STiBaRC's Reliance on Cloudflare
Posted by herronjo
at 10:50 PM on 7/17/2020 EST:
STiBaRC has historically used Cloudflare for its API since the creation of the app, mostly for DDoS protection and for the SSL certificate. However, due to Cloudflare going down so often lately, STiBaRC will switch off of Cloudflare soon, to its own nameservers and a paid SSL certificate.
You may be wondering why I don't just use a Let's Encrypt certificate for the API. Well, once before we tried to switch off of Cloudflare, but it broke the Android app. This is because Let's Encrypt is unfortunately not a valid certificate authority to Android apps. Because Android apps have accepted CAs on an app-by-app basis, testing in the browser with a Let's Encrypt certificate may work, but the app may not, so it is necessary that I purchase a SSL certificate from an older, trusted authority that will be trusted by all Android apps. This way, existing STiBaRC clients will not have to receive an update to trust Let's Encrypt, and no changes have to be made anywhere.
As for DDoS protection, I'll find something else.
Also, relying on Cloudflare is dangerous anyway, so it's good to switch off.
You'll see no changes in the coming weeks, however they'll be there, on the backend. You won't notice a thing.
˄ 2 ˅ 0