Recently, I want to deploy some of my projects for public access, and some solutions were tried, such as:
1. Deploy the front-end pages with Vercel + Use AWS EC2 for the back-end interfaces. #
Vercel is basically inaccessible in mainland China. In order to allow users who don’t use “magic” to access, I used Cloudflare as my website’s DNS provider, so the traffic would be proxied by Cloudflare.
Summary: Feasible, slow, free.
2. Use AWS EC2 to deploy both front-end pages and back-end interfaces. #
New users registering with AWS are given a year of free use. I thought the EC2 servers in Hong Kong would be fast, but the latency was still around 150ms. Moreover, the free EC2 configuration offered by AWS is poor, 2 cores and 1GB, while the one in US West (Oregon) only has 1 core and 1GB.
Summary: Feasible, slow, free.
3. Use Alibaba Cloud ECS for both front-end and back-end deployment. #
Direct summary: Feasible, fast, troublesome (needs ICP filing), ugly (ICP license number added to the bottom), 99 RMB per year.
4. Use Alibaba Cloud Hong Kong Light Application Server (similar to ECS) for both front-end and back-end deployment. #
Servers in Hong Kong do not require ICP filing for deploying applications and have a dedicated line to the mainland, making access faster, but still not fast enough, with ping values usually between 40-60ms.
Summary: Feasible, relatively fast, simple, relatively expensive, 34 RMB per month (2 cores 2G 30M bandwidth, there is also a 24 RMB 2 cores 1G version).
I finally chose Solution 4. But since I was still not satisfied with the speed of Alibaba Cloud Hong Kong, I thought of using CDN to accelerate.
After some searching and implementation, everything was deployed, and the ping value was roughly in the single digits to 20ms. Eventually, the websites were successfully accelerated, but during the process, I did not notice a sentence in the Alibaba Cloud CDN console. When creating a CDN and adding a domain name, it clearly states:
When the acceleration area includes mainland China, the acceleration domain name must be filed.
??? Isn’t this just a dead end, it’s just bringing me back around, right? I should probably remove all CDN and then directly resolve the domain name to the server again, dizzy 🫠, really troublesome.
Actually, the two domain names I operated on had been filed before, so I was able to complete the CDN acceleration. Later, when I tried to accelerate a domain name without filing, it prompted that there was no filing and the subsequent operations could not be performed.
Alas, I wanted to build a site without filing and still have fast access (adding the filing number is too ugly, I don’t want it), that’s why I went through all this trouble.
If I don’t remove the CDN, I will eventually have to add the filing number to the webpage (I guess, but I didn’t find a definite answer), out of the principle of abiding by the law, it’s better to remove it.
So here is still a record of the process of implementing CDN acceleration, which is also an interesting experience of trouble, might be useful in the future.
Purchase CDN traffic services provided by Alibaba Cloud (or other service providers), these platforms also offer free trials to new users.
Go to the CDN management console to add the domain name you want to accelerate, and then the website prompts to verify the ownership of the domain name.
(Prompt to verify ownership)
Go to your domain name provider’s domain management interface, follow the prompt to add a TXT type resolution and confirm, go back to the CDN management interface, and you can quickly verify.
Continue to complete the information, choose the business type according to your resources. The rest of the configurations like resource grouping are trivial and can be filled in arbitrarily.
Then you need to fill in the source station information, in my case, it’s the IP of the server where my front-end and back-end are deployed.
(Interface for filling in information of adding a source station)
And because my website has enabled https, so here I chose port 443 according to the prompt.
Note if your website has also enabled https, there is an additional important step to configure later)
In the following configuration interface, I used the default recommended settings, one-click configuration, which is generally enough.
Finally, you are prompted to add CNAME resolution, still in the place where you just added the TXT resolution,
(The appearance after adding, my accelerated domain name is gududu.fun, there is no subdomain, so the host record is @)
Return to the CDN control panel to the domain name list, you can see it is already running normally. (🚨 Note, HTTPS is shown as not enabled here, now logging in to the website is still not accessible)
In the CDN management backend, enable HTTPS, click Manage, enter HTTPS settings, click Modify Configuration to add an SSL certificate.
I choose to upload custom, because my SSL certificate is issued by Let’s Encrypt (Certbot). Here, the public key and private key correspond to Let’s Encrypt’s ssl_certificate and ssl_certificate_key respectively.
I find the location of these two files in my Nginx settings, exit and use the cat command to output and copy these two keys, and paste them into the above public key and private key areas respectively. (🚨 Note, whatever the cat command outputs, you need to copy and paste everything, including the BEGIN CERTIFICATE and END CERTIFICATE areas)
(Completed CDN backend page)
Verify in your terminal, enter the following command: nslookup -type=CNAME gududu.fun
The output is the DNS address provided by the CDN provider.
Ping it to see, as expected, it’s fast and that’s it!
At this point, your website has been successfully accelerated using CDN. If you are not in mainland China, then You’re totally free to go!
But if you are in Mainland China, you still have to honestly add the filing number to your page! Shit 🤬!
