New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Use CDN for Pro version checks and improve proxy fallback #879

Open
raamdev opened this Issue Mar 16, 2017 · 4 comments

Comments

Projects
None yet
2 participants
@raamdev
Copy link
Contributor

raamdev commented Mar 16, 2017

Note: This issue is currently blocked by changes needed to the build system: wpsharks/phings#159.


Once the above issue has been closed, the Comet Cache Pro update utilities can be updated to check https://cdn.wpsharks.com/software/bleeding-edge/comet-cache-pro/version.txt for the latest Pro version, instead of querying the API on cometcache.com.

Additionally, we might be able to do away with using the proxy server fallback for version checks on servers that have older SSL software that doesn't support HSTS headers:

@jaswrks writes...

You could try dropping the proxy fallback by running this particular request over http:// instead of https://. Since we are changing the request type from POST to GET, and because it's now a static file containing only a version, it's not necessary for us to use SSL in this particular case.

Note: If you try to reach http://cdn.wpsharks.com/software/latest/comet-cache-pro/version.txt in a web browser, you'll be redirected to the https:// variation, which is enforced due to HSTS headers. However, in a server-side wp_remote_get() implementation, you should be able to query via http:// without a problem. HSTS is not a factor there. However, it might be worth checking to see if WP_Http has any setting that would force HSTS off, just in case that's possible. I'm doubt that it is. WordPress would need to have code that looks for a strict transport header and obey it, which I don't believe it even looks at right now.

That said, we should still use SSL when performing license key authentication.

TODO

  • Update the build system to support rc/version.txt version-ars.txt; see wpsharks/phings#159
  • Update Comet Cache Pro software to use CDN-hosted rc/version.txt version-ars.txt (RC) and /version.txt (stable) to check for latest Pro version
  • Update the API on cometcache.com to return CDN-hosted URLs to the latest Pro version (for both RC and stable); see wpsharks/cometcache.com#111
  • Test to confirm that we can replace the proxy fallback with a call to the http:// (non-SSL) URL to version.txt on sites running outdated SSL software; this will allow us to use the proxy only for license authentication, when necessary
  • Occurrences of proxy.websharks-inc.net/comet-cache/ should be updated to the newer update-fallback.wpsharks.io/comet-cache/ update-fallback.wpsharks.io/cc-proxy

@raamdev raamdev added this to the Future Release milestone Mar 16, 2017

@raamdev raamdev modified the milestones: Future Release, Next Release Mar 19, 2017

@jaswrks

This comment has been minimized.

Copy link

jaswrks commented Apr 20, 2017

New proxy URL: http://update-fallback.wpsharks.io/cc-proxy

?product_api[action]=latest_pro_update
&product_api[username]=johndoe22
&product_api[password]=[COMET CACHE API KEY]
&product_api[stable]=1 (stable releases, or any release?)

In short, all the same variables that cometcache.com uses. This is simply a non-SSL proxy.

Returns JSON, just like cometcache.com does.

{
  "pro_version": "170220",
  "pro_zip": "http://dls.wpsharks.io/cdn-xar?slug=comet-cache-pro&version=170220&expires=1494021828&_sig=6ee774...3f445118ffb0beccf52e65b0826856bca40"
}
@jaswrks

This comment has been minimized.

Copy link

jaswrks commented Apr 21, 2017

Another new proxy URL: http://dls.wpsharks.io/cdn-xar

?slug=comet-cache-pro
&version=[COMET CACHE VERSION]
&expires=[TIMESTAMP EXPIRATION]
&_sig=[REQUIRES SECRET KEY TO SIGN THE REQUEST]

URLs leading to this endpoint are generated by the cometcache.com API and the new update-fallback.wpsharks.io/cc-proxy endpoint noted in the previous comment above ↑

In other words, all Comet Cache automatic updates now pass through http://dls.wpsharks.io/cdn-xar (non-SSL), which is what delivers the zip file downloads.

@jaswrks

This comment has been minimized.

Copy link

jaswrks commented Apr 28, 2017

Documented the new API endpoints above ↑

jaswrks pushed a commit to wpsharks/comet-cache-pro that referenced this issue Apr 28, 2017

jaswrks
@jaswrks

This comment has been minimized.

Copy link

jaswrks commented Apr 28, 2017

The list above has been completed and this is now pending a PR review.
wpsharks/comet-cache-pro#315

raamdev added a commit to wpsharks/comet-cache-pro that referenced this issue May 15, 2017

raamdev added a commit that referenced this issue Aug 8, 2017

Phing release of v170808-RC with the following changes:
- **New Feature: Memcached / RAM** (Pro): Comet Cache Pro now includes support for Memcached / AWS ElastiCache to serve the cache directly from RAM. This allows for a faster cache delivery than what is possible when serving the cache via disk. Memcached / AWS ElastiCache can be configured from **Dashboard → Comet Cache Pro → Plugin Options → RAM / Memcached**. See [Issue #47](#47)
- **Enhancement**: Added `Referrer-Policy` to whitelist for cachable HTTP headers. See [Issue #892](#892).
- **Bug Fix** (Pro): The Cache Statistics feature was broken when the PHP `disk_total_space()` and/or `disk_free_space()` functions were disabled by the PHP configuration. Comet Cache now handles this scenario gracefully by hiding disk-related stats when those functions are not allowed. See [Issue #775](#775)
- **Bug Fix** (Pro): The HTML Compressor was returning an empty string upon encountering an invalid UTF-8 sequence. See [Issue #871](#871) reported by a Comet Cache user.
- **Compatibility** (Pro): Many improvements to the Pro software update system, including changes to the API Endpoints and the Proxy Fallback endpoint. See [Issue #879](#879) and [Issue #315](wpsharks/comet-cache-pro#315) for full details.
- **Compatibility**: Fixed a WooCommerce compatibility issue that was generating a "Notice: id was called incorrectly. Product properties should not be accessed directly." Props @vestaxpdx. See [Issue #896](#896).
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment