudflare.com/cdn-cgi/nexp/v=3029832572/cloudflare.min.js Line 15 problem. I have to open Chrome browser to even to read the error message.
In reply to Visvanath Ratnaweera
Re: What is the function of CloudFlare in moodle.org?
by Frank Ralf -
Just as an illustration what CloudFlare injects into a site (http://www.sustainia.me/ ):
//<br /> try{if (!window.CloudFlare) { var CloudFlare=[{verbose:0,p:0,byc:0,owlid:"cf",mirage:{responsive:0,lazy:0},oracle:"d5/ca3ffb3c4adf5c150bcdb0740da86f",paths:{cloudflare:"/cdn-cgi/nexp/aav=1499794953/"},atok:"b111468b72c8c1d57d67a329317d5f5f",zone:"sustainia.me",rocket:"0",apps:{"ga_key":{"ua":"UA-29662374-1","ga_bs":"2"}}}];var a=document.createElement("script"),b=document.getElementsByTagName("script")[0];a.async=!0;a.src="//ajax.cloudflare.com/cdn-cgi/nexp/aav=3029832572/cloudflare.min.js";b.parentNode.insertBefore(a,b);}}catch(e){};<br /> //
Personally, I don't like the idea of injecting arbitrary JavaScript which doesn't stem from the website I'm on. That's why Firefox add-on NoScript is disabling CloaudFlare scripts by default.
//<br /> try{if (!window.CloudFlare) { var CloudFlare=[{verbose:0,p:0,byc:0,owlid:"cf",mirage:{responsive:0,lazy:0},oracle:"d5/ca3ffb3c4adf5c150bcdb0740da86f",paths:{cloudflare:"/cdn-cgi/nexp/aav=1499794953/"},atok:"b111468b72c8c1d57d67a329317d5f5f",zone:"sustainia.me",rocket:"0",apps:{"ga_key":{"ua":"UA-29662374-1","ga_bs":"2"}}}];var a=document.createElement("script"),b=document.getElementsByTagName("script")[0];a.async=!0;a.src="//ajax.cloudflare.com/cdn-cgi/nexp/aav=3029832572/cloudflare.min.js";b.parentNode.insertBefore(a,b);}}catch(e){};<br /> //
Personally, I don't like the idea of injecting arbitrary JavaScript which doesn't stem from the website I'm on. That's why Firefox add-on NoScript is disabling CloaudFlare scripts by default.
In reply to Visvanath Ratnaweera
Re: What is the function of CloudFlare in moodle.org?
by Visvanath Ratnaweera -
If anybody is listening: http://ajax.cloudflare.com/cdn-cgi/nexp/v=3029832572/cloudflare.min.js has now shifted to http://ajax.cloudflare.com/cdn-cgi/nexp/aav=4114775854/cloudflare.min.js and this version doesn't jam my Firefox (iceweasel 11.0 Debian squeeze on Crunchbang x86).
Hi Dan,
Please tell me how can my courses which are kept in moodledata outside the root be cached by cloudflare.
Wikipedia says "CloudFlare is a content delivery network" with a link to explain what a CDN is. What more do you want.
It makes things faster by caching what can be cached. This should be transparent, and it is remarkably close to being so, but as we have found, it is not perfect.
In reply to Visvanath Ratnaweera
One big cluster: How CloudFlare launched 10 data centers in 30 day
by Visvanath Ratnaweera -
This article gives some insight:
"One big cluster: How CloudFlare launched 10 data centers in 30 day"
http://arstechnica.com/information-technology/2012/10/one-big-cluster-how-cloudflare-launched-10-data-centers-in-30-days/
"One big cluster: How CloudFlare launched 10 data centers in 30 day"
http://arstechnica.com/information-technology/2012/10/one-big-cluster-how-cloudflare-launched-10-data-centers-in-30-days/
In reply to Visvanath Ratnaweera
Re: One big cluster: How CloudFlare launched 10 data centers in 30 day
by Matt Sharpe -
While an interesting article, other than explaining their caching database system, it doesn't show any really innovative technology. PXE and remote deploys are fairly standard. I think it's a good example of yet another article that talks about what CloudFlare does but skips over the purpose of it, especially so for what we use it for in Moodle.
Moodle.org actually has CF caching, minifying, and preloading turned off. The only features we use are security ones, and a custom SSL configuration. Moodle /only/ uses CloudFlare for security (spam, DDoS, and botnet protection specifically) by comparing client IP addresses to known compromised or malicious systems. Every other feature is turned off.
I hope this clears some things up,
Matt
Moodle.org actually has CF caching, minifying, and preloading turned off. The only features we use are security ones, and a custom SSL configuration. Moodle /only/ uses CloudFlare for security (spam, DDoS, and botnet protection specifically) by comparing client IP addresses to known compromised or malicious systems. Every other feature is turned off.
I hope this clears some things up,
Matt