0

I have a Wordpress site on AWS in us-east-1. Due to business policies, I cannot use a CDN or multi-tenant. I have admins in Australia say the site is down or slow, but it's up for me, as well as isup.me.

If I create an AWS Client VPN to the AWS region in Sydney, and the admins in Australia connect to it and then use the site, will they see a performance increase? My thinking is they connect to AWS in Australia on a faster "AWS to AWS" network to get to us-east-1, than their ISP in Australia.

To clarify:

I have a wordpress site installed on EC2 in the us-east-1 region.

Users in Australia say it's slow and doesn't open. When they do, I check the site from the USA, and it's fast.

I would usually deploy to Cloudfront, or install a wordpress version on EC2 in the Sydney region, but I can't do that this time because the site runs ads, and I don't want to risk an ads violation or have the momentum in the CDN if I need to stop ads under a DDoS.

So, I want to create an AWS Client VPN in the Sydney region: https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/what-is.html

The users in Australia connect to that, then open the site URL. Since they are on an AWS VPN, the traffic goes from AWS Sydney region to AWS us-east-1, as oppose to whatever their current internet provider is doing now.

Another option I have is to launch Wordpress on an EC2 in Sydney with the same database, strip down so they can just enter posts, but I would like to avoid that because it could still be risky.

Another thing I'm looking at is Amazon Workspaces: https://aws.amazon.com/workspaces

steve76
  • 103
  • 2
  • 1
    I"m not sure the traffic will go over the AWS backbone unless you pay for that service. AWS have a couple of services that it could be, because of service sprawl I'm not sure which one it might be. Any gains would likely be minimal at best. Suggest you edit your question to clearly state the problem you're trying to solve, you're talking about your proposed solution without clearly stating the problem you're trying to solve. – Tim Jan 13 '21 at 17:27
  • @Tim ok, updated. – steve76 Jan 13 '21 at 20:34
  • You can't beat the speed of light, ultimately. But your site shouldn't be inaccessible anywhere on the planet, so something else must be going on. Finding the underlying problem and fixing it, if for instance it's a server configuration problem with your web server, will be a lot cheaper and faster than anything else. Arrange to get a tcpdump/wireshark capture of a request, from both your end and their end at the same time, then compare them. – Michael Hampton Jan 13 '21 at 21:11

1 Answers1

2

I don't think this will work. A Client VPN lets you into your Sydney VPC, but it's not transitive to your us-east-1 resources. AWS Global Accelerator might help, and CloudFront would probably help but you've said you don't want a CDN.

You'd probably be better off working out why your website isn't working properly in Australia. https://www.webpagetest.org/ lets you test your server from many points around the world, which might help, but you should also check your web server error logs, security group rules, and anything else that might block it.

Tim
  • 31,888
  • 7
  • 52
  • 78