Kloudsec boasts a
* A true Anycast CDN network with 3 edge locations (London, Singapore and San Jose, US)
* A LetsEncrypt plugin to automatically add an SSL cert to any domain you have (Just enable the plugin, no programming or webserver tweaking needed)
* Offline protection (No error pages when your site is down, still show static contents)
* Experimental WAF (This is hard to get right, we're working really hard on it)
The CDN and LetsEncrypt is 100% free. The premium security plugins are free for now but will be priced later.
[Who should use Kloudsec now?]
As we are in beta now, I encourage you start with casual sites that you don't mind trying with a free CDN and SSL certs for HTTPS.
Happy to take on any questions you have :)
Pretty good but not sure if you need a 4k cert (5651 bytes). That's quite a bit of overhead as well as there shouldn't be a need to send the root cert. Save yourself some traffic. Also, you could probably pare down the cipher list somewhat. The combo of DHE + 4k RSA is probably going to chew up a bunch of CPU unnecessarily.
But pretty nice so far.
SSL Labs is nice, but a bit permissive, not sure anyone really needs 3DES nowadays.
I can kinda guess at the French words but would rather read it in English.
* I spent about 2-3 minutes to trying to find how to get to the main website settings. Only just before giving up I found the "..." which contained it. I think the "Manage your website settings" settings should be prominently displayed.
* All subdomains (and the domain itself) needs to point at the same ip address? This seems to be a pretty big limitation
* This is definitely the most confusing of the UI:
https://i.gyazo.com/dc0f848525e98a08944f839aabbea44e.png I thought it was all a single form. I'd break it up a bit better, and when adding a subdomain explain the steps better (aliasing)
* While my ssl certificate is being provisioned, my site is serving a certificate from organkimlan.com I'm guessing that's another one of your customers?
* I love the idea of real time stats, and route-specific feedback (page load time , errors etc).
* What's your content policy in comparison to cloudflares? (That's probably the single biggest thing I like about them)
* Do you have any guides on how your site respects caching? I really love how cloudfront handles this (unlike cloudflare)
* Are you guys able to eat a DDoS? Is this one of the services you're providing?
Anyway, one of the most impressive Show HNs I've seen in a while. I wish you guys great success and will be following closely
* No excuses, the website settings look like shit and will be fixed.
* You can add subdomains that point to the same site. (For example, www.example.com and example.com). If you have a different site, you can add a new one in the top right corner. (For example, 2 different websites of "test.com" and "dashboard.test.com")
* On the SSL cert issue, Sorry about this, this is a bug. Our engineers are looking into it. Do you have an email that I can contact you with? You can email us at email@example.com and our engineers will immediately help you with this.
* We have no content policy as of now. (This is a schlep and we'll fix this. We'll send an email update once we have this)
* Caching is based on file hashing. Not filenames. You can also manually clear the CDN cache from the dashboard itself.
* DDoS defense. Erm well, we're just lacking 1 last step. Having enough traction/capital to buy lots of bandwidth from our DC to stomach it. We're on it.
Thanks for this feedback. This is insanely useful. We're very excited about this space.
I'm not really sure what this means, and I've used all the major CDNs/reverse proxies =)
Cloudflare for instance is generally controlled by the filetypes, while cloudfront is generally controlled by the cache control headers sent by the origin server.
Either way, I think exactly how it works needs to go into its own fully-fledged article. It's probably the most important thing a reverse-proxy does, and should be documented very clearly.
BTW one unique feature of cloudfront you might want to support, is setting cache control with vary on cookie. So with cloudfront, I can make non-logged in users see a cached page, while logged-in users see a non-cached page. It allows me to take a huge amount of load off the origin server, with no real downsides (in my case).
I got the impression that it would not cope with anything beyond a simple static site.
On the tech, we're a reverse caching proxy service that builds value-add functionalities on the proxy layer.
For example, we can provision LetsEncrypt SSL certs for domains and put it on our edges automatically. All you have to do is to point your domain to our CDN `A` record.
On the dashboard, we're trying to help dev-teams, CEOs, etc, to understand the performance of the site.
- Are there pages that used to be fast, but now regressed to be performing 5x slower?
- Are there pages that used to be functional (200 status code), but now return 500?
Think of it as Google Analytics but for website administration. But I agree that we can be better on the actual info being delivered. But this is our first public launch and it is from here on that I hope to hear from actual users what they want to see in the dashboard.
I get this for my domain:
Failed to acquire SSL ceritifate, retrying now..
I'm curious, how are you solving the issues inherent in multitenant CDNs like yours (e.g. performance).
We forked nginx (just like Cloudflare) and modified it to log stats that we need. The logs are forwarded to a Logstash, then parsed using ElasticSearch.
But if most of our users are non-technical users, then we'll prioritize ease-of-use. For example, the biggest hurdle we face are users asking us "how to change the DNS".