Jump to content

Community Guide on Setting Up Wasabi and CloudFlare

ASTRAPI
 Share

Recommended Posts

Martin A. Mentor

Martin A.

Posted
Posted (edited)
4 hours ago, AA15 said:

hi @ASTRAPI, thank you so much for this guide! One thing I was a little confused about was does Wasabi allow me to serve content directly? Like if I upload 100 pictures to Wasabi, can I link to them from my site, Twitter, etc for anyone in the world to see? Is it basically just a server, but for static content?

Yes.

As long as you follow the steps about Cloudflare, DNS, and naming of the bucket, you can do so free of bandwidth charge. The URL from the guide (cdn.yourdomain.com) points to the root of your bucket. If you upload static content to a folder named "static", the URL to files in that file is cdn.yourdomain.com/static/image.png.

Edited by Martin A.
Link to comment
Share on other sites
  • 1 month later...
  • Replies 166
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Popular Posts

ASTRAPI
ASTRAPI

Hello (This is a community guide on how to setup Wasabi and Cloudflare, as a significantly cheaper replacement for Amazon S3 and Cloudfront.  The author has no affiliate arrangement with any of t

Joel R
Joel R

@ASTRAPI is helping me move my community over to Wasabi and Cloudflare.   For any Invision Communities who are currently using Amazon S3, then you may want to seriously investigate the pricing fo

Joel R
Joel R

One of the biggest reasons for switching from AWS S3 to Wasabi is that you can use Cloudflare.  Even if you don't have a need for third party storage like Amazon S3 or an S3 compatible storage, y

Posted Images

  • 2 months later...
  • 3 weeks later...
  • 3 weeks later...
AlexWright Proficient

AlexWright

Posted
Posted
3 hours ago, ASTRAPI said:

A quick note:

For Invision 4.5.x it will be better to not use a dot (.) in your bucket name.

Also you will need to use for downloads the latest version of the plugin at:

 

I've spoken with IPS about this, as Wasabi still recommends having the bucket name follow your cdn url for cloudflare. Theyre working on a fix.

Link to comment
Share on other sites
  • 4 months later...
rnorth6920 Enthusiast

rnorth6920

Posted
Posted
51 minutes ago, Zdeněk Tůma said:

great guildes and works for me but when i make DNS record
cname -> cdn -> cdn.funplay.pro.s3.eu-central-1.wasabisys.com

so http://cdn.funplay.pro/ and http://s3.eu-central-1.wasabisys.com/cdn.funplay.pro works good but without SSL
how to fix?

You're going to need a wildcard certificate for your subdomain so that *.funplay.pro is secure. This varies wildly based on what control panel you may be using. The good thing is most control panels will allow you to secure a subdomain with Lets Encrypt rather easily. 

Link to comment
Share on other sites
  • 2 months later...
Circo Community Regular

Circo

Posted
Posted (edited)

I did not see this mentioned in any of the posts but what about cloudflares 100mb file upload limitation.  I need this to host my downloads section of which most everything is above that size. On the S3 Compatible downloads plugin it says that it does not support chunking to wasabi. It states that the author isn't interested in making the changes to make it compatible with wasabi chunking. Am I alone that I would pay just about any amount of money to get that working?

EDIT: So I got it all set up and it seems regardless of what the plugin says chunking files to wasabi is no issue.  PHP limits set at 50mb and just uploaded a 1.4gb file to wasibi no problem through the downloads app.  I did attach a card to wasabi account and downloading the file gives me a permission denied notice but I am assuming it just needs some time.

EDIT2: Seems to be working just fine, It seemed to take an hour to start working right or adding another non root user fixed the issue, not sure which.  Moving files to wasabi manually using CyberDuck to avoid paying S3 to move 700gb and I had a local backup. Download speeds seem about 10x faster than my S3 test getting about 20MB/s so that's a huge win. I had to turn off "Prevent Direct File Linking" in the downloads settings to get file names from garbling, with normal (self hosted & s3) ipb adds a bunch of characters to file name but it looks fine on listing and when you download. With wasabi on NEW uploads, the new file name with the extra characters shows in the file listing and downloads with the extra characters (turning off the prevent direct linking solved this issue).  However preexisting files work as expected.  Other big note, cloudflare so far is beating the snot out of stackpath, which was my previous cdn.

 

 

Edited by Circo
Link to comment
Share on other sites
Circo Community Regular

Circo

Posted
Posted (edited)

We are trying to migrate another site over to Cloudflare and Wasabi.  This site is getting Access Denied when going to download anything or when going directly to cdn.vpuniverse.com or http://s3.us-central-1.wasabisys.com/cdn.vpuniverse.com

 

cname.thumb.png.7794fbd1ab97c80466105613430a4e84.png

I've tried setting the bucket to Public Access Override and Enable Public Access.  I'm not sure what else to check on this one. I've attached a user to the wasabi bucket that has read/write access.

I also noticed that I can no longer SFTP into the site anymore using ftp.vpunicerse.com.  I'm guessing that has something to do with cloudflare as well.

 Edit:  I think it's all fixed now.  Had to create a policy on the bucket.  Seems to be working fine.

Edited by Circo
Link to comment
Share on other sites
The Old Man Grand Master

The Old Man

Posted
Posted

Hi @Circo

Not sure if you're already aware as I just noticed you added at the bottom you had fixed it, but on my iPad Chrome browser is showing a warning for that link.

When I checked, its configured to allow the older insecure TLS1 and TLSv1.1 SSL/TLS encryption, although the older SSL versions are blocked. I'd recommend limiting https to TLSv1.2 and TLS1.3, both are still secure protocols.

https://www.whynopadlock.com/results/23476f70-508a-4ff5-b891-6672efc30f24

SSL Labs are giving you a B rating:
https://www.ssllabs.com/ssltest/analyze.html?d=cdn.vpuniverse.com&hideResults=on


The links themselves though are working fine for me in the UK, they both show the some kind of text file or log. 

http://cdn.vpuniverse.com/
https://cdn.vpuniverse.com/

  

http://s3.us-central-1.wasabisys.com/cdn.vpuniverse.com
https://s3.us-central-1.wasabisys.com/cdn.vpuniverse.com

Just a thought, you may want to redirect to the https version for anyone using the non-https version links and to help avoid the perils of duplicate content in search results.

You can configure all the above in Cloudflare, probably also at Wasabi if you wanted (in case you deactivate Cloudflare for whatever reason) but I only use AWS S3 so can't be 100% on that.

Hope this helps.

Link to comment
Share on other sites
  • 4 weeks later...
Circo Community Regular

Circo

Posted
Posted

So, I just got a nasty email from Wasabi... I'm not sure what else to try or what settings I have wrong.

Evidently Wasabi wants you to only transfer what you have stored with them. If you have 1Tb stored; then you have 1Tb transfer.  My site I have 179.45 GB stored, but transfers are 4x that. I do use Cloudflare and have cache set to 2 months.  I've gone through this tutorial several times and don't see anything that I've missed....

Do I need to upload 500gb of trash files just to satisfy them?
 

Link to comment
Share on other sites
The Old Man Grand Master

The Old Man

Posted
Posted
3 hours ago, Circo said:

So, I just got a nasty email from Wasabi... I'm not sure what else to try or what settings I have wrong.

Evidently Wasabi wants you to only transfer what you have stored with them. If you have 1Tb stored; then you have 1Tb transfer.  My site I have 179.45 GB stored, but transfers are 4x that. I do use Cloudflare and have cache set to 2 months.  I've gone through this tutorial several times and don't see anything that I've missed....

Do I need to upload 500gb of trash files just to satisfy them?
 

Hello there @Circo,

I was just looking at the Wasabi website to try and understand this. I think the point about the free data egress is lacking some clarity.

TL*DR The devil is in the detail. 

Egress of data (or download bandwidth, as we old timers like to call it) is indeed free on the Pay As You Go product but it depends on where you look. It says clearly on the front home page...

Quote

No egress or API fees


1460E905-F07C-425F-9229-44D95B1D086C.thumb.jpeg.6288e7bbcae4ccdb661cb630dcb03f09.jpeg
 

2D0B501B-0110-4CBA-831A-C2061589269E.thumb.jpeg.01097021f6564628f9661f8284441594.jpeg

 

55BE0B71-907A-47D4-B661-112451908035.thumb.jpeg.de8f00e3b6e2540a598fa3a3c2afda02.jpeg

https://wasabi.com/cloud-storage-pricing/


F48BC108-43CF-42C0-BFD1-2328E0B256EC.thumb.jpeg.7d587e9cd4600b55c23b158753eb2d36.jpeg

 

So anyone receiving such an email essentially stating your abusing their policy would no doubt be very surprised. 


If you delve into their policies though, you'll find the Pricing FAQ page with a little asterisk; that's when it becomes clearer.

71F16802-EC0E-471B-80B2-618C9B6970FF.thumb.jpeg.0b037f3ee3f3331058af63012eb01ac0.jpeg
 

https://wasabi.com/paygo-pricing-faq/

I'm no lawyer, but I do know that this sort of advertising is a bit naughty, at least in the UK where that asterisk should be added to every 'no charge' and 'no hidden charges' displayed statement or made very clearer.

In the USA, I've found web hosting companies get away with a lot more than that permitted in UK consumer protection and advertising laws and in some counties it's a case of caveat emptor because certain trading and advertising practices are less strict.

They state in the pricing policies that words to the effect that in reality free no charge data egress is limited up to 1TB per month, that is, the size of the monthly 1TB of storage space if you're on the PAYG offering.
 

Here it is in a nutshell...

Quote

 

8. How does Wasabi’s free egress policy work?

Wasabi’s free egress policy is designed for use cases where you store your data with Wasabi, you access this data at a reasonable rate, and your use case does not impose an unreasonable burden on our service. To better understand the definition of ‘reasonable rate’ and ‘unreasonable burden’ in this context, please consider these guidelines.

  • If your monthly egress data transfer is less than or equal to your active storage volume, then your storage use case is a good fit for Wasabi’s free egress policy
  • If your monthly egress data transfer is greater than your active storage volume, then your storage use case is not a good fit for Wasabi’s free egress policy

For example, if you store 100 TB with Wasabi and download (egress) 100 TB or less within a monthly billing cycle, then your storage use case is a good fit for our policy. If your monthly downloads exceed 100 TB, then your use case is not a good fit.

If your use case exceeds the guidelines of our free egress policy on a regular basis, we reserve the right to limit or suspend your service.

https://wasabi.com/paygo-pricing-faq/#free-egress-policy

 

 

If you are on their other option which I think is for large corporations, Reserved Capacity Storage, where you pre-pay by the year (or for multiple years to get a larger discounts), the no charge egress/bandwidth is valid again only for the first 1TB.

However unlike say a mobile/cell phone pay as you go deal, it looks like you can't just add another 1TB or so of data on if you think you may go over, and the pre-pay Reserved Capacity Storage option is in 50TB increments! 
 

Quote

Reserved Capacity Storage allows you to purchase storage capacity up front for a period of 1, 3 or 5 year terms. You can purchase RCS in units of 50 TB, 100 TB, 250 TB, 500 TB, 1 PB, 1.5 PB, 5 PB, and 10 PB.

 

So if you're not using a correctly configured CDN in front of Wasabi, you're eventually screwed if you go over 1TB egress/download bandwidth per month.

That leads nicely onto @ASTRAPI's point. The Cloudfront CDN should be caching and serving your Wasabi stored content (normally images, css, js etc unless you activate Cache Everything mode in a Page Rule), so you shouldn't be coming anywhere close to the 1TB limit and your 768GB or so storage should be fine.

Looking at the Wasabi Cloudflare intergration guide on their website, something struck me odd. It states that the TTL for the DNS CNAME is what determines how long Cloudflare caches your content. That's not right! By default it's set to Automatic which is about 300 seconds if I recall correctly. That's great if you want to make a DNS record change or change a Page Rule, no waiting up to 72 hours!

Caching on Cloudflare is handled elsewhere though and can be mix of preferences and settings, page rules and directives both in Cloudflare and on your hosting/Wasabi provider such as Expires headers, Cache-Control headers etc. Different CF plans can also mean different caching options. Ideally I leave it up to IPS and my server and AWS to define how long files should be cached for and I set Cloudflare and Cloudfront to honour it.

https://support.cloudflare.com/hc/en-us/categories/200275248-Caching
 

Hope this helps.

 

 


 

 


 

 

Link to comment
Share on other sites
The Old Man Grand Master

The Old Man

Posted
Posted (edited)
5 hours ago, Circo said:

My site I have 179.45 GB stored, but transfers are 4x that. 

Do I need to upload 500gb of trash files just to satisfy them?

No, I think what they are saying is your storage quantity use is fine, as it's far less than your PAYG 1TB limit, but you are that your going over or at risk of going over, their monthly 1TB egress limit. But at 4*180GB your figure is only about 720GB per month. Either they or you must be wrong, as you are 280GB short of reaching your monthly 'fair-use' limit.

Quote

I do use Cloudflare and have cache set to 2 months.  I've gone through this tutorial several times and don't see anything that I've missed....

I think as Astrapi said, somethings not right. Check both Wasabi and Cloudflare. Inspect some images and CSS and JS files to see how long their being be kept cached for. Try Redbot for this.

https://redbot.org/?
 

You may see a problem and be able to trace where the configuration is wrong.

Edited by The Old Man
Link to comment
Share on other sites
Circo Community Regular

Circo

Posted
Posted

I figured out what the issue was, and it may be worth noting.

The maximum file size Cloudflare's CDN caches is 512MB for Free, Pro, and Business customers and 5GB for Enterprise customers. Enterprise customers can contact their Cloudflare Account Team to request caching of larger files.

 

 

Link to comment
Share on other sites
  • 3 weeks later...
HDiddy Collaborator

HDiddy

Posted
Posted
On 5/17/2021 at 4:32 PM, The Old Man said:

No, I think what they are saying is your storage quantity use is fine, as it's far less than your PAYG 1TB limit, but you are that your going over or at risk of going over, their monthly 1TB egress limit. But at 4*180GB your figure is only about 720GB per month. Either they or you must be wrong, as you are 280GB short of reaching your monthly 'fair-use' limit.

I think as Astrapi said, somethings not right. Check both Wasabi and Cloudflare. Inspect some images and CSS and JS files to see how long their being be kept cached for. Try Redbot for this.

https://redbot.org/?
 

You may see a problem and be able to trace where the configuration is wrong.

I too got the message from Wasabi about Egress.  So I went off and setup a CLoudFlare CDN.  I had one before but at the time I got stuck in an error 522 issue and after talking to support they said if I use CLoud Flare I need to setup the DNS' as "DNS Only"  However from my understanding this will just bypass the cache all together. 

I have my cdn with wasabi set to proxy but do you also have the rest of your IPS Cloud DNS records to proxy also?  If so have you ever had an error 522 issue?

Link to comment
Share on other sites
HDiddy Collaborator

HDiddy

Posted
Posted

Not sure if anyone is aware but Wasabi also has similar instructions on their support page here: https://wasabi-support.zendesk.com/hc/en-us/articles/360018526192-How-do-I-use-Cloudflare-with-Wasabi-

The only major difference is they do walk you through how to properly setup the Bucket Policy.  Silly me didn't realize I had to add the policy directly to the bucket vs where some of the other policies are stored.

Link to comment
Share on other sites
HDiddy Collaborator

HDiddy

Posted
Posted (edited)

@Circo

 

I also got the email message from Wasabi saying the egress is still to high.  To add on to that I am now getting 522 errors from Cloudflare, so not sure what else to do at this point.  I am thinking I may have to split my storage with something like Digital Ocean that has a built in CDN.

 

EDIT:

So in the process of moving things to Digital Ocean Storage.  Not sure what specifically went wrong with Cloudflare and Wasabi, but after the second time of getting 522 Errors, and Wasabi threatening to disable my whole storage it was time to go to Plan B.

Wanted to let folks know how the pricing compares between Wasabi and Digital Oceans Spaces.

Wasabi is $6/Month for 1TB of data and UP to 1TB of "Free Egress"

Digital Oceans $5/Month for 250GB of Data and up to 1TB of Bandwidth.

The core reason I went with Digital Oceans is that they offer very reasonable pricing for additional storage and bandwidth.  It comes to $0.01/GB of additional Bandwidth, and $0.02/GB for additional storage.

So doing the math if your site is using maybe 150GB of storage but has maybe 1.8TB of egress or bandwidth, you would need to get a reserved capacity plan on Wasabi to even be able to do this.  Basically starting at a minimum of 50TB per month (you can imagine what that cost).

Digital Ocean will effectively cost you your normal $5 a month of storage and an additional $8/month of bandwidth.  In the end it is simply a more cost effective solution and we don't have to deal all the weirdness of Cloudflare (Not really supported by IPS per support).

Just some food for thought.

 

Edited by HDiddy
Link to comment
Share on other sites
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Invision Community © 2024 IPS, Inc.
×
×
  • Create New...