What is Cloudflare ? How does it help webmasters ?
- Thread starter Digital Doctor
- Start date
damoncloudflare
Active member
The performance and security options for CloudFlare kind of go hand-in-hand (think fewer requests from potentially bad visitors=less bandwidth/requests).
What you could do, however, is change your security settings to "Essentially Off" in your CloudFlare settings (settings->CloudFlare settings) so only the really bad folks are challenged. You can also do some things in CloudFlare's Threat Control Panel to override our behavior.
What would you like to see? Something like: Block exploit attackers only?
WyldFyre
Member
I'd like to be able to get my traffic without interference from the bot prevention tools.
I have my own spam prevention service, and as you say, you folks aren't set up to prevent DDoS anyway.
WyldFyre
Member
Also (since I have your ear), would it be possible to have images which are uploaded immediately recached, since those images have to go through your servers to be stored on the remote server?
I figured there should be some way to tell that a file is being uploaded, then just recache that file if it's an image. As it is, scripts that overwrite one image with another don't have their images recached right away and it is a bit inconvenient.
I figured there should be some way to tell that a file is being uploaded, then just recache that file if it's an image. As it is, scripts that overwrite one image with another don't have their images recached right away and it is a bit inconvenient.
damoncloudflare
Active member
Well, we are. Just not "full". We're looking at options in this arena.
damoncloudflare
Active member
Totally game to see how you would like to see this work. Since we don't cache *everything*, any feedback about how we can make it faster/better is much appreciated.
WyldFyre
Member
I can think of a couple possibilities, but as for the actual mechanics of it, certainly not.
Scenario 1:
Cloudflare proxy starts receiving upload traffic, checks the MIME type and passes it on. Image file? Check the name. Upload destination path/image already exist? Delete cached image. Upload destination/image doesn't exist? Business as usual...
Scenario 2:
Cloudflare proxy starts receiving upload traffic and checks the MIME type. Image file? Check the name. Name exist within the cache for this page? Replace the cached image directly before passing it along to the destination server.
(Scenario 1 would seem the more logical way to go, to me)
sparky5693
Active member
I gave up on cloudflare today. When I installed it, it really did make the website a bit snappier, but it just seemed that there were always server issues somewhere in their network. I received a lot of complaints from usersstating they were looking at the "website offline" notice (while i'm surfing fine from my location). The reliability hit just wasn't worth it for the mild performance gain I received. I did submit a ticket, and then another one. I got a response a couple days later. I think cloudflare has potential, but it isn't quite there yet.
Interesting, I haven't come across this issue yet. There doesn't seem to be server issues from what I can see on the status board.
a legacy reborn
Well-known member
Did you add mod_cloudflare? It could be the server blocking cloudflare IPs, I used to get the site offline error back when I first started to use CloudFlare but those errors have since disappeared(probably due to the fact that they keep on improving the QoS.
damoncloudflare
Active member
The site offline error message only appears in two circumstances:
1. Your server is actually having issues.
2. Your host or server is blocking connections from our IPs because of rules. Things to check:
Tips to ensure CloudFlare's IPs are accepted by your server If your server origin is online, then: 1) Make sure that you're not blocking CloudFlare IPs in .htaccess, iptables , or your firewall. 2) Make sure your hosting provider isn't rate limiting or blocking IP requests from the CloudFlare IPs and ask them to whitelist the IP addresses below:
• 204.93.240.0/24 (204.93.240.0 - 204.93.240.255) • 204.93.177.0/24 (204.93.177.0 - 204.93.177.255) • 199.27.128.0/21 (199.27.128.0 - 199.27.135.255) • 173.245.48.0/20 (173.245.48.0 - 173.245.63.255) • 103.22.200.0/22 (103.22.200.0 - 103.22.203.255) • 141.101.64.0/18 (141.101.64.0 - 141.101.127.255)
Also: I strongly recommend installing mod_cloudflare (or equivalent) to make sure original visitor IP is getting passed to your server.
If hosts see a bunch of requests from our IPs, which would be the case if you didn't see the original visitor IP because we're acting as
a reverse proxy, they might start blocking requests from those IPs.
damoncloudflare
Active member
We're not having any system issues at this time.
Recommendations:
Install mod_cloudflare (or equivalent) to make sure original visitor IPs are passed back to your server.
Make sure your host and/or server has our IPs whitelisted (rules in something like .htacess or iptables, for example, could cause issues if you blocked our requests).
Tips to ensure CloudFlare's IPs are accepted by your server If your server origin is online, then: 1) Make sure that you're not blocking CloudFlare IPs in .htaccess, iptables , or your firewall. 2) Make sure your hosting provider isn't rate limiting or blocking IP requests from the CloudFlare IPs and ask them to whitelist the IP addresses below:
• 204.93.240.0/24 (204.93.240.0 - 204.93.240.255) • 204.93.177.0/24 (204.93.177.0 - 204.93.177.255) • 199.27.128.0/21 (199.27.128.0 - 199.27.135.255) • 173.245.48.0/20 (173.245.48.0 - 173.245.63.255) • 103.22.200.0/22 (103.22.200.0 - 103.22.203.255) • 141.101.64.0/18 (141.101.64.0 - 141.101.127.255)
damoncloudflare
Active member
Just a quick note for those of you using Apache servers:
We pushed a fix today to defend against the Apache Killer exploit.
We pushed a fix today to defend against the Apache Killer exploit.
My host has got a CloudFare link the cPanel and I did get an email for it as well. I have signed up but I haven't seen much of an improvement but it also hasn't slowed down my site loading time. I have static content on my site that would benefit from the cloudfare service should my host go down, because our shoutcast server would still run so people would still be able to tune in!
damoncloudflare
Active member
One thing to keep in mind is that caching can take at least a few days or so, so things should get progressively faster (also depends on where your visitors are coming from).
I have a lot of other questions about CloudFlare's CDN answered in that blog post link.
dieketzer
Well-known member
the general consensus on my board is the site is noticeably snappier with cloudflare than without. of course the edgecases are a pain. for seemingly no reason various people get very poor performance sporadically, and have to bypass cloudflare entirely.
i am on the pro plan which gives me access to the 'advanced security' and 'preloader' features. unfortunately, advanced security, even when set to low, seems to cause problems with image uploads, removing the upload status widget and thumb/full attachment selection widget, and disrupts upload to the useralbum addon.
it also seems like there is always a problem with one of the datacenters which affects my members and makes it a problem for me as well.
im definitely going to revert to basic before the next billing cycle, and i will probably run with basic for a while i watch what develops with cloudflare. generally speaking, both the idea and the execution are pretty good, but when there are seemingly minor problems they certainly seem pretty major when i am having to troubleshoot networking and running down 'xf bugs' due to complaints from members.
i am on the pro plan which gives me access to the 'advanced security' and 'preloader' features. unfortunately, advanced security, even when set to low, seems to cause problems with image uploads, removing the upload status widget and thumb/full attachment selection widget, and disrupts upload to the useralbum addon.
it also seems like there is always a problem with one of the datacenters which affects my members and makes it a problem for me as well.
im definitely going to revert to basic before the next billing cycle, and i will probably run with basic for a while i watch what develops with cloudflare. generally speaking, both the idea and the execution are pretty good, but when there are seemingly minor problems they certainly seem pretty major when i am having to troubleshoot networking and running down 'xf bugs' due to complaints from members.
damoncloudflare
Active member
"unfortunately, advanced security, even when set to low, seems to cause problems with image uploads, removing the upload status widget and thumb/full attachment selection widget, and disrupts upload to the useralbum addon."
Uploads can trigger the WAF. Options:
Turn WAF off or whitelist the IP address.
Create a subdomain for uploads & then add the subdomain so we don't proxy it.
"it also seems like there is always a problem with one of the datacenters"
One thing to keep in mind is that an issue in one datacenter doesn't mean all of your site visitors are having issues (only those hitting that datacenter). And we generally resolve most datacenter issues very quickly.
Uploads can trigger the WAF. Options:
Turn WAF off or whitelist the IP address.
Create a subdomain for uploads & then add the subdomain so we don't proxy it.
"it also seems like there is always a problem with one of the datacenters"
One thing to keep in mind is that an issue in one datacenter doesn't mean all of your site visitors are having issues (only those hitting that datacenter). And we generally resolve most datacenter issues very quickly.
sparky5693
Active member
I was not using mod_cloudflare, but instead using the xenforo edits. Like I mentioned, it did make the website slightly faster, but it seems one of the datacenters always had an issue. The response and time to respond to my ticket was not quite as good as I would have hoped... maybe support for paying members is better.
damoncloudflare
Active member
We don't have 24/7 support just yet & we're working on adding new folks. Since we're a startup, we have a very small team tackling these issues & I do apologize for any delay in responding. We also try to update known system issues on our Twitter handles cloudflaresys and cloudflare
dieketzer
Well-known member
its not feasible to do that with xf uploads. besides, that would defeat the entire point of the waf as it would open an attack vector.
those hitting the dataserver are the ones to complain, and if there are always problems with a datacenter then i am always fielding complaints and being asked to troubleshoot something that is out of my depth; networking.
Similar threads
- Question
