Matthew J. Harmon: Minneapolis, Minnesota, États-Unis, Earth

Action and Adventure on the High Seas of Information Security Re-Launched (Architecture Review)

Apr 23, 2014, Posted in feature, bsidesmsp, architecture

BSidesMSP Website Head

I rebuilt and relaunched the conference site today instead of attending the TechPulse Conference with some fellow BSides'ers. Ye 'ol landing page was a bit inflexible so I reallocated the day to porch sysadmining.

The results of Google Page Insights and GTmetrix are nice and I beat up on it a bit with Load Impact (more like NO IMPACT!) but seeing those load times under One Second makes me smile:

Pingdom Test

Tuning this was a blast, but rendering in 980ms? We can do better! Paradoxically we can load faster without the CDN (with this optimized config) if we remove CloudFlare and move the testing a little closer. This shaves off 6 requests giving a savings of 749ms. Unfortunately, nobody is going to notice a render time difference of 0.2sec vs >: 1.0sec so we happily add the CloudFlare content distribution network in front.

Page load time 980ms

The running app itself is a Ghost Blog, built on NodeJS but the underlying infrastructure is a bit more involved and consist of:

(nginx + upstream NodeJS + naxsi + ngx_pagespeed [with HTML5 Local Storage!] + SPDY) within a Linux Container hosted on a DigitalOcean instance running Ubuntu 14.04 + active response fwsnort + emerging threats feed + OSSEC with CloudFlare in front and the CloudFlare basic Web Application Firewall (WAF) complements our built in nginx WAF naxsi nicely.

I'm also tempted to automate running over the site once an hour and sync it to a Github Site as a static point-in-time autobackup. Until then the DigitalOcean autobackups and georedundant snapshots will have to do, only so many hours in a day!

Matthew J. Harmon
Matthew J. Harmon -

Passionate security researcher, entrepreneur, consultant. Owner, founder, maker, mentor, teacher.

Loading Google+ Comments ...