![[DigitalPoint] App for Cloudflare®](/community/data/resource_icons/8/8750.jpg?1692633961){kind=icon}
[DigitalPoint] App for Cloudflare® 1.9.1.1
- Thread starter digitalpoint
- Start date
digitalpoint
Well-known member
As you said, Cloudflare doesn't scan anything over 15MB (there is no "solution" to force them to scan files bigger than 15MB).
AV scanning
Cloudflare Gateway protects users as they browse the Internet. When users download or upload a file to an origin on the Internet, that file could potentially contain malicious code that may cause their device to perform undesired behavior. To prevent this, Cloudflare Gateway allows admins to...
developers.cloudflare.com
Thanks Digitalpoint. Looks like I'll need to find another solution. Wish xenforo had an addon that addresses this so I don't have to manually download each resource then scan separately before approving it.As you said, Cloudflare doesn't scan anything over 15MB (there is no "solution" to force them to scan files bigger than 15MB).
AV scanning
Cloudflare Gateway protects users as they browse the Internet. When users download or upload a file to an origin on the Internet, that file could potentially contain malicious code that may cause their device to perform undesired behavior. To prevent this, Cloudflare Gateway allows admins to...
If anyone has any ideas please tell! I was going to scan using cronjob on Linux but with a remote storage route not sure how to go about it now.
You could run all attachments through virustotal before uploading to s3.
This is going to require a custom built addon though.
VirusTotal API v3 Overview
🚧Commonly missedLooking for more API quota and additional threat context?Contact us to learn more about our offerings for professionals and try out the VT ENTERPRISE Threat Intelligence Suite. Looking for your VirusTotal API key?Jump to your personal API key view while signed in to VirusTotal...
developers.virustotal.com
Last edited:
Ivancas
Well-known member
Why?
⭐ Alex ⭐
Well-known member
The option description says not to turn it on if you want XF to decide who has permission to view it.
Just had an idea. I know you talked about not putting stuff like DKIM keys into R2. What if we did but your addon makes it so when those files in internal_data are edited, it updates them in the R2 as a background job, in that way it automatically backs up this data while still accessing and using it from the local directory.
digitalpoint
Well-known member
Not really how XenForo's abstracted filesystem works (I guess unless someone made a new abstracted filesystem adapter to write to two different places... could be done, but not sure it's worth the effort for key backup).
If you want something better than local filesystem for DKIM keys, this will put the contents of the internal-data://keys directory into XenForo's data registry (doesn't need to read from disk any longer, stored in the database and can read from memcache or other caching mechanisms a site has in place).
[DigitalPoint] FileSystem
Allows you to optionally use a Local Cluster filesystem adapter for code-cache:// (allows you to keep file system changes in sync with different web servers... things like template/phrase changes as well as add-on development). Could also be...
xenforo.com
eva2000
Well-known member
Or you can mount R2 storage as local storage. I use JuiceFS to mount my R2 storage to my server. System. just sees it as a local storage https://github.com/centminmod/centminmod-juicefs
Code:
df -hT /home/juicefs_mount
Filesystem Type Size Used Avail Use% Mounted on
JuiceFS:myjuicefs fuse.juicefs 1.0P 4.0K 1.0P 1% /home/juicefs_mountYou tried this? Dunno if it works.
Unmaintained - [Jazzaaf] xenAntiVirus
Description: This add-on will check new attachments for viruses and malware code using Virustotal.com's api. Features: Disable new attachments until marked clean. (on/off) Exclude File Types. Exclude User Groups. Use in Private Conversations...
xenforo.com
⭐ Alex ⭐
Well-known member
but - does that use os file cache? or is it still mostly making web requests :O
eva2000
Well-known member
Yes uses both OS file cache and meta data caching - see benchmark section https://github.com/centminmod/centminmod-juicefs and then if your mounted R2 data is served over Cloudflare orange cloud proxied CDN cache, then you leverage CDN cache for serving such files in R2 local mounted storage
| ITEM | VALUE (100x R2 Sharded + Redis) | COST (100x R2 Sharded + Redis) | VALUE (61x R2 Sharded + Redis) | COST (61x R2 Sharded + Redis) | VALUE (21x R2 Sharded + Redis) | COST (21x R2 Sharded + Redis) | VALUE (10x R2 Sharded + Redis) | COST (10x R2 Sharded + Redis) | VALUE (1x R2 Default) | COST (1x R2 Default) |
|---|---|---|---|---|---|---|---|---|---|---|
| Write big file | 637.16 MiB/s | 0.01 s/file | 617.15 MiB/s | 0.01 s/file | 600.01 MiB/s | 0.01 s/file | 530.10 MiB/s | 0.01 s/file | 230.82 MiB/s | 0.02 s/file |
| Read big file | 1764.73 MiB/s | 0.00 s/file | 1600.85 MiB/s | 0.00 s/file | 1300.69 MiB/s | 0.00 s/file | 1914.40 MiB/s | 0.00 s/file | 1276.38 MiB/s | 0.00 s/file |
| Write small file | 2666.9 files/s | 3.00 ms/file | 2808.3 files/s | 1.42 ms/file | 2648.3 files/s | 1.51 ms/file | 2715.4 files/s | 1.47 ms/file | 675.7 files/s | 5.92 ms/file |
| Read small file | 10905.8 files/s | 0.73 ms/file | 10154.0 files/s | 0.39 ms/file | 10442.4 files/s | 0.38 ms/file | 10069.0 files/s | 0.40 ms/file | 7833.1 files/s | 0.51 ms/file |
| Stat file | 22475.0 files/s | 0.36 ms/file | 15935.2 files/s | 0.25 ms/file | 16277.5 files/s | 0.25 ms/file | 16545.3 files/s | 0.24 ms/file | 28226.1 files/s | 0.14 ms/file |
| FUSE operation | 11485 operations | 0.12 ms/op | 5761 operations | 0.09 ms/op | 5765 operations | 0.09 ms/op | 5767 operations | 0.09 ms/op | 5756 operations | 0.41 ms/op |
| Update meta | 3233 operations | 0.19 ms/op | 1617 operations | 0.19 ms/op | 1617 operations | 0.18 ms/op | 1617 operations | 0.19 ms/op | 5770 operations | 0.70 ms/op |
| Put object | 735 operations | 344.93 ms/op | 32 operations | 377.01 ms/op | 30 operations | 369.65 ms/op | 37 operations | 290.94 ms/op | 118 operations | 242.35 ms/op |
| Get object | 0 operations | 0.00 ms/op | 0 operations | 0.00 ms/op | 0 operations | 0.00 ms/op | 0 operations | 0.00 ms/op | 0 operations | 0.00 ms/op |
| Delete object | 117 operations | 123.92 ms/op | 76 operations | 189.67 ms/op | 22 operations | 268.03 ms/op | 48 operations | 103.83 ms/op | 95 operations | 83.94 ms/op |
| Write into cache | 808 operations | 0.13 ms/op | 404 operations | 0.11 ms/op | 404 operations | 0.11 ms/op | 404 operations | 0.11 ms/op | 404 operations | 0.14 ms/op |
| Read from cache | 816 operations | 0.13 ms/op | 408 operations | 0.07 ms/op | 408 operations | 0.08 ms/op | 408 operations | 0.06 ms/op | 408 operations | 0.06 ms/op |
digitalpoint
Well-known member
Not sure what you are trying to do or what you were trying to do before Cloudflare with "www". This thread is just about the Cloudflare addon and there's nothing in the addon that will do anything with "www" from your web server config if that's your question?
If it's a question about your Cloudflare account and not this addon, the various places you can get Cloudflare support is outlined here (different options depending on your zone tier):
If it's a question about your Cloudflare account and not this addon, the various places you can get Cloudflare support is outlined here (different options depending on your zone tier):
Contacting Cloudflare Support · Cloudflare Support docs
Cloudflare Support cannot perform the following actions:
developers.cloudflare.com
Some things are done now from Cloudflare, like
So, I have deleted this in my .htaccess.
Another thing is this:
From my point of view, it makes sense, that this happens at Cloudflare and not in my .htaccess.
So I have asked if someone knows where to tell Cloudflare to care for that also.
Code:
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]So, I have deleted this in my .htaccess.
Another thing is this:
Code:
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]From my point of view, it makes sense, that this happens at Cloudflare and not in my .htaccess.
So I have asked if someone knows where to tell Cloudflare to care for that also.
mjda
Well-known member
I think his point was that what you're saying shouldn't be posted in this thread. This thread should only be used for discussion related to the App for Cloudflare® add-on.
Why so strict? I am sure many people don't know it.
Why not help? Have corrected the code above, it is:
and the always https:// is set under ssl/tls/edge? Then it needs no more page rules (maybe)
Why not help? Have corrected the code above, it is:
Code:
https://domain.com/*
forward to
https://www.domain.com/$1
301 permanent redirectand the always https:// is set under ssl/tls/edge? Then it needs no more page rules (maybe)
Chromaniac
Well-known member
Always Use HTTPS is already part of the addon settings along with HSTS settings. Which you can enable. It can be risky in some cases. But would ensure that http is not used at all.
