Dear debian.org webmasters,
CDN (Content Delivery Network) is a service that distribute website's
content into different servers across the world. This way, when a
visitor in Singapore (for example) visit a website which hosted in
Europe, the website assets will be served from CDN server in Singapore
or nearby instead.
The benefits of using CDN are (quoting from wpbeginner.com):
* speed
* crash resistence
* UX (user experience) and SEO improvements
Cloudflare is one of leading CDN provider in the world. Beside providing
CDN service, it have DDOS protection which can be handy regarding security.
Is debian.org website currently use CDN? Either answer, is Cloudflare
CDN suitable for debian.org website?
One of interesting feature of Cloudflare is reCAPTCHA challenge every
time visitor access website which have this feature enabled. Before a
visitor can reach website, there will be reCAPTCHA challenge which
visitor must answer in order to get access to website's web property.
Usually, visitor must click "I'm not a robot" checkbox and must select
squares which contain a particular object (in most cases related to road
infrastructure in USA). In order prevent the challenge, Cloudflare says
in the challenge page:
If you are on a personal connection, like at home, you can run an
anti-virus scan on your device to make sure it is not infected with
malware.
If you are at an office or shared network, you can ask the network
administrator to run a scan across the network looking for
misconfigured or infected devices.
Another way to prevent getting this page in the future is to use
Privacy Pass browser extension
<https://addons.mozilla.org/en-US/firefox/addon/privacy-pass/>
However, in the challenge page the visitor's IP address is also
displayed. Is it OK for debian.org website to use reCAPTCHA challenge
feature (which is available in Pro plan and higher) when using
Cloudflare as CDN?
Regards, Bagas
