AlexWright Posted June 15, 2019 Posted June 15, 2019 Once again though, this should be pinned. (Spoke with wasabi, they'll allow our content, wooo!). Very very useful to anyone using S3. ASTRAPI 1
yevlem Posted June 17, 2019 Posted June 17, 2019 Hi there, Many thanks for the instruction. I've followed it, made a paid account with Wasabi, registered at Cloudlfare, created CNAME as CDN = cdn.MYSITE.com.s3.eu-central-1.wasabisys.com , changed the nameservers to Cloudflare, created a bucket at wasabi, and changed the storage at my ACP accordingly. The files started to move, but now in the forum messages, instead of the images I see only the respective file names and 'broken' image placeholders. The URI for such files are something like: http://cdn.MYSITE.com/monthly_2019_06/IMG_20190618_002554.jpg.ea838a4773e99a2e7ff2a6e62a178a5c.jpg (Though I configured the own URL in ACP s3 service configuration as https://cdn.MYSITE.com). What may be wrong? Many thanks in advance!
Martin A. Posted June 17, 2019 Posted June 17, 2019 @yevlem Could it be that your DNS changes haven't propagated yet? It may take a while for a nameserver change to be picked up by the various DNS servers around the net. Most take up to 24 hours. If you visit https://cdn.mysite.com, are you getting something? yevlem 1
yevlem Posted June 17, 2019 Posted June 17, 2019 11 minutes ago, Martin A. said: @yevlem Could it be that your DNS changes haven't propagated yet? It may take a while for a nameserver change to be picked up by the various DNS servers around the net. Most take up to 24 hours. If you visit https://cdn.mysite.com, are you getting something? Thank you for a fast reply! When I hit that, I get something like (After Denied the code is changing every time. It happens both for https and httpAccessDeniedAccess Denied13946A62C4FCCC7ECClSDaHMK805dyaAgFQgwtBYASpftGxP4WT4aZm7567zPmb1t2s2gHNr+KFedc1oOOP7ozXTjwC4
ASTRAPI Posted June 17, 2019 Author Posted June 17, 2019 Check at Wasabi panel if there is any setting related to make the bucket files/folder public and enable it and check again..... I am out now and i can’t check it sorry .... yevlem 1
Martin A. Posted June 17, 2019 Posted June 17, 2019 (edited) Had a speak with @ASTRAPI, and he can't remember how he did it, but he's going to check it out when he's back behind the computer. Maybe @The Old Man remembers how he did it? Edited June 18, 2019 by Martin A. yevlem 1
yevlem Posted June 17, 2019 Posted June 17, 2019 Dear friends,thank you! I made a bucket public by toggling the switch. Later I also added an explicit policy to the bucket, such as{ "Version": "2012-10-17", "Statement": [ { "Sid": "AllowPublicRead", "Effect": "Allow", "Principal": { "AWS": "*" }, "Action": "s3:GetObject", "Resource": "arn:aws:s3:::CDN.MYSITE.COM/*" } ] } and it worked now! Not sure if is a coincidence or a real requirement.... SO grateful to you all! Do you know if change of the STORAGE at ACP copies the files from the previous location or MOVES them?
Martin A. Posted June 17, 2019 Posted June 17, 2019 (edited) Glad you got it working. Setting the policy did ring a bell, I remember doing something in that area, but not sure what. The background queue MOVES the files. Edited June 17, 2019 by Martin A. yevlem 1
ASTRAPI Posted June 17, 2019 Author Posted June 17, 2019 (edited) I will check on an hour about and I will update my topic for that... Edited June 18, 2019 by ASTRAPI
ASTRAPI Posted June 17, 2019 Author Posted June 17, 2019 (edited) Please wait as i am updating my topic ... Edited June 18, 2019 by ASTRAPI
ASTRAPI Posted June 18, 2019 Author Posted June 18, 2019 (edited) My topic just updated with more details and screenshots.... I just test everything again and all working great on my test server 🙂 If you have any problems please check again my topic... Edited June 18, 2019 by ASTRAPI
ASTRAPI Posted June 18, 2019 Author Posted June 18, 2019 I just updated my topic again as i did a new test and there is no need to make your bucket public ! When you are in Trial mode Wasabi set a Private mode for files so they are not accessible at your forum..... When you pay for a plan by adding your card at your profile page (transaction must be done 100%) then the Wasabi release the Private mode and uses the Invision file permissions that is set to read and files are working ! Using that way directory/files listing also are not working so all seems good 🙂 If i have any related info i will post here again 🙂 Thank you
The Old Man Posted June 20, 2019 Posted June 20, 2019 (edited) On 6/14/2019 at 6:50 PM, Joel R said: One of the biggest reasons for switching from AWS S3 to Wasabi is that you can use Cloudflare. Interesting, what type of issue did you have? I've been using AWS S3 with Cloudflare using Full Strict mode without any problems. I use it for Theme files too, taking 1000's of Requests off my server every hour and bringing the Theme files closer to my international visitors. Re the brief discussion on Public access to files (Astrapi addressed this in his excellent guide) In general it's a really bad idea to make your files public on S3, I'd definitely recommend keeping them private whilst permitting/restricting access via IAM permission policies and API Keys. Amazon have really increased awareness of this when you look at the s3 bucket configuration console, but in there documentation there are still outdated references to be found stating you have to make bucket content public when actually you don't and shouldn't. It's true that 99% of your stored content is going to be everyday pictures of cute cats and hot cars etc but it makes sense to also consider the impact, cost and repercussions of someone directly accessing say, a list of passwords and authentication details shared between staff, or photos uploaded to private gallery albums containing EXIF gps coordinates identifying where a photo was taken. If you keep your files and bucket restricted with no public access, you help reduce and mitigate risk. Some quick examples here would be: you don't have to be as concerned about potential security issues (confidential documents or images uploaded as attachments in price forums or PMs, for example), you help maintain higher GDPR compliance (both with the principles of the GDPR and Data Protection legislation and in terms of complying with your site's published GDPR policy), and you help negate the risk of people or bots finding and publishing direct URLs to your content and therefore being able to bypass your CDN entirely which poses an escalated risk of higher monthly S3/CDN usage costs, potential for DDoS attacks from a financial attack vector rather than aimed at taking down your site etc. Wasabi, don't get me wrong and I have nothing against it and haven't yet used it myself, is attractive price-wise, but its cost saving is relevant to your individual usage case. S3 is already very low cost, especially if you front it with a CDN like Cloudfront, Cloudflare or both, so 80% of little becomes quite little. Unless you are storing and accessing massive amounts of data, the difference in cost against AWS S3 could be almost negligible for the average IPS community, a few cents or maybe a dollar or two. Plus when you start looking at Wasabi's documentation, it becomes apparent that there are some services and functionality that they don't provide or that are planned for a future date. If you a bit of a performance nut enthusiast like me and want to attain increased or 100% Pagespeed ratings, some of those services may become more relevant and necessary to you. For example, if you are going to self host webfonts like Google Fonts, Icomoon and Font Awesome to get to that 100% rating, or you (hopefully) have a good Content Security Policy set up, your are definitely going to need CORS headers. https://wasabi-support.zendesk.com/hc/en-us/articles/360006985652-How-do-I-use-CORS-and-custom-domains-with-Wasabi- Again, I'm not intending to distract or diminish Wasabi, just highlighting that there are possibly additional considerations for some IPS communities more than others and that AWS have lots of extra tools, bells and whistles. Edited June 20, 2019 by The Old Man Joel R, sobrenome and Martin A. 3
ASTRAPI Posted June 20, 2019 Author Posted June 20, 2019 I did update my topic with an easier and safer way to use it 🙂
Joy Rex Posted June 20, 2019 Posted June 20, 2019 On 6/14/2019 at 12:50 PM, Joel R said: One of the biggest reasons for switching from AWS S3 to Wasabi is that you can use Cloudflare. Even if you don't have a need for third party storage like Amazon S3 or an S3 compatible storage, you should be investigating Cloudflare anyways with your server admin. Are you using the Free tier of CloudFlare, or are you on one of their paid plans? I guess they wouldn't consider a website that brings in money to support itself as a "personal" website...
Joel R Posted June 20, 2019 Posted June 20, 2019 3 hours ago, Joy Rex said: Are you using the Free tier of CloudFlare, or are you on one of their paid plans? I guess they wouldn't consider a website that brings in money to support itself as a "personal" website... I'm staying with free tier right now until I can verify the ongoing pricing of Wasabi + Cloudflare for a month. I'm definitely considering the Cloudflare business plan though with their additional features. sobrenome 1
Morgin Posted June 24, 2019 Posted June 24, 2019 On 6/20/2019 at 12:44 PM, Joel R said: I'm staying with free tier right now until I can verify the ongoing pricing of Wasabi + Cloudflare for a month. I'm definitely considering the Cloudflare business plan though with their additional features. I can +1 the cloudflare business. They seem like a really positive company too.
Joel R Posted June 24, 2019 Posted June 24, 2019 As an update to this topic: If you are changing your CDN URL (and you most likely are, since one of the biggest benefits is to switch away from a paid service like Amazon Cloudfront and move to free Cloudflare), you may need to revert "attachImages" template. Mine contained the prior CDN URL hardcoded into the template; reverting it will update the URL. I still haven't passed one full billing cycle, but I'm projected to lower my storage + cdn costs from $92/ mo to $6 / mo. For reference purposes, my community contains 400 GB of storage and 1400 GB / mo of bandwidth. sobrenome 1
Joy Rex Posted June 24, 2019 Posted June 24, 2019 On 6/20/2019 at 1:44 PM, Joel R said: I'm staying with free tier right now until I can verify the ongoing pricing of Wasabi + Cloudflare for a month. I'm definitely considering the Cloudflare business plan though with their additional features. I'm on CloudFlare Free now - I don't see anywhere in IPS to change my CDN info as to where the files should be served from, and do you have to load up the files to CloudFlare for it to work? Specifically I am talking about the CSS/JS includes, not media files like in Downloads
Joel R Posted June 24, 2019 Posted June 24, 2019 5 minutes ago, Joy Rex said: I'm on CloudFlare Free now - I don't see anywhere in IPS to change my CDN info as to where the files should be served from, and do you have to load up the files to CloudFlare for it to work? You just need to activate Cloudflare for your website.
Joy Rex Posted June 24, 2019 Posted June 24, 2019 4 hours ago, Joel R said: You just need to activate Cloudflare for your website. So it automagically™ knows to serve up my CSS/JS files without me having to provide the assets to them?
ASTRAPI Posted June 24, 2019 Author Posted June 24, 2019 (edited) Please check my topic Post #1 as all info are there... If you are checking just Cloudflare then yes the Cloudflare when is active it will check the requests by the users and will cache your static files like images. Then it will push the images on there huge network around the world and when another user will request an image that is already on Cloudflare he will take it super fast from the closet to him datacenter and not from your server.... Edited June 25, 2019 by ASTRAPI
Joy Rex Posted June 25, 2019 Posted June 25, 2019 20 hours ago, ASTRAPI said: Please check my topic Post #1 as all info are there... If you are checking just Cloudflare then yes the Cloudflare when is active it will check the requests by the users and will cache your static files like images. Then it will push the images on there huge network around the world and when another user will request an image that is already on Cloudflare he will take it super fast from the closet to him database and not from your server.... Makes sense - thank you for clarifying! ASTRAPI 1
Vanucci Posted August 6, 2019 Posted August 6, 2019 Hello, looks very awesome thank you for supplying this. I currently use S3 and lambda so when a image is passed to my bucket that a lamba function is triggered using the kraken api to shrink the file size. Would something be simialr using your method ? sobrenome 1
ASTRAPI Posted August 7, 2019 Author Posted August 7, 2019 Hello Vanucci I don't know. Never tried that. In general Wasabi Cloud is identical to s3 but i don't know about lambda...
Recommended Posts