"European" CDN Solution?

YmpkerYmpker OGContent Writer
edited February 2022 in General

In the light of Germany's latest GDPR stunt (tl;dr: court ruled using goolge fonts api to be violating gdpr and issued fine) are there any CDNs where you have the option to route traffic only through GDPR "safe" EU locations? Iirc BunnyCDN is EU based and KeyCDN is from Switzerland, but both still route your website's traffic also through non-EU countries in some cases, right?

"Luckily", I haven't been in the position where I actually "need" a CDN, as most of my website's visitors are germans and speeds have been good enough for that.
My use-case for CDNs has mostly been limited to retrieving content from bootstrapcdn/jsdelivr etc. ..
However, just wondering what options are out there (for the future)? I remember someone on the green forums has a Github Project with a DYO-CDN kinda script. Forgot who it was, though. Would (setting up/looking for) a CDN that only routes traffic through EU servers even make sense performance wise?

Anyway, interested to hear your opinion.
Tagging @vyas , because..CDNs :D

Comments

  • NeoonNeoon OG
    edited February 2022

    Most CDN's are using GeoDNS or Anycast or a combination of both.
    None of these is accurate enough, to prevent someone in the EU to be routed to Murica.

    However, I don't think that there is any GDPR issue if you put your stuff on a CDN, it was google related and I am sure if so the judge would not press any charges, since its Technically impossible* to make sure 100% of the connections from within Europe will be routed to a CDN Node within Europe.

    *You could create a Europe only CDN, with only servers in Europe but this is fucking retarded.

    Thanked by (2)Ympker dosai
  • vyasvyas OG
    edited February 2022

    @Ympker
    Victor over a PushrCDN might be able to shed light on this- I have been in talks with him over a different matter, but worth a try in your case.

    In Bunny you can select countries and redirect traffic to a specific zone/region. Or block countries altogether.
    https://img.gaatha.net/EUyyUe

    Or... create a subdomain on a EU shared host, pull the files from there.

    I have been experimenting with image storage on Myw.pt and using Gumlet as CDN. Because I can play around with image parameters. Or scripts. Storage is on EU server, not sure about Gumlet POP.

    etc. Bunny also you can do the same but that is way more expensive than the USD 1 per month LE* price most of us pay

    If you have the Shortpixel subscription you can get the same manipulations with images but not sure about POP for Gumlet.

    Thanked by (1)Ympker

    ———-
    blog | exploring visually |

  • mikhomikho AdministratorOG

    Shouldn't you be able to select zones or areas with the CDN provider where your files would be served from?
    Or do all CDN providers always give access to their complete CDN Network?

    I've never used a CDN, so I don't know :)

    Thanked by (1)Ympker

    “Technology is best when it brings people together.” – Matt Mullenweg

  • mfsmfs OG
    edited February 2022

    I'd dare to say that the safest bet could be to use an European provider capable to give you a DPA; bunnycdn does that, many EU and non-EU (yet established in the EU) providers offer some data processing addendum if you request it (e.g. Hetzner). Now, many US entities have an EU dept. (Amazon just to name one) and I don't think they'll be ruled to be in breach of GDPR just because the EU-USA Privacy Shield 2 Electric Boogaloo has been considered void; so it could or should be safe to pick a provider, established somehow in the EU, capable of offering a DPA. Imagine if Cloudflare was ruled to be an "illegal data exporter" (despite the data processing addendum) just because their address is "101 Townsend Street - San Francisco, CA 94107 - USA"... hard to believe it

    Some businesses have the additional request to have their data not just protected by DPO/DPA but physically hosted within the EU, with the guarantee it will never cross EU boundaries. That's anyway still a extravagant request for "soft PIIs" like IP addresses.

    Given the extraterritorial scope of the GDPR, a GeoDNS configured to present visitors geolocated outside of the EU with a non-GDPR compliant website may be in breach of something, as long as there's no DPO/DPA considered "valid" if e.g. a German citizen visits your German site whilst on vacation in Japan

    Thanked by (1)Ympker
  • @mikho said:
    Shouldn't you be able to select zones or areas with the CDN provider where your files would be served from?
    Or do all CDN providers always give access to their complete CDN Network?

    I've never used a CDN, so I don't know :)

    14 locations, what are you waiting for? Happy to test out MikhoCDN (or MrVMCDN) when ready

    Thanked by (1)yoursunny

    ———-
    blog | exploring visually |

  • YmpkerYmpker OGContent Writer
    edited February 2022

    @vyas said:
    @Ympker
    Victor over a PushrCDN might be able to shed light on this- I have been in talks with him over a different matter, but worth a try in your case.

    In Bunny you can select countries and redirect traffic to a specific zone/region. Or block countries altogether.
    https://img.gaatha.net/EUyyUe

    Or... create a subdomain on a EU shared host, pull the files from there.

    I have been experimenting with image storage on Myw.pt and using Gumlet as CDN. Because I can play around with image parameters. Or scripts. Storage is on EU server, not sure about Gumlet POP.

    etc. Bunny also you can do the same but that is way more expensive than the USD 1 per month LE* price most of us pay

    If you have the Shortpixel subscription you can get the same manipulations with images but not sure about POP for Gumlet.

    Thanks for the feedback, mate :D DIdn't hear about PushrCDN before. Will have a look.

    BunnyCDN has some nice option there. So basically, I could block CDN for all people from Europe lol.. Then again, a subdomain seems somewhat more convenient to do and is what I had in mind. Funny enough, I also thought to do this on MyW, since my website is hosted there anyway. Hetzner Prem location. I'll just dump Google Fonts, Bootstrap, TailwindCSS and other stuff there and pull it, I think.

    ShortPixel CDN uses Stackpath which goes around the world iirc :/

    GDPR surely is a pita lol.

    @mikho seems like BunnyCDN offers an option for selection (see @vyas post). Besides CF, I never really used a CDN either. And CF was for blocking bad traffic back then.7

    @mfs Thanks for chiming in, mate. Yeah, I also would hope that this won't apply to Cloudflare and similar CDNs (not using it atm, but for the sake of sanity). BunnyCDN states they also anonymize any data/statistics/ips and use Matamo for any stats. Sounds even better tbh. We'll see where all this goes.

  • Shortpixel now uses BunnyCDN :-)

    https://shortpixel.com/

    scroll to bottom

    Thanked by (1)Ympker

    ———-
    blog | exploring visually |

  • YmpkerYmpker OGContent Writer

    @vyas said:
    Shortpixel now uses BunnyCDN :-)

    https://shortpixel.com/

    scroll to bottom

    Nicee! Last time I checked it was Stackpath. Then again, going with Shortpixel CDN I would constantly need to check whether they changed their CDN provider and whether said provider is still GDPR compliant. May go for BunnyCDN directly (if I ever needed it).

    Thanked by (1)vyas
  • Gcorelabs can route traffic to specific pop you want, easy setting at their DNS management. Didn't know about GDPR things with them, not yet checked.

    .. DYO CDN kinda script..

    You mean OneClickCDN?
    https://github.com/Har-Kuun/OneClickCDN

    I installed and tested the script, working flawlessly. But after several days it stopped working and I have no idea what is broken, so uninstalled.

    Thanked by (1)Ympker

    UpCloud free $25 through this aff link - Akamai, DigitalOcean and Vultr alternative, multiple location, IPv6.

  • https://github.com/Ne00n/woodCDN

    Premium shit.

    Does it work? Yes
    Does it have bugs? Sure
    Is it production ready? maybe

    I don't longer worked on it, since I had no use case, bunny.net is to cheap and I got free credits sooooo.........
    But currently I drop a patch in the gdnsd branch there and there.

    Thanked by (1)Ympker
  • bikegremlinbikegremlin ModeratorOGContent Writer

    CDN should use the closest available server, right?

    So, visitors from the EU would get the content served from an EU location anyway, no? :)

    Thanked by (1)Ympker

    Relja of House Novović, the First of His Name, King of the Plains, the Breaker of Chains, WirMach Wolves pack member
    BikeGremlin's web-hosting reviews

  • @bikegremlin said:
    CDN should use the closest available server, right?

    So, visitors from the EU would get the content served from an EU location anyway, no? :)

    CDN also has other functions- lesser talked about.
    e.g. reducing server load for scripts. Or documents (Case studies, white paper, etc.) so content is not just in form of media.

    Thanked by (1)Ympker

    ———-
    blog | exploring visually |

  • @bikegremlin said:
    CDN should use the closest available server, right?

    So, visitors from the EU would get the content served from an EU location anyway, no? :)

    hahahaahahahahahahahahahahah
    hahahahahahahaahahahahahahhaahahahahha
    hahahaahahaahahahahhahahahaahahahahahahahah

    In Theory, yes.
    Practically, most of the Time.

    a GeoDatabase is like a phone book, you can put all sorts of shit into it.
    Or can be just outdated.

    How do you think, these Geolocated IP's with OVH and other providers work?
    They are not really there, its just the geodns entry that they manipulated.

    Thanked by (2)bikegremlin yoursunny
  • YmpkerYmpker OGContent Writer

    @Dazzle said:
    Gcorelabs can route traffic to specific pop you want, easy setting at their DNS management. Didn't know about GDPR things with them, not yet checked.

    .. DYO CDN kinda script..

    You mean OneClickCDN?
    https://github.com/Har-Kuun/OneClickCDN

    I installed and tested the script, working flawlessly. But after several days it stopped working and I have no idea what is broken, so uninstalled.

    Yeah that was the CDN I was referring to. Thanks! Will have a look :)
    Still, only for testing purposes. I didn't really "need" a CDN so far and I still don't need it. Just hypothetically checking my options here.

    @Neoon said:
    https://github.com/Ne00n/woodCDN

    Premium shit.

    Does it work? Yes
    Does it have bugs? Sure
    Is it production ready? maybe

    I don't longer worked on it, since I had no use case, bunny.net is to cheap and I got free credits sooooo.........
    But currently I drop a patch in the gdnsd branch there and there.

    Will have a look, thanks!

  • bikegremlinbikegremlin ModeratorOGContent Writer

    @Neoon said:

    @bikegremlin said:
    CDN should use the closest available server, right?

    So, visitors from the EU would get the content served from an EU location anyway, no? :)

    hahahaahahahahahahahahahahah
    hahahahahahahaahahahahahahhaahahahahha
    hahahaahahaahahahahhahahahaahahahahahahahah

    In Theory, yes.
    Practically, most of the Time.

    a GeoDatabase is like a phone book, you can put all sorts of shit into it.
    Or can be just outdated.

    How do you think, these Geolocated IP's with OVH and other providers work?
    They are not really there, its just the geodns entry that they manipulated.

    Had to spoil it, didn't you?

    :)

    Relja of House Novović, the First of His Name, King of the Plains, the Breaker of Chains, WirMach Wolves pack member
    BikeGremlin's web-hosting reviews

Sign In or Register to comment.