[DigitalPoint] App for Cloudflare®

[DigitalPoint] App for Cloudflare® 1.8.2

No permission to download
Overview FAQ Updates (51) Reviews (19) History Discussion
hiya, great add on (y)

I was upating the .htaccess code to allow as a CSP so as to avoid any blocking issues
<IfModule mod_headers.c> Header always set X-Content-Type-Options "nosniff" Header always set X-Frame-Options "SAMEORIGIN" Header always set X-Xss-Protection "1; mode=block" # Updated Content-Security-Policy (CSP) to allow Cloudflare Insights and jsDelivr scripts Header always set Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline'; img-src 'self' data:;" # Referrer-Policy Header always set Referrer-Policy "no-referrer" # Relaxed Permissions-Policy Header always set Permissions-Policy "geolocation=(), midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(self), payment=();"</IfModule>
Click to expand...

except the net result is all of the post times show up as "later_today_at_x"
any suggesting on what to do in order to enable CSP ?
 
Automotive101 said:
hiya, great add on (y)

I was upating the .htaccess code to allow as a CSP so as to avoid any blocking issues


except the net result is all of the post times show up as "later_today_at_x"
any suggesting on what to do in order to enable CSP ?
Click to expand...
Is it any different without the addon? Can’t think of any reason whatsoever that the addon would cause post times to be removed.
 
Is there any way to get presigned urls working with a subdomain?

I'd like to make the switch, but also keep Google image search working, meaning I need them to show up under my own domain.
 
Automotive101 said:
question @digitalpoint
What is your assessment of using the Tiered Cache option through CF
any benefit or not ?
Click to expand...
Enable it, there is no downside.

benFF said:
Is there any way to get presigned urls working with a subdomain?

I'd like to make the switch, but also keep Google image search working, meaning I need them to show up under my own domain.
Click to expand...
There is no way to enable presigned URLs on your own domain (the S3 API isn’t enabled on public domains). Even if you could, what you want to do wouldn’t work because the whole point of presigned URLs is you are “presigning” the request for a certain period of time. Meaning the URL wouldn’t work after 30 seconds, so getting presigned URLs indexed by Google wouldn’t be a great idea.
 
digitalpoint said:
Even if you could, what you want to do wouldn’t work because the whole point of presigned URLs is you are “presigning” the request for a certain period of time. Meaning the URL wouldn’t work after 30 seconds, so getting presigned URLs indexed by Google wouldn’t be a great idea.
Click to expand...
Doh, of course 😵
 
benFF said:
Doh, of course 😵
Click to expand...
Also, presigned URLs are only used for attachments (which are behind XenForo's permission system). If your setup allows attachments to be viewed by all users (more specifically, guests, which is what Google would spider as), you can add a cache rule to edge cache media attachments:

1701274996026.webp

Then requests for it can be served from the closest Cloudflare data center rather than your origin server (the main downside is since it doesn't hit your server, it wouldn't do user permission checking to see if they are allowed to view it).
 
It will error on the side of caution when deleting a rule and it won’t delete it if it’s been changed. Maybe someone changed the rule or maybe the hostname for site of different. It’s safe to delete it manually if there’s nothing in there you added manually you want to keep.
 
digitalpoint said:
It will error on the side of caution when deleting a rule and it won’t delete it if it’s been changed. Maybe someone changed the rule or maybe the hostname for site of different. It’s safe to delete it manually if there’s nothing in there you added manually you want to keep.
Click to expand...
There are no server errors. Can you let me know about the hostname? Where is it checked or defined?
 
It wouldn’t make an error log. It looks at your existing cache rules and deletes one if it matches what it would be if it were to set it up now. So if you changed the rule at all in Cloudflare dashboard, it won’t match any longer (and won’t delete it).
 
digitalpoint said:
It wouldn’t make an error log. It looks at your existing cache rules and deletes one if it matches what it would be if it were to set it up now. So if you changed the rule at all in Cloudflare dashboard, it won’t match any longer (and won’t delete it).
Click to expand...
The rule was never modified, that's why it's weird it wasn't disabled or removed by the addon
 
Ivancas said:
The rule was never modified, that's why it's weird it wasn't disabled or removed by the addon
Click to expand...
Not sure… if the hostname changed, that could have been it too (like if you added the rule in a dev setup or something). 🤷🏻‍♂️

FWIW, I just tested it and it deletes, adds, deletes again as expected when disabling, enabling, disabling again. So I would bet money that somewhere, somehow that cache rule was edited. Once the rule isn't exactly what is expected, it will ignore it as far as deletion goes because it doesn't want to mess with something someone intentionally edited.

Either way, it's safe to manually delete if you don't need it.
 
Last edited:
So after over a year and a half, do you still think R2 is a good thing to go for hosting all attachments/images?

Any downside for using it?
 
digitalpoint said:
Yep.


Not really. The $0.015 cost per GB I guess?
Click to expand...

While I understand all images/attachments added by users are being stored in R2 in the future, what about those images used for styling the forum, such as node images which were stored in /data/assets/node-images/, should I also move these images to R2 and change all links referring to these files in extra.less or I just leave it as it is?

Also what about avatar images? While user uploaded avatars can make use of the R2 storage, but there's an add-on 'Avatar Gallery' that recognize all icons I uploaded in /data/gallery_avatars/ folder and have them displayed for users to choose. It also also categorization of the avatar by various sub-folders, e.g. /data/gallery_avatars/man and /data/gallery_avatars/woman .

Should I upload them all to R2 and change the URL of images in the templates of this add-on? (not sure whether it works)

These are just two examples that I can think of.

I'm now actually starting everything from a new server. So it might be a good thing for this. But still I need a good planning.
 
A few more questions:

1) When users are to upload images/attachments to my forum, they're still using my server's bandwidth, right? So I need to limit the Maximum attachment file size for saving bandwidth and (maybe) my servers memory, right? And this will be the only reason I set size limit to uploading files?

2) Once uploaded, the images/attachments are stored in CF's R2 (by the magic behind), so visitors loading those files later won't have any impact to my server's loading, because they're not using my server's bandwidth, processing power nor memory, right?

3) Will files/images stored in R2 load slower than before when they were stored in my server because they're physically closer to users?

4) Currently I'm using @truonglv 's Image Optimizer which does a great job in compressing images. After using R2, do I still need such kind of add-on? I guess no?

Thanks.
 
You must log in or register to reply here.

Similar threads

N
[DigitalPoint] App for Cloudflare® - FRENCH translation
Replies
8
Views
851
Ozzy47
Ozzy47
digitalpoint
App for Cloudflare (appforcf.com)
Replies
12
Views
1K
securedme
securedme
Top Bottom