is migrated to Cloudflare

Marko Marinović

Mar 03, 2020, 3 minute read

Cloudflare is a network that helps businesses deliver faster, more secure websites and apps to their users. It powers Internet requests for ~10% of the Fortune 1,000 for more than 1 billion unique IP addresses per day.

We like to think about performance as a feature. Performance is baked in our daily planning, sprints, and reports. We want to deliver a fast experience to our users. It also provides an interesting technical challenge for our team. Our performance focus was always more on backend services and database, so we have some technical debt on the frontend side. This results in a bit slower initial paint.

With Cloudflare, we saw the opportunity to greatly improve initial paint of the website. Enabling Cloudflare gave us 42% speed boost thanks to its Rocket loader functionality, which prioritizes website's content (text, images, fonts, etc.) by deferring the loading of all your JavaScript until after rendering. This "resolved" part of our Frontend code debt in a second.

dobartekCloudfare now feels a lot faster and more responsive. We will continue working on performance and provide an update once we achieve certain performance goals.

Migration issues

Enabling Cloudflare wasn't straightforward. We encountered some issues during our migration process. None of these were big problems and we were prepared for mostly all of them. The good thing about this is being able
to stop the migration and move back to the original DNS server in a matter of minutes. This gave us a lot of freedom for experimenting on production when all the restaurants were closed.

Here are all the problems we encountered during the migration process:

Emails sent from ended up in spam

Resolved by adding SPF and DKIM records to Cloudflare DNS.

SSL error on test environments

Our test environments are found at www.{environment} This is 2 subdomains deep and Cloudflare universal certificate does not support this. The solution here is to buy a dedicated certificate with custom hostnames or turn off the proxy feature. We turned off the proxy feature for time being.

Everything was working fine, emails arrived correctly, mobile apps were working, the web was blazing fast, and we thought we are done.

Anyway, after one hour, slack notification pops up saying that some restaurants cannot load the page. They are faced with The site can't provide a secure connection: ERR_SSL_VERSION_OR_CIPHER_MISSMATCH. On first we thought: ahh, probably ISP DNS cache didn't update yet, give it a minute. That was not the case.

The error occurred only for restaurants using Windows XP Chrome 49. We quickly launched BrowserStack and indeed the error was there. Luckily, it was working on Firefox, so we quickly switched restaurants to use Firefox until we resolve the issue with Chrome 49. The cause of the error was that Cloudflare universal certificates use SNI which is not compatible with older browsers like Chrome 49. Fix was amazingly simple, we just bought a dedicated certificate and the whole issue was resolved in a few minutes.

Our users now enjoy the performance and security of Cloudflare!

Wanna see our work?

Our work