[DigitalPoint] App for Cloudflare®

[DigitalPoint] App for Cloudflare® 1.8.2

No permission to download
Overview FAQ Updates (51) Reviews (18) History Discussion
digitalpoint said:
The full image is not stored in your local filesystem (ever). I think that’s what you’re asking?
Click to expand...
Right, so XenForo is fetching the full attachment from R2 just to display it to the user depending on the permission. What does XF do with that cache/ temporary image? The attachment itself is loaded from https://domain.com/attachments so that means the attachment is being stored in XF (at least temporary).
Is my explanation what really happens?
 
Sort of... XenForo uses an abstract filesystem for data and internal_data. Data is intended to be public (things like avatars and attachment previews are direct requests for the public URL. Things in internal_data are intended to be private (not publicly accessible... things like full attachments) so that the application can do permission checks and choose to serve (or not) the content based on those permissions. All of that is generally how XenForo works (with or without R2).

By default, XenForo uses a local file system adapter for the abstracted file system (it never reads or writes directly to the folders, rather it reads and writes to the local filesystem adapter for the abstracted file system). That's why you can just plug in alternate filesystems fairly easily.

Hopefully that makes it a little more clear how the underpinnings of XenForo work. And to answer your question about where a private (internal_data) file is stored when it's read from an abstracted file system, it's not stored anywhere other than in server memory for that single request. There is no cache or temporary image created... if you were just caching everything locally, it would more or less defeat the purpose of offloading to R2.

As far as publicly accessible areas (things in the data directory), they become publicly accessible on a sub-domain so that R2/Cloudflare can serve them directly.

For example, the avatar for a user on iolabs.io (if you were using the default local filesystem adapter) would be:


With R2 it's this:


data.iolabs.io isn't on my server, it's simply handled by Cloudflare directly.
 
digitalpoint said:
Sort of... XenForo uses an abstract filesystem for data and internal_data. Data is intended to be public (things like avatars and attachment previews are direct requests for the public URL. Things in internal_data are intended to be private (not publicly accessible... things like full attachments) so that the application can do permission checks and choose to serve (or not) the content based on those permissions. All of that is generally how XenForo works (with or without R2).

By default, XenForo uses a local file system adapter for the abstracted file system (it never reads or writes directly to the folders, rather it reads and writes to the local filesystem adapter for the abstracted file system). That's why you can just plug in alternate filesystems fairly easily.

Hopefully that makes it a little more clear how the underpinnings of XenForo work. And to answer your question about where a private (internal_data) file is stored when it's read from an abstracted file system, it's not stored anywhere other than in server memory for that single request. There is no cache or temporary image created... if you were just caching everything locally, it would more or less defeat the purpose of offloading to R2.

As far as publicly accessible areas (things in the data directory), they become publicly accessible on a sub-domain so that R2/Cloudflare can serve them directly.

For example, the avatar for a user on iolabs.io (if you were using the default local filesystem adapter) would be:


With R2 it's this:


data.iolabs.io isn't on my server, it's simply handled by Cloudflare directly.
Click to expand...
Thanks so much for your explanation!
 
ivp said:
1) Admins without "Manage Cloudflare" privilege see "You do not have permission to view this page or perform this action" dialog on /admin.php.

2) It would be nice to have an option to disable "Cloudflare statistics" block completely.
Click to expand...
The changes I made have two parts... first of all, viewing the statistics no longer requires the admin permission for Manage Cloudflare (there is no management or settings able to be changed there). Additionally, to view that block, it's using the View statistics admin permission, and if the user doesn't have that permission, the block isn't shown (and doesn't try to make the AJAX request to get the data since we already know it will fail with lack of permissions).

As far as making a setting to disable it across the board, not sure I really want to start going down the road of making things so granular (you would eventually end up with 1,000 settings for random things like that). So if you don't want your admins to see statistics-related blocks, the best thing to do will be to not give them access to "View statistics", but if you want them to view statistics, just not Cloudflare statistics, you could disable the index admin template modification that Cloudflare is doing (the only thing that template modification does is add that block).
 
Is there any specific instructions if I want to revert changes? Disabling this addon and restoring the files (if they were deleted) will be everything needed?
 
Well if you are worried about R2 for storing files, you definitely don’t need to use that part (it’s off by default). That being said, the rclone utility should let you move files to R2 but it would also let you move files from R2. Play around with it and make sure you can move files back before you try it out for real.
 
digitalpoint said:
As far as making a setting to disable it across the board, not sure I really want to start going down the road of making things so granular (you would eventually end up with 1,000 settings for random things like that). So if you don't want your admins to see statistics-related blocks, the best thing to do will be to not give them access to "View statistics", but if you want them to view statistics, just not Cloudflare statistics, you could disable the index admin template modification that Cloudflare is doing (the only thing that template modification does is add that block).
Click to expand...

Wanted to disable it completely for all admins, since seeing cumulative stats for all subdomains does not make much sense for our use case. I guess we are not the only one having separate subdomain for forum.

Proposed solution to enter development mode and disable template modification seems like a hack. Is it necessary to do this for every version upgrade?
 
Hello, I get the following error when logging into the admin panel, what is it? No data is shown in the graphs.

1681480688997.webp
 
Myck said:
Hello, I get the following error when logging into the admin panel, what is it? No data is shown in the graphs.

View attachment 284597
Click to expand...
Is that something that is happening on a consistent basis? In theory that shouldn't be possible, as it would mean your zone has a certain amount of traffic that is being served from the edge, but that the total amount of traffic (including the traffic served from the edge is zero).

I'm going to add a sanity check in there in case Cloudflare's reporting system is giving impossible numbers like that.
 
ivp said:
Wanted to disable it completely for all admins, since seeing cumulative stats for all subdomains does not make much sense for our use case. I guess we are not the only one having separate subdomain for forum.

Proposed solution to enter development mode and disable template modification seems like a hack. Is it necessary to do this for every version upgrade?
Click to expand...
I guess it's a good use case for XenForo's "advanced options" system. I added a toggle option for next version.

That being said, I'd think the info would still be useful regardless of sub-domain situation though. The underlying numbers are never that useful (who cares about how many bytes were transferred in a certain hour window?), but what is useful is seeing something like a huge relative change in the charts (huge spike or drop in something might be worth looking into).
 
  • Like
Reactions: ivp
digitalpoint said:
Is that something that is happening on a consistent basis? In theory that shouldn't be possible, as it would mean your zone has a certain amount of traffic that is being served from the edge, but that the total amount of traffic (including the traffic served from the edge is zero).

I'm going to add a sanity check in there in case Cloudflare's reporting system is giving impossible numbers like that.
Click to expand...
It occurs constantly every time I refresh the /admin.php page, I don't get it, I haven't made any changes to the settings.
 
What does it look like if you view the charts in Cloudflare's dashboard (you can get to them with the Cloudflare button in the header of that block)?
 
digitalpoint said:
What does it look like if you view the charts in Cloudflare's dashboard (you can get to them with the Cloudflare button in the header of that block)?
Click to expand...

From CloudFlare if I can see the graphics, it should be noted that it is a forum that I am installing from scratch and it is about 15 days after I created it, I have it disabled and only one user, the administrator.

1681493579607.png

1681493540222.png
 
Myck said:
From CloudFlare if I can see the graphics, it should be noted that it is a forum that I am installing from scratch and it is about 15 days after I created it, I have it disabled and only one user, the administrator.

View attachment 284619

View attachment 284618
Click to expand...
Ya, I was looking a little closer at the code, I can see where the issue might be... if there was a full hour of zero requests. The change in the upcoming version should fix (ignore) that scenario.
 
bzcomputers said:
Cloudflare added a Beta for DMARK Management at the end of last month. I've found it very useful in keeping track of DMARC Pass / Fail counts.

Previously, I found keeping track of rua DMARK emails a pain since they were in XML format and there wasn't an easy way to process them daily and keep statistics. Cloudflare has just fixed this with their new DMARK Management Beta.

I think DMARK statistics would be a good option to add to the existing Cloudflare statistics displayed with the Cloudflare App.
Click to expand...
So I didn't particularly want to completely rebuild what Cloudflare already has, so it's not a full-blown interface for DMARC management, but I did incorporate what seems to be the most important part (the table of unapproved DMARC sources). The chart is nice fluff, but it doesn't really do a whole lot for you as far as as tracking things down. Maybe I'll revisit it when it's out of beta, but for now the addon will give you unapproved DMARC sources for the last 14 days (for whatever reason, Cloudflare's reporting engine seems to get inaccurate if you go with 30 days (looks like they are sampling the data rather than using the exact data on the 30 day report). And if someone wants more than that, there's a deep link direct into your dashboard to get at the other stuff.
 
You must log in or register to reply here.

Similar threads

N
[DigitalPoint] App for Cloudflare® - FRENCH translation
Replies
8
Views
822
Ozzy47
Ozzy47
digitalpoint
App for Cloudflare (appforcf.com)
Replies
12
Views
1K
securedme
securedme
Top Bottom