This post was cross-posted to Reclaim Hosting’s new company blog “Reclaim the Blog,” so you can read this post there as well.
To be clear, forever uptime is a dangerous claim, and anyone that promises you 24/7, 100% uptime is flirting with disaster in the hosting world. That said, my experimentation with Edgeport—a new enterprise-grade DNS, CDN, and Load Balancing service much in the vein of Cloudflare—has moved beyond this blog and has extended to Reclaim Hosting’s main website: https://www.reclaimhosting.com.
As already noted, I was blown away by the fact that even with both containers that drive this blog completely offline, the site loaded without issue for the better part of nine hours. It could’ve gone on much longer, but I had to re-enable the servers to actually write about the amazingness of it all 🙂
What was driving the uptime, regardless of the servers’ health, was the application delivery network, or ADN, which reproduces and caches not only the static site, but also its dynamic elements (search, page loading, etc.) across a vast network of servers that ensure the content remains online even when the underlying infrastructure goes offline. It’s pretty amazing to me, and it makes one flirt with that elusive and seductive portal dream of 100% uptime, even though one must always account for the imminent entropy of any system.
But that being said, Reclaim Hosting has now gone where only the bava has boldly gone before it 🙂 The implications for our high-availability ReclaimEDU WordPress multi-region hosting is truly next generation. While we will refrain from promising 100% uptime, with fail-over between two servers (because Edgeport does that, just like Cloudflare), a robust content delivery network, and CNAME flattening, we are able to post a lot of .9999999999s. With Edgeport we can harness all the benefits of the Cloudflare setup we engineered a year ago, but using a simpler interface and more approachable and affordable service.
But beyond the load-balancing and sophisticated application caching going on, the real power of Edgeport lies in the manifold security improvements it provides. Over a year ago we hired Noah Dorsett, who has proved to be an amazing addition on the Reclaim security front, and I asked him to try and boil down some of the features Edgeport offers for a meeting on high-availability hosting I was taking last week. So, in true Noah fashion, he did an awesome job and provided an understandable, succinct highlight of the security affordances Edgeport provides. Here is what he sent me:
DDOS Protection: The application layer distributed denial of service protection is great for hosting web applications, as these live in this ‘application layer’. Layer 7 DDOS attacks target this layer specifically as this is where HTTP GET & POST requests occur, and can eat up large amounts of server resources. These attacks are very effective compared to their network layer alternatives, as they consume server resources as well as network resources. With Application Layer DDOS, your site would be much more secure.
WAF: A WAF, or web application firewall, helps protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web applications from attacks such as cross-site forgery, cross-site-scripting (XSS), file inclusion, and SQL injection, among others. This type of firewall exists in the application layer, acting as a ‘shield’ between your web application (aka website) and the internet. Edgeport uses a dual WAF, which can be a confusing term. What this means is that there is an audit WAF that logs traffic and updates rules, but does not perform blocking. This audit WAF passes information to a production WAF which uses this information to actively protect and block malicious requests/attacks against the website. A dual WAF is much faster than a regular WAF, and provides better security to boot. WAF rules are generated by Edgeport’s dedicated security team as well, which means your rules will always be up to date and performing efficiently.
Bot Management: Edgeport uses an agentless, server-side, machine-learning fueled bot management system to detect and stop bot traffic that could be slowing down your site or maliciously scraping content. The benefits of an agentless, server-side system like this is that you don’t have to run any code or do anything on the client end, and the detection is nearly invisible from a user perspective (and to bots as well). This allows the detection rules to catch more and impact performance less, keeping the website secure from all sorts of automated malicious tools and scrapers.
That last bit on bot management is a big difference I immediately noticed between Edgeport and Cloudflare. Whereas my daily traffic on Cloudflare clocked anywhere from 5,000 to 6,000 hits per day, when I moved to Edgeport those statistics dropped dramatically, closer to 1,000 to 2,000 hits per day. That’s not only much more in the realm of believability of actual traffic for this humble blog, but it highlights just how many bots had been regularly scraping and otherwise accessing my site, whichis not only a security risk, but also eating up unnecessary resources. So with Edgeport my site not only is safer, but is less resource intensive, and as a result more performant.
Now, to be clear, running Edgeport on my blog might be a bit of overkill given it does not need to be up 24/7 and it does not have the sensitive data and security needs of an institutional .edu site, for example. But if you are running a mission critical, high-availability site for your institution, then Edgeport opens up a whole new world of cloud-native security on top of the industrial-grade DNS, CDN, and load balancing service that are truly a powerful combination. It has provided Reclaim exactly what we needed for scaling our multi-region setups, and I couldn’t be more thrilled there’s a new player is this field that’s pushing the envelope, and opening up possibilities for smaller companies like Reclaim Hosting with infinite heart but finite resources.