[DigitalPoint] App for Cloudflare®

[DigitalPoint] App for Cloudflare® 1.8.2

No permission to download
digitalpoint updated [DigitalPoint] Cloudflare with a new update entry:

Adds option to block IPs via a spam clean when used from user approval queue

  • New option under Options -> External service providers -> Block IP addresses on spam clean from user approval queue (it's off by default, so you will need to enable it if you want to use it).
  • Added additional info for cases where there's an exception making request to Cloudflare's API, but without an actual error received from the API.

Read the rest of this update entry...
 
This looks good, one important option that I think is missing (or I've not found it yet) is the actual CF proxy setting. You can change all the settings you want but if you're only using CF for DNS routing then all is moot.
 
Ya, I thought a little about it. The issue with DNS in this context is it’s a bit of a chicken and egg thing. The addon wouldn’t work if you aren’t already using Cloudflare (like it can’t configure a new zone for you). Well it could in theory, but would have to be from command line since without the zone you don’t even have a working website. And going down that road of trying to do all that is more than I really want to do.

That being said, it’s probably reasonable to add a note about it for people that are using Cloudflare for DNS and don’t really understand how it works.
 
This add-on doesn't add any functions to Cloudflare. If there's info about a specific Cloudflare setting, you'd want to check with Cloudflare.
 
Coming in 2.3
I had a suspicion... PHP support for WebP is now to the point I figured it was probably getting to an appropriate point in time it should be done. Hopefully another couple years and AVIF will be similarly supported. :)
 
what is best full or full strict thanks
Again, this plug-in does not add any features or settings to Cloudflare. If you are wanting to learn about the ins and outs of Cloudflare settings, you would want to contact Cloudflare (I believe they have a community section you c an ask questions in).

If you don’t know what something does, I’d say it’s best to leave it at whatever setting your zone is already set to. It’s usually not a good idea to turn stuff on/off for no actual reason.
 
Isn't it pretty risky to DISABLE the Web Application Firewall ?
I'm not sure I'd say it's risky necessarily. However WAF is not available to Free plans, so for those you can't turn it on, and there might be a reason that a paid plan wouldn't want it on. I have it disabled on one of my paid domains for example (I like to be more granular with which thing are enabled/disabled rather than WAF which more or less enables everything). Like I don't need WAF protection for WordPress sites or Drupal sites or sites managed by WHMCS because I don't use any of that.
 
yeah okay... I'm not that good in this tech stuff... but I thought that WAF provides a perfect protection against hacker attacks and all this stuff?

Or is it nonsense since your big forum does not use it?

The one you mention there can easily be disabled.
 
yeah okay... I'm not that good in this tech stuff... but I thought that WAF provides a perfect protection against hacker attacks and all this stuff?

Or is it nonsense since your big forum does not use it?

The one you mention there can easily be disabled.
I'm not recommending one way or the other. Everyone's site is different with what they do/do not need. It's an option you can toggle in this add-on simply because it's an option you can toggle in Cloudflare. If Cloudflare removes the ability to turn it on/off, the option to toggle it in the add-on goes away.

If every site could be configured the same way, Cloudflare wouldn't even need options, and they would have a one-size fits all configuration for every site. :)
 
However WAF is not available to Free plans, so for those you can't turn it on
FYI, Cloudflare now has some WAF rules enabled by default on even free plans, you can't turn them off or toggle them on free plans. There's also 2 versions of CF WAF - legacy and new version that new sites get. New one is on all plans https://developers.cloudflare.com/waf/#availability

The new Cloudflare WAF announced in March 2021 is available on all plans. The exact features and limits depend on your current plan.


Today, we’re doing it again, by providing a Cloudflare WAF (Web Application Firewall) Managed Ruleset to all Cloudflare plans, free of charge.

Why are we doing this?​

High profile vulnerabilities have a major impact across the Internet affecting organizations of all sizes. We’ve recently seen this with Log4J, but even before that, major vulnerabilities such as Shellshock and Heartbleed have left scars across the Internet.

When are we doing this?​

If you are on a FREE plan, you are already receiving protection. Over the coming months, all our FREE zone plan users will also receive access to the Cloudflare WAF user interface in the dashboard and will be able to deploy and configure the new ruleset. This ruleset will provide mitigation rules for high profile vulnerabilities such as Shellshock and Log4J among others.

To access our broader set of WAF rulesets (Cloudflare Managed Rules, Cloudflare OWASP Core Ruleset and Cloudflare Leaked Credential Check Ruleset) along with advanced WAF features, customers will still have to upgrade to PRO or higher plans.
 
I only use CloudFlare for DNS. To be honest I am overwhelmed with the settings CloudFlare and this addon have.

1) Does the free plan of CloudFlare have anything particularly useful for someone like me? Just in general.

2) Does this addon have anything particularly useful for someone like me?

Maybe there are some optimizations I am missing for my site and either CF or this addon could benefit me?

Of course CF or this addon has useful settings but for people who know what they are doing or for people who need them. But I don't want to touch anything unless I get a huge chunk of benefit out of it without risking much :D.

Thanks.
 
Last edited:
I only use CloudFlare for DNS. To be honest I am overwhelmed with the settings CloudFlare and this addon have.

1) Does the free plan of CloudFlare have anything particularly useful for someone like me? Just in general.

2) Does this addon have anything particularly useful for someone like me?

Maybe there are some optimizations I am missing for my site and either CF or this addon could benefit me?

Of course CF or this addon has useful settings but for people who know what they are doing or for people who need them. But I don't want to touch anything unless I get a huge chunk of benefit out of it without risking much :D.

Thanks.
Ya, Cloudflare works really well as a CDN for storing your static content in the network edge as one thing. It's really good for filtering traffic (like spam bots) before the traffic reaches your servers. The add-on leverages Cloudflare Access to limit who can access your Admin control panel, can block all access to internal things like /internal_data. It can block traffic by country before it even gets to your server. It can temporarily block spammers IP addresses (again before the traffic even gets to your servers) via XenForo's normal spam system, etc.

Data from Cloudflare for my new iolabs.io site... 93.53% of all the HTTP requests never even had to go to my server (static files are cached around the world in Cloudflare's data centers automatically):

1655343117389.webp

92.49k HTTP requests by referrer spam bots were stopped before the network traffic made it to my servers:

1655343192354.webp

Things like SSL management is a snap... like I require users to have a minimum of TLS 1.2 in order to use the site:

1655343306253.webp

So ya... there's a lot of really good thing you can do with Cloudflare. :)
 
Top Bottom