[DigitalPoint] App for Cloudflare®

[DigitalPoint] App for Cloudflare® 1.8.8

No permission to download
Overview FAQ Updates (57) Reviews (21) History Discussion
MySiteGuy said:
Did Cloudflare resolve their HTTP/2 to origin bug that can cause 520 errors?
xenforo.com

Suddenly tons of CF 520 errors

Hello everybody, since yesterday afternoon there are 520 error messages from Cloudflare in our forum. The error occurs completely randomly and everywhere. We only moved to a new server a few weeks ago and everything went perfectly. I will of course also contact my hoster. But I have already...
xenforo.com xenforo.com
Click to expand...

They have not.

@MattW just moved us to a new VPS running Alma/CloudLinux/cPanel/Apache. We had to disable HTTP/2 to Origin due to this.
 
MattW said:
When rebuilding the attachments in 2.3 to
Optimise them, it causes the process to stop if a file is missing

View attachment 305976
Click to expand...
I suspect that’s going to be the same with or without R2. A missing attachment file (even if it’s in the local filesystem) seems like something you would wand to halt the process so it can be addressed instead of ignoring it and moving on/skipping it.
 
digitalpoint said:
I suspect that’s going to be the same with or without R2. A missing attachment file (even if it’s in the local filesystem) seems like something you would wand to halt the process so it can be addressed instead of ignoring it and moving on/skipping it.
Click to expand...
Yeah, I suppose so. I know that attachment is missing because of the optimize attachments plugin that started randomly deleting attachments.
 
Joe Link said:
They have not.

@MattW just moved us to a new VPS running Alma/CloudLinux/cPanel/Apache. We had to disable HTTP/2 to Origin due to this.
Click to expand...
Another of my customers is having the same issue, I've ended up just removing the mod_http2 module from Apache to fix it.

Code: 
dnf history info 86
Transaction ID : 86
Begin time     : Mon 15 Jul 2024 10:19:25 AM UTC
Begin rpmdb    : 2042:23941802daf0d80e07fd341c99473e47555d8d79
End time       : Mon 15 Jul 2024 10:19:25 AM UTC (0 seconds)
End rpmdb      : 2041:c04a8e73fe0f2409e7a2ac38142fa3ebb0d71857
User           : System <unset>
Return-Code    : Success
Releasever     : 8
Command Line   : -y --color=never --verbose shell /tmp/yILOz_MOj8
Comment        :
Packages Altered:
    Removed ea-apache24-mod_http2-2.4.61-1.1.1.cpanel.x86_64 @@System
 
FWIW, I’ve never had any 520 errors and Cloudflare is connecting to my origin servers via HTTP/2 (my setup is Nginx). They do have a little info about it in their docs:

Troubleshooting Cloudflare 5XX errors · Cloudflare Support docs

When troubleshooting most 5XX errors, the correct course of action is to first contact your hosting provider or site administrator to troubleshoot and gather data.
developers.cloudflare.com developers.cloudflare.com

If it’s something you want to figure out, I’d hop on Cloudflare’s developer Discord and ask about it there.
 
"Registration & contact forms are an overlay"

Could I request a feature to extend this option to the login and possibly DMs/Conversations?

My login page is getting his by bots. I'm able to make a firewall rule to put a managed captcha on the login, but that breaks the login overlay.
 
Honestly, now that Turnstile is a Captcha option, that’s a better way to do it than the system where Cloudflare adds a Captcha challenge before a page loads (it’s just using Turnstile to do that anyway). So using Turnstile as a captcha ends up being the same thing, except it’s cleaner (can do it within AJAX overlay and doesn’t require an extra page load). Also, captchas (including Turnstile) can already be used for the login form.
 
digitalpoint said:
FWIW, I’ve never had any 520 errors and Cloudflare is connecting to my origin servers via HTTP/2 (my setup is Nginx). They do have a little info about it in their docs:

Troubleshooting Cloudflare 5XX errors · Cloudflare Support docs

When troubleshooting most 5XX errors, the correct course of action is to first contact your hosting provider or site administrator to troubleshoot and gather data.
developers.cloudflare.com developers.cloudflare.com

If it’s something you want to figure out, I’d hop on Cloudflare’s developer Discord and ask about it there.
Click to expand...
I've only seen this issue with Apache, and not nginx.
 
MattW said:
I've only seen this issue with Apache, and not nginx.
Click to expand...
Maybe something a little funky with Apache’s HTTP/2 implementation? Like okay enough that browsers will tolerate whatever the non-standard thing is, but Cloudflare wants a “to spec” implementation? 🤷🏻‍♂️
 
digitalpoint said:
Honestly, now that Turnstile is a Captcha option, that’s a better way to do it than the system where Cloudflare adds a Captcha challenge before a page loads (it’s just using Turnstile to do that anyway). So using Turnstile as a captcha ends up being the same thing, except it’s cleaner (can do it within AJAX overlay and doesn’t require an extra page load). Also, captchas (including Turnstile) can already be used for the login form.
Click to expand...

I'm a bit confused by the ACP option narrative and your comment above;
By default, XenForo registration and contact pages use an AJAX overlay rather than a new page. Disabling the overlay allows Cloudflare to present the user with a challenge prior to registering/contact (helps with blocking automated spam registrations & contact).
If you are using Turnstile as a CAPTCHA, you don't need to disable the overlay.

With this option ticked, you're saying the result is CF inserts a pre register/contact captcha, and then XF will present another captcha on the actual login/register page? I have Turnstile selected for XF captcha and have this option ticked, but don't experience multiple captcha when trying to register/contact on my site as a guest.
 
Mouth said:
I'm a bit confused by the ACP option narrative and your comment above;
By default, XenForo registration and contact pages use an AJAX overlay rather than a new page. Disabling the overlay allows Cloudflare to present the user with a challenge prior to registering/contact (helps with blocking automated spam registrations & contact).
If you are using Turnstile as a CAPTCHA, you don't need to disable the overlay.

With this option ticked, you're saying the result is CF inserts a pre register/contact captcha, and then XF will present another captcha on the actual login/register page? I have Turnstile selected for XF captcha and have this option ticked, but don't experience multiple captcha when trying to register/contact on my site as a guest.
Click to expand...
The option probably wouldn’t have been made if Turnstile was part of XenForo when I did it. As it stands now, the option just isn’t necessary any longer because Turnstile is a captcha option.
 
Does the addon adds a cache-control header on attachments allowing the user's browser, and CloudFlare to cache image attachments?
 
I need help setting up R2 in ACP for this app. I give up, completely confused. Please give price for this service. Thanks!

I've managed to block my avatar/images somehow and have to disable the app to get them back.
 
Last edited:
Rusty Snippets said:
Anybody using the CSAM scanning tool at Cloudflare? How’s it work? A useful tool?
Click to expand...
Really only going to be useful if you have issues with users uploading child porn.

CSAM Scanning Tool · Cloudflare Cache (CDN) docs

The Child Sexual Abuse Material (CSAM) Scanning Tool allows website owners to proactively identify and take action on CSAM located on their website. By enabling this tool, Cloudflare will compare content served for your website through the Cloudflare cache to known lists of CSAM. These lists are...
developers.cloudflare.com developers.cloudflare.com
 
2 suggestion ideas ...

At /admin.php?cloudflare/firewall it would be helpful to see;

1. Rate limiting rule(s) from [CF dash]/security/waf/rate-limiting-rules

2. The 24hr activity level for each rule numbers/chart (like CF displays), if available by API request

I recently added a 50reqs/10sec rate limiting rule to abate a fairly aggressive scraping bot originating from China that was causing high server load and normal usage lag/delays. This was much easier, and more effective, than playing 'whack-a-mole' with IP address blocking, when it was persisting from changing IP addresses.
 
You must log in or register to reply here.

Similar threads

O
[DigitalPoint] App for Cloudflare® - FRENCH translation [Deleted]
Replies
9
Views
869
Ozzy47
Ozzy47
digitalpoint
App for Cloudflare (appforcf.com)
Replies
12
Views
1K
securedme
securedme
Back
Top Bottom