What’s the effect of disabling websockets in Meteor? Since the free version of Cloudflare doesn’t support websockets, and you have to disable it in Phusion Passenger.
Sockjs (meteor uses it for transporting DDP messages) will fallback using websocket emulation over long poling which is not as efficient as websockets ( https://www.websocket.org/quantum.html ). It uses that for older browsers and proxys as well that does not support websockets. I dont know what the end user experience will be like in a production environment and the effect of scaling but I think kadira and bulletproofmeteor are both running without websockets with cloudflare as CDN and they are running pretty smooth! @arunoda will have more info on this.
Also have a look at https://meteorhacks.com/cloudflare-meets-meteor.htm . I would use option 2 to benefit from websockets. But doing so you will have to do some additional work as you lose the security aspect from cloudflare.
Cloudflare uses reverse proxy methods to hide your server IP so it makes it more difficult for the attacker to find it. So now you are exposing your server with the websocket connection. You will have to implement security yourself. On the DDoS side have a look at https://github.com/meteorhacks/sikka and dont forget SSL for all domains including subdomains (you cant now rely on just SSL from cloudflare to users).
Also look at https://github.com/meteorhacks/cluster to load balance/scale your DDP connections.
Ah ok! Thanks for the explanation. I have it disabled right now and was just curious about the benefits.
Just a note, Phusion Passenger has websockets support if you pass the sticky-sessions flag.