Early last year, a twice-weekly newspaper in Park City, Utah, published a story on the rejection of a state measure that would’ve allowed tech billionaire Matthew Prince to build an 11,000-square-foot mansion on a hill with little say from locals.
[...]
One major change had occurred at the Park Record between the time of that first story and the rest: Prince bought the paper. And Don Rogers, the editor Prince hired to run it, is living rent-free in one of his properties at the moment.
With recent events, i have taken the decision to drop #cloudflare with the transition to new servers, i'll have to figure out what CDN (likely fastly ill try to apply for the foss program) to use and what DNS service to use also we'll have to move to a different S3 provider
During the transition to new servers TransFem.social, and all other TransFem.org services including the Sharkey repo's may experience a down time of up to 48 hours due to DNS nameserver changes
The original decision for using Cloudflare was to prevent spam and ddos attack, and while Cloudflare has done shit in the past the assumption was that they're neutrality would go both ways, this seems to not be the truth, their "neutrality" seems to only apply to harassment sites like kiwifarms.
our new setup is not only a lot more powerful but also comes with a firewall setup and DDOS protection directly from the Colocation provider severely reducing the need for Cloudflares ddos protection
I'm targeting next weekend as deployment date for the new servers, but this is highly depended on the RMA's arriving on time
#CloudFlare is again having trouble working on browsers other than the few they mainly target.
Now did they just decide not to support anything else in "Turnstile" (which is a departure from "Browser Integrity Check", which IIRC had fallbacks), or are they again requiring that all requests include headers only some browsers send?
Affects at least #SeaMonkey and #PaleMoon, and isn't so easy to debug given the minified and changing JS of turnstile (likely intended, but doesn't help here...).
Alphabet, Amazon, Apple, ByteDance, Meta, Microsoft
These large, systemic online platforms were designated as gatekeepers under the Digital Markets Act.
As of midnight today, they won't be able to use unfair practices towards those depending on them – with a fine of up to 20% of their global turnover for multiple failures.
Visit #FanFiction.net, and you too can try to decide who you dislike more: #CloudFlare, the website admins, or the authors who keep posting there (hint: the last one is kind of unreasonable but not entirely without merit). Most websites give you at least one reason to hate them in 2024, but this is a three-for-one deal. For even more choice, get your #fanfic recommendations through #Reddit, where everybody ends up linking to the terrible, unnecessary mobile-specific version of the site because they have a terrible, unnecessary mobile-specific version of the site. #fanfiction
I wrote a blog post about my move from Netlify to Cloudflare Pages and how I use caching with GitHub Actions to speed up my Eleventy build step from over 14 minutes to just 30 seconds.
Though the plugin still has some rough edges and missing features, overall I think it is working pretty well for what I wanted. When I post on joelencioni.com, I can see my post in my Mastodon feed pretty quickly—though sometimes the formatting isn’t the best but I suppose that’s just the way it is. And, commenting is bi-directional: replies from Mastodon show up as comments on my blog, and replies to those comments from my blog show up as replies on Mastodon. Great!
The ActivityPub plugin watches for when the client sends a request HTTP header that is asking for content with the mime type of “application/activity+json”. If that type of content is requested, then instead of responding with the web page, it will respond with some JSON data meant for machine consumption instead of human consumption. This is how the syndication works, and that all seems fine.
However, I have been bumping into an issue due to the way this all works together with the CDN I chose for page caching, CloudFlare.
This is what one of my blog posts looks like when the ActivityPub JSON is served instead of the web page.
The problem is that CloudFlare will cache the first version of the page that is requested and serve that up to everyone going forward, regardless of the type of content being requested.
Thankfully, I found a new approach to try. Using CloudFlare workers, I can program the CDN to vary the content based on this header with this bit of code:
export default { async fetch(req) { const acceptHeader = req.headers.get('accept'); const url = new URL(req.url); if (acceptHeader?.indexOf("application/activity+json") > -1) { url.searchParams.append("activitypub", "true"); } return fetch(url.toString(), { cf: { // Always cache this fetch regardless of content type // for a max of 5 minutes before revalidating the resource cacheTtl: 300, cacheEverything: true, }, }); }}
This tells CloudFlare to look at the accept header, and if it has “application/activity+json”, it will add “activitypub=true” to the request query string (the part of the URL after the question mark) behind the scenes, which effectively makes it a different URL. This allows the different content to be cached and served up differently, which I think should solve the issue for me for good. If you still see this problem, please let me know!
For a very small instance with only a couple of concurrent users a CDN might not make much difference. But if you take a look at your web server logs you’ll quickly notice that every post / like / vote triggers a storm of requests from other instances to yours, looking up lots of different things. It’s easy to imagine how quickly this would overwhelm an instance once it gets even a little busy.
One of the first web performance tools people reach for is to use a CDN, like Cloudflare. But how much difference will it make? In this video I show you my web server logs before and after and compare them.
The short answer is – before CDN: 720 requests. After CDN: 100 requests.
Usually just turning on a CDN with default settings will not help very much, you’ll need to configure some caching rules or settings. By watching your server logs for a while you’ll get a sense for what needs to be cached but check out mine for a starting point:
Beware of caching by URI Path because often fediverse software will return different data depending on the Accept header that the requester sets. For example, on PieFed and Lemmy instances a request by a web browser to /post/123 will return HTML to show the post to someone. But when that same URL is requested with the Accept: application/ld+json header set, the response will be an ActivityPub representation of the post! You don’t want people getting activitypub data in their browser and you don’t want to be serving HTML to other instances. Once you spot a URL you want to cache, use a tool like Postman to set the Accept header and make a fake ActivityPub request to your instance and see if you get back HTML or JSON.
Another problem that can happen is that often a response will vary depending on whether the viewer is logged in, or who is logged in. If you can figure out how to configure the CDN to pay attention to cookies or whatever headers are used for Authentication by your platform then you might be able to cache things like /post/*… I couldn’t.
The things I’ve chosen to cache by URI Path above are ones that I know don’t vary by HTTP header or by authentication.
Although we can’t use URI Path a lot of the time, we can cache ActivityPub requests by detecting the Accept: allocation/ld+json header:
https://join.piefed.social/wp-content/uploads/2024/02/caching_activity2-1024x811.pngThis will cache all ActivityPub requests, regardless of URL. People browsing the same URLs as those used by ActivityPub will be unaffected as their requests won’t have the special HTTP header. I used a short TTL to avoid serving stale data when someone quickly edits a post straight after creating it.
There seems to be a deep vein of optimization here which I’ve only just started to dig into. These changes have made a huge difference already and for now my instance is under very little load so I’ll leave things as they are. I look forward to learning more about this in future.
#Stract is a new, #opensource, #nonprofit#search engine. It has a lot of interesting functions. For example, users can exclude known copycat sites from search queries, focus on indie blogs, or do fediverse search only.
@dw_innovation
It’s great to have another badly needed search alternative like #Stract. One unique feature is ability to thumbs up/down results. But what does a thumbs down actually do?
I give a thumbs down to #stackexchange hits because they are in the #Cloudflare walled garden. They get removed from my result list, but what else? I was hoping it would send a signal to Stract.
On Facebook's 20th birthday, lets take a moment to remember how Mark Zuckerberg chose to describe his first couple of thousand users, in an IM conversation...
While it’s nice that it’s been twice now we’ve gotten free internet speed upgrades from TM (ISP), both under the PH gov, it still sucks that TM’s fuckin stingy in terms of upload speed.
To get upload speeds not as ridiculous as 50Mbps, you have to be on the 500Mbps download speed plan which still only gives you 100Mbps upload. I was on 50Mbps down years ago, got free upgrade to 500Mbps down (100Mbps up), then recently another free upgrade to 800Mbps down (200Mbps up). My partner’s house tho was upgraded for free from 100Mbps down to 300Mbps down, but still have only 50Mbps up. Get good, TM.
I do appreciate that TM haven’t gotten full evil corpo on residential consumers tho and we are not subjected to CGNAT, and all (critical) ports like HTTP/HTTPS etc. remain open, in fact they’ve mentioned that they don’t close any ports whatsoever so self-hosting is pretty easy. Only (notable) thing that might differ from “enterprise” fibre plans are the static IPs, but dynamic IP’s pretty easy to deal with using something like #Cloudflare. Seeing others’ internet subjected to these crap mentioned give me nightmares of TM/other ISP here following suit to do the same.
Well, crap. BoingBoing has now caught the #CloudFlare disease.
The boingboing.net site works just fine with no JavaScript and no cookies. This is good, because we can visit in a privacy respecting browser, and the site (nor its advertisers) doesn't spy on us.
But now an attempt to go there is blocked by CloudFlare's insistence to #surveillance, demanding "turn on JavaScript and cookies". Get knotted, you internet choking monopoly spooks.
#Security is dependent on#privacy, stop making the internet less secure for people.
These tech companies that are having mass firings.. like cloudflare and discord - they're saying it's because of wanting to cut down on labour and increase efficiency (blah blah blah read maximise profits).
What are the chances it's because they're going to start (have started?) using AI?
Similar to IRC, where I never found nice usable apps for my taste, I thought XMPP was deprecated, but that doesnt seem so?
A very easy to use phone app is #Snikket. When I force normies to reach me over XMPP, I generally suggest Snikket to them. For the desktop I like the text UI of profanity. But it is glitchy and would be hard to use for anyone who lives in the shelter of a GUI.
#Matrix is theoretically decentralized but the mere fact that the flagship instance is on #Cloudflare suggests the developers are not on the ball about privacy or digital rights. Whenever I have been asked to join a Matrix room, there was reference to that Cloudflare instance, so I refuse it.
#Signal has many problems. I won’t even consider touching it as long as supplying a mobile phone number is a registration requirement.
(btw, i did not see the youtube video so I don’t know if it covered the problems I mention)
Trump Team Targets European Union for Punishing Trade Measures ( www.bloomberg.com )
Matrix vs. XMPP, Security, Privacy, Apps, Efficiency ? ( www.youtube.com )
cross-posted from: feddit.de/post/5228934...