Cloudflare optimizations for XenForo

[eva2000]

Cloudflare's load balancing service might make sense if you have servers in different physical data centers. To be honest though, their Load Balancing service always felt like it should be part of their free stuff. I don't use it myself (but I have multiple servers), instead I handle it on my end with a cron job that runs every 60 seconds and makes DNS changes as necessary if something is down (planned or unplanned). Although I've had exactly zero times ever that I had an unplanned outage where it got triggered.

Been using Cloudflare Load Balancer for non-forum site for years now ever since it was originally called CF Traffic Manager - only useful it you have multiple origin servers in geographically disperse locations. I am using load balancing across 16+ servers in 8+ cities for Geo-steered load balancing. Though for that site I'm migrating to Cloudflare Pages/Workers I also use Load Balancer in failover mode where the fallback is a serverless Cloudflare Worker standalone site as well and also with Cloudflare Tunneled sites.

But yes most Xenforo folks won't have more than one origin server i different country locations to take advantage of Load Balancing

 

[digitalpoint]

Ok, I'll just hold off on that. Do you use the image resizing service? I always compress (not too much though) my images in Photoshop before putting them on the site.

I'm not sure if I'd benefit from the image resizing. They say it is a "speed tip" to turn it on.

But I'm not sure that I need to. Are you using it? If so, did you see any difference?

I don't use the image resizing myself, but I also don't have any image-heavy sites. XenForo does a fairly good job at having multiple sizes of images and using the appropriate one. That's not saying the Cloudflare Images isn't good though. It would be something I'd consider if I had a site with more images. That being said, I'm planning on converting all my existing images to webp when XenForo 2.3 comes out (and possibly convert new incoming images to webp as well if XF doesn't do it already in 2.3). Just not in a hurry to get to webp because (as I said... haha), I don't have anything terribly image heavy.

would you mind sharing that script? I'm looking for something similar, specifically change A record in CloudFlare to a maintenance page/server

Well, it's really gross... It's been something I've been using for almost a decade now and it definitely wasn't coded with the intention of using it outside of my servers. It has leftover code from the old version of the Cloudflare API, hard-coded API keys and servers, etc, etc... but if you want to try to make it work for your setup, here ya go (this has no support or anything else, sorry...), it's definitely not how I would code it if I were making it today (hah):

#!/usr/local/bin/php
<?php
	define('API_TOKEN', 'YOUR_API_TOKEN');

	define("DOMAIN", 'YOUR_DOMAIN');
	define("DOMAIN_ID", 'YOUR_DOMAINID');

	$validServers = array(
		't1' => 'A-t1-p.yourdomain.com',
		't2' => 'A-t2-p.yourdomain.com',
		't3' => 'A-t3-p.yourdomain.com',
		't4' => 'A-t4-p.yourdomain.com',
		't5' => 'A-t5-p.yourdomain.com',
		't6' => 'A-t6-p.yourdomain.com',
		't7' => 'A-t7-p.yourdomain.com',
		't8' => 'A-t8-p.yourdomain.com',
	);


	function isSiteUp()
	{
		// bypass CloudFlare cache
		$ch = curl_init('https://www.yourdomain.com/robots.txt?' . time());

		$options = array(
			CURLOPT_RETURNTRANSFER => 1,
			CURLOPT_SSL_VERIFYHOST => 0,
		);

		curl_setopt_array($ch, $options);
		$results = curl_exec($ch);

		$info = curl_getinfo($ch);
		curl_close($ch);

		return (@$info['http_code'] == 200);
	}

	function getValidServer()
	{
		global $validServers, $dns;

		foreach ($validServers as $server)
		{
			// Don't count current server
			if ($dns['A-primarycname.yourdomain.com']['content'] == $dns[$server]['content'])
			{
				continue;
			}

			$ch = curl_init('https://' . $dns[$server]['content'] . '/robots.txt?' . time());

			$options = array(
				CURLOPT_RETURNTRANSFER => 1,
				CURLOPT_SSL_VERIFYHOST => 0,
				CURLOPT_SSL_VERIFYPEER => 0,
				CURLOPT_HTTPHEADER => array('Host: www.yourdomain.com'),
			);

			curl_setopt_array($ch, $options);
			$results = curl_exec($ch);

			$info = curl_getinfo($ch);
			curl_close($ch);

			if (@$info['http_code'])
			{
				return $server;
			}

		}
	}



    function _execute($endPoint, $fields, $method = 'GET')
    {
        //	$fields['tkn'] = $apiKey;
        //	$fields['email'] = $email;


        if ($method == 'GET' && $fields) {
            $endPoint .= '?' . http_build_query($fields);
        }


        $ch = curl_init('https://api.cloudflare.com/client/v4/' . $endPoint);

        if ($method == 'POST') {
            curl_setopt_array($ch, array(
                CURLOPT_POST => 1,
                CURLOPT_POSTFIELDS => json_encode($fields)
            ));
        }
        elseif ($method == 'PUT')
        {
			curl_setopt_array($ch, array(
				CURLOPT_CUSTOMREQUEST => $method,
				CURLOPT_POSTFIELDS => json_encode($fields)
			));
        }


        curl_setopt_array($ch, array(
            CURLOPT_RETURNTRANSFER => 1,
            CURLOPT_HTTPHEADER => [
                'Content-type: application/json',
   //             'X-Auth-Key:' . API_KEY,
   //             'X-Auth-Email: ' . EMAIL.
                'Authorization: Bearer ' . API_TOKEN

            ]
        ));

        $response = curl_exec($ch);
        curl_close($ch);

        return @json_decode($response, true);
    }


/*
	function _execute($fields)
	{
		$fields['tkn'] = API_KEY;
		$fields['email'] = EMAIL;

		$ch = curl_init('https://www.cloudflare.com/api_json.html');

		$options = array(
			CURLOPT_RETURNTRANSFER => 1,
			CURLOPT_POST => 1,
			CURLOPT_POSTFIELDS => $fields,
			CURLOPT_SSL_VERIFYHOST => 0,
		);


		curl_setopt_array($ch, $options);
		$results = curl_exec($ch);
		curl_close($ch);

		return json_decode($results);
	}
*/
	function getDns ()
	{
	    $json = _execute(
	            'zones/' . DOMAIN_ID . '/dns_records',
            [
                    'type' => 'A',
                    'per_page' => 100
            ]
        );

		$records = [];

	    if (!empty($json['result']))
        {
            foreach ($json['result'] as $record)
            {
				$records[$record['type'] . '-' . $record['name']] = $record;
            }
        }

        return $records;

	    print_r ($json);
	    exit;


		$json = _execute(array(
			'a' => 'rec_load_all',
			'z' => DOMAIN,
		));

		$records = array();

		if (!empty($json->response->recs->objs))
		{

			foreach ($json->response->recs->objs as $record)
			{
				$records[$record->type . '-' . $record->name] = $record;
			}
		}
		return $records;
	}

	function changeDns ($entry, $ip)
	{
		echo "\r\nswitching front-end web server to: " . $ip . "\r\n";

		$json = _execute('zones/' . DOMAIN_ID . '/dns_records/' . $entry['id'], array(
			'type' => $entry['type'],
			'name' => $entry['name'],
			'proxied' => $entry['proxied'],
			'content' => $ip,
		), 'PUT');

		print_r ($json);

		return;
	}



	$isSiteUp = isSiteUp();
	$omitSelf = false;

	if ($_SERVER['argv'][1] == 'omitself')
	{

		$hostname = trim(shell_exec('hostname'));

		$omitSelf = true;

		$dns = getDns();

		if ($dns['A-primarycname.yourdomain.com']['content'] != $dns[$validServers[$hostname]]['content'])
		{
			echo "This is not front-end web server...\r\n";
			exit;
		}

		unset($validServers[$hostname]);
	}

	if (!$isSiteUp || $omitSelf)
	{
		if (!$isSiteUp)
		{
			echo "Site Down...\r\n";
		}

		if (empty($dns))
		{
			$dns = getDns();
		}

		if (!$dns)
		{
			exit;
		}

		$validServer = getValidServer();

		if ($validServer)
		{
			changeDns($dns['A-primarycname.yourdomain.com'], $dns[$validServer]['content']);
			if ($omitSelf)
			{
				// Wait 10 seconds for Cloudflare to propagate change before shutting down Nginx
				sleep(10);
			}
		}
		else
		{
			echo "No Online Servers Found...\r\n";
		}

	}
	else
	{
		echo "Site Up...\r\n";
	}

 

[RaptureForums]

I don't use the image resizing myself, but I also don't have any image-heavy sites. XenForo does a fairly good job at having multiple sizes of images and using the appropriate one. That's not saying the Cloudflare Images isn't good though. It would be something I'd consider if I had a site with more images. That being said, I'm planning on converting all my existing images to webp when XenForo 2.3 comes out (and possibly convert new incoming images to webp as well if XF doesn't do it already in 2.3). Just not in a hurry to get to webp because (as I said... haha), I don't have anything terribly image heavy.

Thank you for your reply. I appreciate your time.

I've been looking around and it appears that I have have the "Polish" setting turned on that provides the lossless and Webp image file or my site.

I do see they have a Cloudflare images service that appears to keep a copy of the images closer to users. I'm guessing that may reduce load times?

I'm guessing mine are being served from my dedicated server and then sent out to where the visitor is. Do you think a service like the Cloudflare images storing the images at an edge location would result in faster load times? I wonder if I would even see much of a difference since I'm using Polish?

This is the link to the 3 options for images at Cloudflare: https://developers.cloudflare.com/images/

I think it says that if you use image resizing service that it does the same thing and more as the Polish service so you don't need both. But I'm just wondering if storing the images at Cloudflare locations around the world would make much difference and worth the $5? I guess I could try for a month and see. But I thought I'd ask here.

I looked in my media area and I have almost 8,300 images on the site.

 

[digitalpoint]

Well if you are just after images being stored at the network edge, it’s probably already happening. Check the http headers of your images… if you see the Cloudflare cache header with a value of “HIT”, that request was served from the network edge already. You can tune how it’s being done, but by default Cloudflare will do CDN caching of static content.

 

[RaptureForums]

Well if you are just after images being stored at the network edge, it’s probably already happening. Check the http headers of your images… if you see the Cloudflare cache header with a value of “HIT”, that request was served from the network edge already. You can tune how it’s being done, but by default Cloudflare will do CDN caching of static content.

Ok, thank you for that info. I'll probably hold off then.

I just checked the http headers for my header image with KeyCDN's tool:

cf-cache-status: HIT

I'll just hold off on CF images for now. Thank you for the help.

 

[RaptureForums]

This is technically over my head here, but wanted to ask what others are doing with the following two settings on Cloudflare?

Under the "Network" setting there are 2 settings that are currently "off" at this time for me. Does anyone have them enabled?

1.) gRPC
Allow gRPC connections to your origin server. Learn more.
gRPC is a protocol designed to build high-performance APIs. Toggling gRPC allows you to orange-cloud API endpoints and allow gRPC traffic to flow through Cloudflare.

and...

2.) Pseudo IPv4
Adds an IPv4 header to requests when a client is using IPv6, but the server only supports IPv4.

Would you enable them or not? I don't use any APIs for any thing I've made on my site, but wasn't sure if any XF add-ons, Wordpress plugins, etc. type of things might benefit from the first one being enabled?

Thank you.

 

[digitalpoint]

I have both off myself, but it’s going to depend on your server/needs really.

 

[RaptureForums]

I have both off myself, but it’s going to depend on your server/needs really.

Ok, thank you for that info. I'll leave them off then. I appreciate your help.

 

[RaptureForums]

I just looked in my Cloudflare admin area in the "Caching" section and see my Browser Cache TTL is set to 4 hours. What are you folks using for time-wise for that setting?

I think that I noticed that OP said when setting a page rule to set that to something long. Is that right? There are options for hours, days, months, a year. What is a good time to put in for the Browser cache TTL and Edge Cache TTL when creating the first page rule that you talked about @digitalpoint ?

I'd like to try to speed up my forums as they are not as fast as my Wordpress install.

Thank you again for your help.

ETA: I found this after creating this post. It looks like in the Cloudflare add-on image that the Browser Cache TTL is set at 12 months and the the Edge Cache TTL is set at 31 days. Is that what you are still using?

Sorry for missing that earlier.

 

[digitalpoint]

I just looked in my Cloudflare admin area in the "Caching" section and see my Browser Cache TTL is set to 4 hours. What are you folks using for time-wise for that setting?

I think that I noticed that OP said when setting a page rule to set that to something long. Is that right? There are options for hours, days, months, a year. What is a good time to put in for the Browser cache TTL and Edge Cache TTL when creating the first page rule that you talked about @digitalpoint ?

I'd like to try to speed up my forums as they are not as fast as my Wordpress install.

Thank you again for your help.

ETA: I found this after creating this post. It looks like in the Cloudflare add-on image that the Browser Cache TTL is set at 12 months and the the Edge Cache TTL is set at 31 days. Is that what you are still using?

Sorry for missing that earlier.

Yep, still using that. XenForo has a built in cache breaking system so things like CSS, avatars, etc get a different URL when they are changed. So for end users things update instantly regardless of long cache settings.

 

[RaptureForums]

Yep, still using that. XenForo has a built in cache breaking system so things like CSS, avatars, etc get a different URL when they are changed. So for end users things update instantly regardless of long cache settings.

Ok, thank you. On the Cloudflare add-on image, what is rlqry.com part? Is that a service or something that Xenforo uses or is that supposed to be changed to my Xenforo install on my site? I apologize if that is a dumb question.

Also, am I supposed to have the * mark at the beginning and end of the URL you have on your image for the two rules? I am thinking I am, but wanted to double check to make sure.

Thank you.

 

[digitalpoint]

rlqry.com is one of my sites. Not really sure what you are trying to do or what your site is or how you have it setup, so can really tell you how to set something up specific to your site.

 

[RaptureForums]

rlqry.com is one of my sites. Not really sure what you are trying to do or what your site is or how you have it setup, so can really tell you how to set something up specific to your site.

I was thinking the image you used for your page rules that were attached to the Cloudflare add-on OP was what you were advising Xenforo users to set those 2 page rules in order to speed up or improve processing while using Cloudflare?

I thought using those two rules might improve Xenforo performance in loading times and processing of pages? At least that is what I got from reading your optimization guide as well a a couple of other ones on the Internet.

I'm sorry if I misunderstood that. As I mentioned, I'm just trying to improve my forums load time to get closer in loading time of my Wordpress site which GTMetrix says is faster than my forums area. That's all.

 

[digitalpoint]

Well you are talking about two different things. If you use the addon, it can do stuff for you. But probably best to not try to do things on your own based on screenshots of an addon if you aren’t using the addon.

 

[RaptureForums]

Oh no, I'm not using the add-on. I just found that screen shot of your settings for the Browser and Edge Cache TTL in the page rules image after I posed the questions. I think I kind of stumbled across maybe the answer to my questions when I saw the page rules image, which you then confirmed by saying you were still using those times on your page rules.

I had just gone to the Cloudflare add-on thread again to look around after posting my question.

I see a place in the Cloudflare admin area on my personal account for the Browser Cache TTL setting that I can change and I have now set it to 12 months, but not one for the Edge Cache TTL. It appears that they only ask for that maybe in the page rules if I am seeing that correct?

Anyway, I don't have any page rules set in my Cloudflare account backend on their site at the moment. I thought I'd try your page rules you used in the Cloudflare add on thread to see if I noticed any slight improvement on my site since I thought the two page rules you showed there were what you were recommending for Xenforo forum owners to use? Maybe I misunderstood that. My apologies if I did. It is kind of late and I am getting very tired. LOL.

 

[RaptureForums]

I've been testing late last night and this morning to see a good improvement in my forums homepage loading anywhere from 300-400ms faster due the changes in Cloudflare settings yesterday. GTMetrix is showing the forums homepage loading in 946ms.

My best times before that was about 1.2 seconds.

This is the first time ever that I can recall my forums homepage is loading under 1.0 seconds. Thank you for the help!

 

[sbj]

Is there a way to turn this thread into a RM instance while keeping this thread attached to it @Brogan ? Thanks.

@Brogan?

 

[digitalpoint]

Eventually the original post will just be out of date anyway. Like you don’t need to use Page Rules anymore because now Cloudflare has Cache Rules. A few other things too… but whatever, it was accurate when I wrote it.

 

[RaptureForums]

Eventually the original post will just be out of date anyway. Like you don’t need to use Page Rules anymore because now Cloudflare has Cache Rules. A few other things too… but whatever, it was accurate when I wrote it.

And thank you for writing it. We all learn from each other. :thumbsup

If there is a downside to technology sometimes, it is because things get outdated or they may have a steep learning curve. I remember spending good money for those old Iomega Zip drives to store things on. Things like that used to be so cool to have sitting on the desk, but with cloud storage, etc. you don't really need those things today unless you just want another copy right next to you. Sometimes the software is outdated and something better comes along to takes its place. The same with hardware, too. It is what it is.

Thank you for you time on this forum sharing what you know. It is appreciated.

 

[PumpinIron]

Are there certain bots I should be blocking manually or is this something that Cloudflare does by default (blocking bad bots)?