Fedecan (lemmy.ca, piefed.ca, pixelfed.ca) will be moving away from Cloudflare
With the recent willingness of the US Government to pressure its tech agencies into revealing user data without a proper judicial warrant, we've decided it's overdue for us migrate away from Cloudflare.
We'll be transitioning our sites over to https://deflect.ca/ over the next week or so, starting with pixelfed first before doing lemmy and piefed.
I hope to be able to do this without any noticeable downtime, but it is a major config change that will require some backend changes as well. I'll make an announcement before/after and you can always check https://status.fedecan.ca/
Update Feb 16: pixelfed has been migrated to deflect
Update Feb 20: I'm working with deflect on improving performance before migrating lemmy / piefed over. Currently pixelfed load times aren't great due to traffic often hitting edge nodes way out in Europe
Update Mar 17: Unfortunately performance with Deflect isn't where I want it to be since their nodes are out East and our server is in Vancouver. As a result we're just going to be dropping the CDN altogether and hosting directly off our server. I'm planning to do the switchover this weekend (March 20-22), but in the meantime you can use https://test.lemmy.ca/ or https://test.piefed.ca/ if you'd like to bypass Cloudflare.
Thank you for this massive upgrade Shadow!
Deflect is based in Montreal Quebec 🍁
Post this on Reddit too, so more people come here. /r/BuyCanadian is a good sub for posting this.
Last I saw, they had rules against self promotion. I'm not sure if this qualifies, but at the very least we could post it in their self promotion specific thread.
Lets be honest, they'll probably just perm ban you from that sub, but at least some people might see.
Why don't you post it for them?
It’s not self promotion if I do it!
… but I don’t have a Reddit account
The reddit mods get very angry when you suggest links away from their little fiefdoms. An ultra sensitive bunch they are.
Most Reddit moderators are self important wankers.
As a European (but who lived for 10 years in Montreal, that's why I have an account here) I applaud any initiative to move digital infrastructure away from the US. Good luck.
That's some great news. Even without the current horrible state of the US, just CloudFlare itself is getting to be a problem anyway.
It's very ironic for deflect to use cloudflare for their security checks when visiting their ToS.
Other than that, it seems ok as an alternative.
Lol I noticed that too, but it just seems to be the captcha.
Captchas are stupid.
Sweet I've been interested in Deflect as an alternative to CF since I noticed Cory Doctorow using it on his 'pluralistic' website.
Thanks for all the hard work! I totally don't understand hosting/managing the community I bet it's a huge task. Thank you!
Fantastic. Fully approve.
What are your Cloudflare metrics for unique visitors? I'd be very curious how it compares to your billing in Deflect.
I run a small Lemmy instance and I'm showing an insane 5M unique visitors per month. I'm sure that's mega-inflated by federations or bots though. If Deflect charged me for even a fraction of that I'd be bankrupted.
5M seems really high, we're at 7.8M but I've become pretty aggressive about blocking bots / scrapers from China
We're a registered non-profit in Canada though - https://deflect.ca/non-profits/
@[email protected] very cool, and nice recommendation with deflect...
The pricing concerns me (especially since we using Cloudflare is a $0 cost)... At $10/5000 unique users, what if I get hit by a DDoS and my costs balloon?
Anyway I suppose that's a question for them, not you 😁
It's free for non profits, also our traffic is pretty minimal in the grand scheme of things.
I can't speak for your stuff though 😂
I thought that was strange to but here's what they say on their website that makes it sound like you wont be charged for DDoS or bots
This seems sensible, but does have some edges...
Like, if I use my phone at home, and out and about on cell, and at work, and at my in-laws, and at the library, then that's at least 5 "users" from one user as I change IPs.
And if I'm on Tor, who knows how many users I count as, but definitely a lot more than 1.
So I get what they're trying to do... but I don't think it'll work out fairly...
On the other hand with cgnat deployments being common on mobile devices and lower end isps, they would end up underreporting on those users.
Overall it does seem tricky. Billing per legit request or mbit would make more sense to me.
And if I'm behind NAT everyone who is behind it counts as one.
wait what? I thought like 99% of the point of edge services was to protect you from DDoS? I would hope that they wouldn't bill you in cases like that.
Thanks for the transparency!
Is there any chance that Deflect might have a good alternative to Cloudflare tunnels for self hosters?
Not that I know of, and I don't think that's the direction they're going with it.
have you looked at ngrok?
I haven't, thanks for the suggestion. They're American though, but seems to be a reasonable company otherwise.
Good call. Thank you.
This makes me glad to call .ca my home! Thank you!
Amazing news, thank you Shadow 💜
I'm no techie but if this moves us towards the light and away from the darkness then I'm all for it.
Thanks! Merci!
You might be able to get away with not having any CDN on PieFed at all - https://join.piefed.social/2025/11/22/reducing-piefeds-dependence-on-cloudflare/
A few weeks back I went through and made sure the Cache-Control headers are being set right so nginx can do a good job of caching.
I'm caching less to keep the load off piefed, and more to keep the load off our network connection and improve performance for users. Unfortunately nginx won't help with that. Also though I know it's trivial to get our origin IP if you're determined, it helps avoid the casual ddos attacks.
Nice job! I just moved my hosting to stormweb.ca and I'm super happy about the switch.
Their basic hosting and storage plans seem good, but I'm always disappointed when I look at any Canadian hosting for VPS prices. I'd love to use a Canadian VPS alongside or instead of my Hetzner VPS - but the prices always seems to be 2-3+x what Hetzner offers.
Very cool !
What's used/would be used for DNS? I got a bunch at CF.
Same for us, deflect. If you're looking for a good Canadian provider https://easydns.com/ is solid. We do our domain registration through https://www.canspace.ca/ and I think they also offer some DNS.
Thank you!
As an American I applaud this move
-1 new comments lol.
Sorry to hear the update, but perhaps you can gently tug Deflect to hopefully expand to Metro Van or Alberta.
They're depending on VPS providers and as far as I know there just aren't any good DDoS resilient ones out west. They also don't have anycast or geodns, so which node you hit is just a dice roll. Unfortunately there's just no good competition to cloudflare.
Why great news!
Uh, i'm mostly confused why ther'es both a lemmy and a piefed when they do the same thing. Do I need to care about piefed.ca?
Both give you the same content, but the software stacks are very different. There's also significant political differences between the Lemmy devs and the piefed dev. You can view the same content on both, and many mobile clients support both.