1. N

    CloudFlare Page Rules

    For xf 2.x, what are the three must-have default Cloudflare Page Rules that everyone should be using? Odd that there's no real definitive guide on this (that I can find anyway).
  2. Anomandaris

    Tutorial - Enable Cloudflare Under Attack Mode Automatically

    I made this script as a proof of concept to learn and practice bash scripting, it came out pretty good and I'm using it on a couple sites including my Xenforo board. I hope this will be useful to some of you. In the video I explain to you how it works and show you how to code it. Get...
  3. N

    Cloudflare Firewall Rule: Ban Country Codes from Registration

    Quickly add a Cloudflare Firewall Rule to block registration from specified countries. Go to Cloudflare > Firewall > Firewall Rules > Create a firewall rule Look for small text link as you scroll down to Edit expression Paste the following rule, making sure to edit the registration URLs to be...
  4. Agentos

    Cloudflare detect ip problem

    I have a problem with ip addresses on the page. Cloudflare IP appears on the IP address, but not on everyone. I had to ban several users and a problem arose because they had an IP cloude assigned. I used this code and pasted into config.php, but it doesn't work. if...
  5. JulianD

    Chunked Uploads - XF2 1.0.2

    This addon enables "chunked uploads" in XenForo and allows you to set a virtually higher maximum upload limit up to 128GB regardless of your server configuration. Features Option to define the chunk size of each upload. This value cannot be higher than the maximum upload file size reported by...
  6. I

    XF 2.1 Not remembering two-step verification sessions

    Hello, I have Cloudflare setup with my XenForo forum, with these settings enabled: AutoMinify: HTML, CSS, Javascript Rocket Loader: Enabled Browser Cache TTL: 30 minutes Security Level: Low Cache Level: Ignore Query String When a user logs in, and passes the two-step verification process (and...
  7. DeltaHF

    Fixed Image Proxy's broken image placeholders should include "no-cache" Cache Control HTTP headers

    When a broken image is posted and processed by the XenForo image proxy, a "missing-image.png" file is shown in its place. This "missing-image.png" is not served with the optimal Cache-Control HTTP headers. For visitors using proxy servers (or website owners using caching services like...
  8. Alpha1

    Board Offline Status code causes sites on CloudFlare to go down and become unreachable

    I'm not sure if this is a issue or a suggestion. When you turn off your site and upgrade XenForo then it will return a 5.xx status code. If you run CloudFlare then this will go into a spasm over that status code, as it considers your server unreachable. The CF admin panel fills up with all...
  9. Alpha1

    Legit Members getting blocked by CloudFlare on /preview /edit-save /save-draft

    Since switching to CloudFlare I have been getting feedback from ranking members that they get infinite captchas on the following pages: /edit-save /preview /save-draft When looking in the cloudflare admin panel I see that the above pages trigger about 30 rules. What makes the issue more...
  10. Alpha1

    Lack of interest Display CloudFlare blocked members in admincp log

    Many websites are using CloudFlare. Even Unfortunately CloudFlare does not offer firewal rules for XenForo. (It does for WordPress) This means that CloudFlare blocks legitimate users without admins being aware of it. The CF log just displays a long list of blocked users. Checking...
  11. Alpha1

    Lack of interest CloudFlare user & usergroup whitelisting

    CloudFlare is used by many xenforo sites including CloudFlare analyses user behavious and blocks suspect behavior or throws up Captcha. Unfortunately CloudFlare does not have a XenForo module like it has for WordPress. It makes no distinction between members and guests. Nor between...
  12. Foxum

    XF 2.0 Email being sent from server Xenforo is hosted on which is leaking IP

    I have two separate IPs hosted by digital ocean, I read I needed two servers with web servers to take advantage of cloudflare otherwise its impossible to hide your IP by hosting mail on the same server its sending from. I am running VestaCP on both servers and have disabled the mail function all...
  13. I

    How to configure Cloudflare's flexible SSL with XenForo

    Hello, I'm using XenForo version 1.5.11 and I was wondering if there's a guide on how to configure CloudFlare's flexible SSL ceterificate with my forum? I'd like it all HTTPS and with a green URL bar. I'm unsure where to even start :/ Many thanks, Gee
  14. jOOc

    CloudBleed HTTPS traffic leak

    Between 2016-09-22 - 2017-02-18 passwords, private messages, API keys, and other sensitive data were leaked by Cloudflare to random requesters. Data was cached by search engines, and may have been collected by random adversaries over the past few months...
  15. Codeless

    XF 1.5 How to hide IP in notification email headers etc?

    Hi, I'm getting DDOSSED to the hilt. Now using CloudFlare and have a new IP for the forums. It appears the IP can be revealed still as it's in the email headers. How can I mask this or prevent this from happening? As at the moment I have had to disable all email features including email to...
  16. WoodiE

    What three cloudflare page rules to use?

    It seems CloudFlare only allows three page rules on free accounts. For someone wanting to setup a Xenforo site to use CloudFlare, what rules would you create? Thanks!
  17. D

    XF 1.4 Having problems with https

    Can be closed :)
  18. Amin Sabet

    XF 1.5 Cloudflare SSL issues

    I just changed over all 6 of my XenForo forums to https. I am using the XenForo link proxy and the @digitalpoint image proxy. I have a valid GeoTrust Rapid SSL certificate on my server for each one of the sites, and all showed the green lock in Chrome prior to setting up CloudFlare. Yesterday...
  19. SneakyDave

    [SolidMean] CloudFlare Detect 1.1.1

    If this addon is useful to you, please consider donating any amount. I've re-released this addon with help from a suggestion by @Liam W. If you are using CloudFlare, and do not already have a means to extract the correct IP address from a visitor, normally done at the web server level, you may...