December 19, 2018
I’m a big fan of ProductHunt.
All the shiny new tools and apps.
So you can imagine my disappointment when I saw this Error 502 message on ProductHunt’s website:
Cloudflare, The CDN that ProductHunt uses, relies on an underlying server, which was down. Although CDNs offer many benefits, it is not fool-proof (see below).
In plain English, a CDN makes copies of your website files and delivers them to visitors from the nearest location to them so they load faster.
Here are some of the benefits of a CDN:
As a result of the performance, scalability, security, and reliability benefits that CDNs offer, people think their sites are super-hero-bulletproof-level invincible and will never go down or get jeopardized.
But, just like superheroes, CDNs have their kryptonite, or weaknesses, in the form of:
A CDN relies on an underlying server to receive all the assets and then deliver them. But if the underlying server is not reachable, then those assets are no longer available, and you’ll get a lovely “Host error” message, as pictured above.
How to overcome this limitation: One way to help prevent your site from going down is to generate a static and serverless version of your site and to put the entire site on a CDN. There are several ways to turn a dynamic WordPress site into a static one, so make sure to examine the pros and cons of each.
No, not applications sitting in a corner afraid of the cool kids table in the cafeteria. More like hidden scripts that can harm your site or your site’s visitors.
For example, let’s look at cryptojacking.
Let’s say your site displays weather by calling a script from bestweatherever.com. Unknowingly, that script you added may trigger a hidden script that will start using your visitors’ computer’s processing power to start mining cryptocurrency like Moreno, Bitcoin, etc.
CDNs don’t protect your site against this type of attack, which puts your site and your user’s safety in jeopardy.
How to overcome this limitation: To prevent third-party applications from harming your site or your users, you can use Content Security Policies.
CDNs are typically used to serve static assets like CSS, JS, and images that don’t get updated frequently. While that’s a good first step for helping a site’s performance, it would be even better if the HTML was also being served from a CDN. However, for WordPress sites, the content of a site needs to be queried from the database, and this processing task needs to happen at the origin server, not a CDN.
How to overcome this limitation: You can put your entire site, including HTML on a CDN by first generating a static version of your site. There are several ways to turn a dynamic WordPress site into a static one, so make sure to examine the advantages and disadvantages of each option.
CDNs can offer security and performance benefits to a website, especially a WordPress site which typically suffers from these two areas. But, it’s important to keep in mind that a CDN will not save WordPress from all its woes.
To optimize your site further, consider going beyond a CDN, by generating a static, serverless version of your site and using Content Security Policies (psst.. Strattic can help with this).
Product Manager at Strattic
Rebecca has been in a dedicated relationship with WordPress for over 15 years - one full of love, laughs, tears, growth and strong drinks. L'chaim!