Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Need some advice
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Need some advice

edited December 2015 in Help

Will be launching a website that hosts giveaways in a few months, but I have a few questions:

Should I use CloudFlare?

There are many websites that do the same, but they are just scammers and use this to earn themselves some money on ads. (and many of them are on CloudFlare Free)

However, I want to make this something legit, where we really do the giveaways.

Will using CloudFlare decrease the users' trust on our website being legitimate?

Note: We are using it for the speed and SSL, but we don't mind paying for EdgeCast CDN and SSL.

What SSL is good for my case?

Will Let's Encrypt cut it? Or should we get paid ones, like Comodo PositiveSSL? Extended Validation isn't possible, unless I get it under my name.

Oh, and, how much should I take from the profit (yes, we still make profit) and how much should they, being the only one in the team who can code? The two other guys are doing admin work which I have the capability of doing, too, but I don't want to leave them out, but feel that I should take more.

Thanks!

EDIT: For newcomers of this thread, if you want more info, check the replies :)

Comments

  • Cloudflare works great, especially for the price. If it's quick enough for you then do that, otherwise grab a $5/yr Comodo PositiveSSL. 99.99% of visitors will be satisfied with the green lock, whether Cloudflare or cheap domain validation cert.

    Costs nothing to run a test with Cloudflare in 'Full' SSL mode (self-signed cert from server -> CF, CF cert from them to user). Cloudflare is legit and arguably one of the best DNS services out there, especially when looking at free services.

    Thanked by 1theroyalstudent
  • BradBrad Member
    edited December 2015

    I'm using CloudFlare (free) for all my sites and have not had a problem. Of course, there may be other (better) solutions if you choose to pay. PositiveSSLs are are less than $5/year these days. Only you can decide how much profit you want to keep for yourself. How much % of the work on the project has been / will be from you?

    Thanked by 1theroyalstudent
  • theroyalstudent said: Will be launching a website that hosts giveaways in a few months

    mmmmm

    theroyalstudent said: Should I use CloudFlare?

    Yes, unless you are trying to serve website to Chinese users. Some Chinese users have problems with CF due to GFW, in this case, you would need to use another DNS provider - eg route 53, rage4, etc.

    theroyalstudent said: However, I want to make this something legit, where we really do the giveaways.

    Word of mouth make things more legitimate. EV SSL certainly helps but Cloudflare SSL vs normal SSL would not matter to a typical non-technical person or non-cloudflare-hater.

    theroyalstudent said: What SSL is good for my case?

    Let's Encrypt is ok, so is Cloudflare, so is comodo. I don't think there's not much difference other than costs here. There is also free Comodo for 1 year (namecheap had that deal previously)

    theroyalstudent said: Oh, and, how much should I take from the profit (yes, we still make profit)

    Depending on what the organisation is - not-for-profit? etc? For typical SME organisations, I would say 20%-25% since it is a team of 3.

    Thanked by 1theroyalstudent
  • edited December 2015

    @Brad said:
    How much % of the work on the project has been / will be from you?

    Like 80%, I'm doing all the code. The other guys focus on giving ideas for new features etc etc, and many other admin work. I have the largest say of them all since I do most of the work.

    Not applicable in Singapore, yet. India is our first priority!

    GIANT_CRAB said: Yes, unless you are trying to serve website to Chinese users. Some Chinese users have problems with CF due to GFW, in this case, you would need to use another DNS provider - eg route 53, rage4, etc.

    We are never expanding into China, and in fact we will probably just block off traffic from them, since they like to try SSHing into machines they do not own.

    GIANT_CRAB said: Let's Encrypt is ok, so is Cloudflare, so is comodo. I don't think there's not much difference other than costs here. There is also free Comodo for 1 year (namecheap had that deal previously)

    Used Comodo for free over at my personal website before after migrating over to NameCheap, was decent.

    GIANT_CRAB said: Depending on what the organisation is - not-for-profit? etc? For typical SME organisations, I would say 20%-25% since it is a team of 3.

    Nah, we're not registered as a company whatsoever, we're just a few guys sitting in front of the computer everyday trying to make shit happen.

    thanks guys!

  • theroyalstudent said: However, I want to make this something legit, where we really do the giveaways.

    That's the sentiment that everyone has at the outset of a free giveaways site. Reportedly, the enthusiasm dies down after the first few giveaways (this is called the Robin Hood syndrome).

    theroyalstudent said: Will using CloudFlare decrease the users' trust on our website being legitimate?

    Joe Average has no idea which sites are hosted from CF and which not. Just make sure your origin is uptime is good so users don't get the CF origin failed pages.

    theroyalstudent said: Oh, and, how much should I take from the profit (yes, we still make profit), being the only one in the team who can code? The two other guys are doing admin work which I have the capability of doing, too, but I don't want to leave them out, but feel that I should take more.

    Ideally, this is a discussion you should've had with your partners at the outset of this venture. If you think there is no such thing as karma and you don't need these extra guys, kick them out sooner rather than later. If you think there is karma you should all be equal partners. I'd stick with one of those possibilities - if karma is real, I'm pretty sure the karma people will not buy your "taking more" stance anyways.

    Thanked by 1theroyalstudent
  • theroyalstudent said: We are never expanding into China, and in fact we will probably just block off traffic from them, since they like to try SSHing into machines they do not own.

    SSH brute forcing can come from anywhere. Switch to another port and magically SSH bruteforcing goes away. You could use some protection but I'm of the mindset that something is running on the server to prevent it when a simple edit and restart of SSH will resolve it versus having that brute force protection constantly running, creating logs, etc.

    Thanked by 1theroyalstudent
  • doughmanes said: Switch to another port and magically SSH bruteforcing goes away.

    Or I could use sslh, I'm only keeping port 22 on all my servers right now cause it's quicker to type. Pretty sure there's a config to use a diff port by default in my SSH client.

  • For DNS yes.

    theroyalstudent said: Should I use CloudFlare?

    Most likely, are you going to capture personal data(address, full name, mobile or address) on site or off-site?

    theroyalstudent said: What SSL is good for my case?

    Thanked by 1theroyalstudent
  • If you use CloudFlare SSL, make sure you have a full certificate on the webserver and the strict SSL option turned on. Even then nobody is quite sure what happens to "SSL traffic" once it enters cloudflare...

    Thanked by 1theroyalstudent
  • GM2015GM2015 Member
    edited December 2015

    Unlimited free storage from yours truly(Not Saying Again who) in the USA.

    linuxthefish said: Even then nobody is quite sure what happens to "SSL traffic" once it enters cloudflare...

    Thanked by 1theroyalstudent
  • @GM2015 said:
    Most likely, are you going to capture personal data(address, full name, mobile or address) on site or off-site?

    Full name, phone number and/or email address mainly.

    @linuxthefish said:
    If you use CloudFlare SSL, make sure you have a full certificate on the webserver and the strict SSL option turned on.

    I'm gonna go with a Comodo cert, so probably gonna let traffic bypass CF.

    Only using them for DNS :)

    CDN, EdgeCast (via JoDiHost) will do.

    @GM2015 said:
    Unlimited free storage from yours truly(Not Saying Again who) in the USA.

    Not Saying Again = NSA?

    I prefer Amazon Cloud Drive for my backups though!

  • GM2015GM2015 Member
    edited December 2015

    Put your tinfoil on man.

    image

    theroyalstudent said: Not Saying Again = NSA?

    I prefer Amazon Cloud Drive for my backups though!

  • @GM2015 said:
    Put your tinfoil on man.

    halp

  • Right now I use Cloudflare's DNS for the majority of my websites and I have been really happy with them as a DNS provider (especially since it's free!). I haven't used their other stuff for awhile so I can't comment on that aspect.

  • GM2015GM2015 Member
    edited December 2015

    Sometimes their NS servers seem to be slow from pingdom NL/Sweden speedtests for some reason, but US rock.

    It seems also that you're stuck with 2 nameservers permanently for all domains on an account.

    Yes, create more a/cs for diversity.

    sin said: Right now I use Cloudflare's DNS for the majority of my websites and I have been really happy with them as a DNS provider (especially since it's free!).

  • @GM2015 said:
    Sometimes their NS servers seem to be slow from pingdom NL/Sweden speedtests for some reason, but US rock.

    It seems also that you're stuck with 2 nameservers permanently for all domains on an account.

    Yes, create more a/cs for diversity.

    Only concerned about the connection within India, hope CF NS works well in India.

  • PieHasBeenEatenPieHasBeenEaten Member, Host Rep

    I been using route 53 dns for my domains for awhile now. I got free credit from github for being a student.

  • mikeyur said: Cloudflare is legit

    eh, we'll talk about that in like 5 years. It is not the most unsuspicious company.

Sign In or Register to comment.