Closed nipafx closed 3 years ago
This is corroborated by @Bukama's test - time to first byte seems too long.
I searched for Alfahosting support of CNAME flattening, ANAME records, or ALIAS records, but found nothing, so I opened a support request.
To gauge the effect of such a change I used generated Lighthouse reports for https://nipafx.dev/ (which bypasses CDN because of the A record) and https://nipafx-site.netlify.app/ (Netlify's internal version of the site behind CDN) and the results are promising:
In both cases, first/largest contentful paint and speed index improved considerably, usually x2 to x3.
Alfahosting told me to just create a CNAME for the apex domain (not in those words) and it seems to have worked:
$ nslookup nipafx.dev cns1.alfahosting.info
> Server: cns1.alfahosting.info
> Address: 2a01:64c0:0:5000::8#53
>
> nipafx.dev canonical name = nipafx-site.netlify.app.
> ** server can't find nipafx-site.netlify.app: REFUSED
$ nslookup nipafx.dev
> Server: 192.168.0.1
> Address: 192.168.0.1#53
>
> Non-authoritative answer:
> nipafx.dev canonical name = nipafx-site.netlify.app.
> Name: nipafx-site.netlify.app
> Address: 165.22.65.139
> Name: nipafx-site.netlify.app
> Address: 167.99.129.42
> Name: nipafx-site.netlify.app
> Address: 2a03:b0c0:3:d0::d19:7001
> Name: nipafx-site.netlify.app
> Address: 2a03:b0c0:3:e0::27e:2001
Fresh Lighthouse results against nipafx.dev are promising as well.
Mobile:
Desktop:
I'll let this sit for a while and wait for some impressions before closing the issue.
Turns out, redirecting apex domains via CNAME is not without its side effects. I no longer receive emails, so I reverted to A record for now. 😊
The saga continues... Alfahosting has no ALIAS records, CNAME flattening, etc, so that's out the window.
Next option: Delegating DNS to Netlify, which Alfahosting does support, but then they can't validate Let's Encrypt certificates any more and so my services that remain with them (e.g. mailing list and analytics) can't be HTTPS.
Looking into alternatives now.
I'd need to get a paid Sectigo certificate, but because Highlander rule applies to certificate authorities per contract, I would have to include all old domains or the https-links out in the wild stop working (e.g. chat.codefx.org and courses.codefx.org). That sucks.
I'm considering getting a new contract just for nipafx.dev, moving phpList and Matomo there (ðŸ˜), and then using Let's Encrypt for the old and hobby stuff and Sectigo for nipafx.dev (support confirms that this would work).
I was getting tired of this and so I took the path that I knew would work - I added a new contract to Alfahosting:
.htaccess
files with forwards#codefx-catch-all
from the URL (see #95)On the old account, I deactivated Let's Encrypt renewal, but failed at creating a Sectigo certificate - I assume it's because the other certificate runs until end of February. I'm also slightly worried about the email verification for the certificate because that may require an admin@$SUBDOMAIN.nipafx.dev address and I'm not sure how I can access that once DNS moved to Netlify.
I've just asked about those two things and once they're resolved, I can move DNS to Netlify. Oh, in the meantime I already copied all my DNS records over there (verified with dig
), so all that remains is really just Alfahosting configuring Netlify's nameservers.
Alfahosting offers two ways to order certificates and it turns out, I was using the wrong one - that's why it didn't work. Used the other one now (for external domains), the certificate was issued and installed, and nameserver switched to Netlify.
The saga ends.
The website performance isn't ideal and PageSpeed Insights suggests that one aspect is initial server response time:
Looks like Netlify plays a role here, so I should investigate whether I can improve configuration or switch hoster.
DNS configuration
The current A record configuration bypasses Netlify's CDN. Look into CNAME flattening, ANAME records, or ALIAS records at Alfahosting or transfer the domain to Netlify to use its DNS.
Other Hoster/CDN
Check out Cloudflare (on CNAME flattening; on naked domains).