[DigitalPoint] App for Cloudflare®

[DigitalPoint] App for Cloudflare® 1.8.4.1

No permission to download
  • Added check to make sure the site's hostname has at least one dot in it when determining Cloudflare zone ID (things like "localhost" are not valid Cloudflare zones)
  • Fetch up to 1,000 R2 buckets per account with API call instead of the default of 20
  • If API permissions get revoked on accident, don't throw exception about it on main admin index (admin index won't break if API permissions went away for some reason)
  • Like
Reactions: thumped and Dkf
  • Better handling of stats rebuilding when rebuilding all stats for the site (from cache rebuild)
  • Check if Cloudflare account ID is missing when generating R2 bucket URL and add a server error log if that's the case (if an API token has insufficient permissions, you could end up with a missing account ID, which would in turn make R2 functions not work).
  • Backup option works properly again with Firewall rules (forgot to convert that to the new Ruleset API that the firewall uses
  • Added check to make sure none of the Cloudflare daily stats are somehow giving a negative number
  • Better handling of situation where someone deleted R2 bucket in Cloudflare's dashboard but didn't disconnect that bucket from being used by XenForo yet.
  • Fixed issue where we were assuming there was a firewall ruleset for firewall rules (not always the case, so don't assume it exists).
  • Fixed issue with logging daily stats if a site isn't using Turnstile for CAPTCHAs
  • Requires XF 2.1.0+ (always was the case technically, installer enforces it now)
  • Like
Reactions: eva2000
IMPORTANT for existing users: A change to Firewall API calls requires a new API permission to be able to set it. You can go to your Cloudflare API Tokens, edit the token you have and add the following permissions:
  • Zone.Zone WAF: Edit
The Firewall API has been deprecated and turned into a Ruleset API, so no way around the new permission (sorry).

Changes:
  • Fixed missing padding on timeframe selector on DMARC management page
  • Added missing phrase missing_cloudflare_authentication_info
  • If there is no Cloudflare authentication token set (new install normally), don't try to show the stats block
  • Fixed issue where deeplink generated for DMARC management would include sub-domain of site rather than just the domain/zone.
  • Links for Turnstile settings and analytics work again (Cloudflare made an unannounced changed to API, so conforming to new API schema)
  • Fixed reversed label on DMARC chart
  • Fixed issue with approved DMARC sources showing in the unapproved sources report
  • Fixed sorting issue on DMARC sources report
  • Made internals of Country blocking case-insensitive for country codes
  • Migrated Firewall API calls to new Ruleset API
  • New Cloudflare daily stats (in XenForo's normal statistics area):
    • Unique visitors
    • Requests
    • Data served
    • Data cached
    • Threats
    • Turnstile challenges
    • Turnstile interactive solves
    • Turnstile non-interactive solves
    • Turnstile unsolved
    • R2 class A operations
    • R2 class B operations
  • Like
Reactions: Mike Fara and MattW
  • Consolidated buttons for new firewall rules into a menu
  • Consolidated buttons for new cache rules into a menu
  • Stop click propagation when clicking on link to Cloudflare in stats block header (prevents block from hiding/showing when you are just trying to go to Cloudflare dashboard)
  • Viewing statistics block on main admin page requires admin permission viewAnalytics (not the permission for managing cloudflare) and block is hidden if the user doesn't have the necessary permission
  • Added check to avoid division by zero errors in a case where Cloudflare reports an impossible scenario (cached traffic for a time period, but total traffic for that same time period is 0)
  • New option: Show Cloudflare statistics
  • Added DMARC management section. Ability to monitor emails being sent by third parties (includes week/month chart as well as table of unapproved sources sending emails)
  • Fixed some text not being phrased in the stats block
  • Like
Reactions: thumped and ivp
  • Selecting Global API keys are disabled (can't setup new ones going forward). Includes deprecation notice (going away completely in the future, so migrate to API tokens if you are still using Global API keys!).
  • Unify primary classes so they can be shared without changes with WordPress version of this addon
  • If you don't already have a Cloudflare API token, the link to create one will pre-define the required permissions for you (way less annoying for new users)
  • Updated deep links inside cloudflare.com for Firewall events to reflect the new endpoint
  • Look back 7 days instead of 1 day to find account-level usage records for buckets
  • unfurl and image proxy Workers will use default language for site when they are setup
  • Changed URL where you set Worker subdomain and made it a property for easier changes in the future (Cloudflare changed it in their dashboard)
  • Make external URL include protocol (https:) rather than relative URLs (R2 subdomains always have valid SSL certificates, so no reason to serve up content insecurely even if the site isn't using HTTPS)
  • Automatic retry (once) if API/R2 calls return HTTP 499 response (same way we handle server-side [5xx errors])
  • Change verbiage on R2 operation log to be more clear about billable events
  • Don't hardcode dash.cloudflare.com prefix in admin:cloudflare_r2 template
  • Fix Zero round trip phrase being title case
  • Add direct link for setup of Zero Trust Access authentication method
  • Added new pre-set Cache Rule option to force caching of static content
  • Firewall rules can be toggled on/off
  • User agent rules can be toggled on/off
  • Page rules can be toggled on/off
  • Cache rules can be toggled on/off
  • Cloudflare analytics shown on admin index
1680191737902.webp
  • Removed repository dependency within R2 adapter
  • When checking if a file exists on R2, only fall back to checking if it's a "directory" if there's no file extension in the path (less class A operations)
IMPORTANT for existing users: A change to Crawler Hint API calls requires a new API permission to be able to set it. You can go to your Cloudflare API Tokens, edit the token you have and add the following permissions:
  • Zone.Zone: Edit
You should have a total of 15 permissions for your API token at this point. If you don't have 15, you can check what you should have under XF Admin -> Options -> External service providers -> Cloudflare authentication
  • Fix for change to Crawler Hint API calls (needed to change Crawler Hints setting)
  • Updated parameters for Network error logging when doing "Easy config"
  • Normalize path when getting a list of multiple objects
  • Add support for getting listings of directories inside buckets in R2 adapter (a little tricky because R2 it not a file system in the traditional sense as there are no actual directories). Should make it so exporting styles with attached assets should work if those assets are stored in R2.
Hate pushing quick versions out (sorry)... but a necessary fix for media uploads which are handled slightly differently than other uploaded content (like avatars and attachments).
Not sure why this is the case, but it seems XenForo's class autoloading system works slightly differently when in the context of auto-run jobs (within job.php). Oddly, changing the order of PHP classes within 3 files seems to have solved it (and allows the autoloader to properly "see" the classes either way).

TL;DR

Fixes a problem where a class couldn't be found if it was running as a cron job (a scheduled task to delete a firewall)
  • Like
Reactions: Jay™ and thumped
Back
Top Bottom