[DigitalPoint] App for Cloudflare®

[DigitalPoint] App for Cloudflare® 1.8.2

No permission to download
If you are talking about the thing where a cached page would be returned on a browser restart even if the user was logged in, I did end up figuring out a workaround that's part of the next version.
Was this indeed fixed in the latest version? I'm on 1.5.5.2 using 2.1.2 and still receive the "active user has changed" message, even after refreshing the page. After upgrading to 1.5.5.2, I did clean out the cache in both the browser and cloudflare. When using Chrome, I log in, then log out and refresh the page, it shows the active user has changed error. Unable to log in unless I clear the browser cache again...
 
Was this indeed fixed in the latest version? I'm on 1.5.5.2 using 2.1.2 and still receive the "active user has changed" message, even after refreshing the page. After upgrading to 1.5.5.2, I did clean out the cache in both the browser and cloudflare. When using Chrome, I log in, then log out and refresh the page, it shows the active user has changed error. Unable to log in unless I clear the browser cache again...
Yes, but you will want to disable the guest page cache, then go to XF Admin -> Setup -> Rules. If the Cache XenForo guest pages rule is still there, delete it. Then reenable the guest page caching option to have the rule recreated. The change wasn't just in the code, there was also necessary changes to the page rule on Cloudflare's side. So you probably are using the new code but with the old cache rule at this point.
 
Hi get this Error log

View attachment 280605

as tried to diable the Early Hints opion

View attachment 280606

also get the same issue with some other otptions if I try to disbale them. For example:

View attachment 280609
I was able to figure out what was going on with Crawler Hints and fix it, but I never was able to replicate it for Early Hints.

Crawler Hints isn't "officially" supported by their API (you can tell which options aren't because in the normal Cloudflare dashboard, that option is missing the API documentation link):

Screenshot 2023-01-27 at 9.28.41 AM.webp

That being said, even though it's not officially supported via API, we are doing it anyway. And it looks like they've changed a couple things with the undocumented API call... the format itself changed (caused the error you saw), but they also they put it behind a new permission, so even with the formatting fixed, people are going to have to add an additional permission to their API token (Zone.Zone: Edit) to edit that setting.

I guess that's why it's "beta" and also not available officially to the API (they might change it still).

So while I've fixed the Crawler Hints thing on my end, I was never able to replicate the issue for Early Hints.
 
Yes, but you will want to disable the guest page cache, then go to XF Admin -> Setup -> Rules. If the Cache XenForo guest pages rule is still there, delete it. Then reenable the guest page caching option to have the rule recreated. The change wasn't just in the code, there was also necessary changes to the page rule on Cloudflare's side. So you probably are using the new code but with the old cache rule at this point.
Thanks. There were actually 2 rules for guest page caching. One with xf_session and one with xf_user.
 
Yep, did that. Disabled it, then deleted the guest caching rules, then reenabled guest caching, it created one guest caching xf_session rule. Working fine now :)
 
1st ❓
From your addon, I got this:
1674886353388.png

From the CF dashboard, I only got this:
1674886379381.png

Where can I toggle those zero round trip on the CF dashboard?


2nd❓
From the cache-control header, can we have max-age of 120 seconds if guest caching is enabled?
So we can also enable "Automatic Signed Exchanges (SXGs)".

cache-control: max-age=120,s-maxage=<custom by user>
Content needs to be cached in intervals of 120 seconds or longer, as Google checks this setting to generate an SXG. To ensure that content is cached every two minutes or more, go to the Cloudflare dashboard > Caching > Configuration > Browser Cache TTL and check the length of time Cloudflare instructs a browser to cache files.


3rd❓
Where exactly can I configure "Bot Fight Mode" from the addons option on the CF dashboard?
In the XF admin options, mine are set to off after I install the addon, but on the CF dashboard, I have these settings.

1674888486672.png


4th❓
From this addon's options, I got "Web Application Firewall" set to off after the addon's installation.
But where exactly on the CF dashboard can I configure it?
This one?

1674888755278.png
 
Last edited:
1. I don’t think you can in dashboard any longer. API only. You used to be able to, but I’m guessing they now just push zero round trip on everyone because there’s no reason not to. Turning it on without zero round trip is most likely just a legacy thing since you used to be able to in their dashboard but not anymore.

2. Not by default no. Causes problems for users with guest caching enabled. Specifically when logging in/out it can take multiple attempts. If you want to work it that way, you can use Transform Rules in Cloudflare to override response headed if you’d like. But not something I’m going to do by default when it causes issues.

3. They take away the setting for Bot Fight Mode toggle if your account has Super Bot Fight Mode available.

4. Cloudflare does not make all options available to everyone via their UI. Would need to open a ticket with them to ask them why they do that because I have no clue.
 
  • Like
Reactions: rdn
Can one of you go into the DigitalPoint/Cloudflare/Repository/Cloudflare.php file and change this:

PHP:
$api->setSettings($zoneId, 'enabled' => false], 'settings/nel');

To this:

PHP:
$api->setSettings($zoneId, ['value' => ['enabled' => false]], 'settings/nel');

And then check if easy config works properly for you? It looks like for some reason the setting parameters for Network error logging might have changed slightly.
 
digitalpoint updated [DigitalPoint] App for Cloudflare® with a new update entry:

API updates and other things

IMPORTANT for existing users: A change to Crawler Hint API calls requires a new API permission to be able to set it. You can go to your Cloudflare API Tokens, edit the token you have and add the following permissions:
  • Zone.Zone: Edit
You should have a total of 15 permissions for your API token at this point. If you don't have 15, you can check what you...

Read the rest of this update entry...
 
Doesn't matter... new version has the change applied. I just wanted to make sure it worked for you before I rolled it out (1.5.6 has the change included).
 
For R2 storage, /internal_data/image_cache/ (I think the image proxy is stored in that folder) isn't supported?
 
Not an issue with your excellent add on, but perhaps you know the solution.

For the PWA, I'm getting an error and it's not allowing my PWA to setup. Even though that is perfectly fine in the ACP.
What happens is that in the <head> tag of the code, there is a reference to /webmanifest.php which sets out some supplementary info about the application that the browser needs in order to handle the PWA stuff - it's where the PWA name, logo etc. ends up.
Trouble is, every time it's called in the background, it's stopped by the CloudFlare 'checking your connection is secure' page which is treated as an error by the browser.

I've added a page rule with cache level bypass. Purged cache, but no luck so far.


Edit: In case anyone has the same problem with PWA and webmanifest. I solved it. Added {url}/webmanifest.* with Cache Level Bypass to Page Rules. Then went to {url}/webmanifest.json in the browser, and it installed the app. And shows up from now of on. So, it was probably a cache problem.
 
Last edited:
For R2 storage, /internal_data/image_cache/ (I think the image proxy is stored in that folder) isn't supported?
Correct. It’s intentional, although if you really want to store those files in R2, you can via config.php edit. Probably not the best idea though… it can be a ton of writes for short-lived files. It also makes your cache remote so will slow it down (imagine if your browser’s cache was on remote servers and how that would affect cache performance).

Not an issue with your excellent add on, but perhaps you know the solution.

For the PWA, I'm getting an error and it's not allowing my PWA to setup. Even though that is perfectly fine in the ACP.
What happens is that in the <head> tag of the code, there is a reference to /webmanifest.php which sets out some supplementary info about the application that the browser needs in order to handle the PWA stuff - it's where the PWA name, logo etc. ends up.
Trouble is, every time it's called in the background, it's stopped by the CloudFlare 'checking your connection is secure' page which is treated as an error by the browser.

I've added a page rule with cache level bypass. Purged cache, but no luck so far.


Edit: In case anyone has the same problem with PWA and webmanifest. I solved it. Added {url}/webmanifest.* with Cache Level Bypass to Page Rules. Then went to {url}/webmanifest.json in the browser, and it installed the app. And shows up from now of on. So, it was probably a cache problem.
It’s more likely your Security Level with your zone. If you have it set to anything other than “Essentially off” without a specific reason, it’s probably set wrong. The higher the security level, the more problems you are causing for users (including yourself). You are effectively injecting captchas all over the place, including http requests that the user doesn’t see, so they can’t solve the captchas (basically what you saw there),
 
Top Bottom