ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login
    1. Topics
    2. Tags
    3. cloudflare
    Log in to post
    • All categories
    • scottalanmillerS

      UFW Firewall Allow List for CloudFlare Proxy IP Addresses

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion linux firewall security reverse proxy cloudflare ubuntu ufw
      1
      1 Votes
      1 Posts
      2k Views
      No one has replied
    • scottalanmillerS

      WordPress Site Lost Its Mind - Ten Minutes of Maintenance Over and Over Again

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion wordpress nginx varnish cloudflare apache php
      8
      0 Votes
      8 Posts
      1k Views
      scottalanmillerS

      @Pete-S said in WordPress Site Lost Its Mind - Ten Minutes of Maintenance Over and Over Again:

      This is how you do that:
      https://developer.wordpress.org/plugins/cron/hooking-wp-cron-into-the-system-task-scheduler/

      Nice, good info. Thanks.

    • JaredBuschJ

      CloudFlare announces Magic WAN

      Watching Ignoring Scheduled Pinned Locked Moved News cloudflare magic wan
      6
      0 Votes
      6 Posts
      1k Views
      scottalanmillerS

      @stacksofplates said in CloudFlare announces Magic WAN:

      @Dashrender said in CloudFlare announces Magic WAN:

      @Obsolesce said in CloudFlare announces Magic WAN:

      So basically just another SDP/SDN product but with a weird name.

      I was wondering this - I have no idea how much firewall type controll normal SDN products have.

      is SDP software defined protection?

      Software defined perimeters

      As opposed to being defined in a notepad or on a chalkboard, lol.

    • JaredBuschJ

      Vultr Firewall added Cloudflare

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion vultr firewall cloudflare
      31
      4 Votes
      31 Posts
      6k Views
      DashrenderD

      @Mario-Jakovina said in Vultr Firewall added Cloudflare:

      As I said - we do have FQDN.
      I was just suprised when @Dashrender said they are free from Cloudflare

      I misspoke, I never meant that registered domains themselves were free. What I meant was free was DNS hosting and base level proxying from CF.

    • scottalanmillerS

      CloudFlare Adding HTTP/3

      Watching Ignoring Scheduled Pinned Locked Moved News cloudflare http3 http web hosting
      2
      0 Votes
      2 Posts
      1k Views
      1

      @scottalanmiller said in CloudFlare Adding HTTP/3:

      HTTP/3

      Just a draft so far. No browsers has it enabled by default.

    • CCWTechC

      Internet outage

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion dns internet outage cloudflare
      19
      0 Votes
      19 Posts
      3k Views
      PhlipElderP

      @Texkonc said in Internet outage:

      @JaredBusch said in Internet outage:

      @PhlipElder said in Internet outage:

      @JaredBusch said in Internet outage:

      @PhlipElder said in Internet outage:

      https://www.cloudflarestatus.com/incidents/46z55mdhg0t5

      Hmmm ... this from a little over a year ago.

      Same "problem".

      Routing is not magic. Errors happen.

      That may be so, but the expectation is that the same errors would not happen over and over again.

      FFS It is not the same. Are you stupid?

      Jesus, calm down. No one pissed in your corn flakes...

      No kidding. Don't go all Boomtown Rats on me. ๐Ÿ˜›

    • JaredBuschJ

      How to use a Cloudflare origin certificate on an Azure App

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion origin certificate ssl cloudflare azure
      1
      4 Votes
      1 Posts
      817 Views
      No one has replied
    • NetworkNerdN

      Cloudflare for Families, Anyone?

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion cloudflare publicdns dns
      7
      0 Votes
      7 Posts
      1k Views
      B

      Pretty cool. Iโ€™ll have to try it and see how it goes.

      Iโ€™ve been using Unbound for several years running on a Raspberry Pi and using a custom black list. Love not having to run ad blockers on each computer browser since itโ€™s all taken care of with Unbound.

    • scottalanmillerS

      Mattermost Behind Nginx and Cloudflare Script Load Error

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion nginx mattermost cloudflare
      8
      0 Votes
      8 Posts
      2k Views
      1

      @scottalanmiller said in Mattermost Behind Nginx and Cloudflare Script Load Error:

      @Pete-S said in Mattermost Behind Nginx and Cloudflare Script Load Error:

      @scottalanmiller said in Mattermost Behind Nginx and Cloudflare Script Load Error:

      @black3dynamite said in Mattermost Behind Nginx and Cloudflare Script Load Error:

      s your setup is Cloudflare proxy -> Nginx proxy -> apache (mattermost)?

      CF Proxy > Nginx Proxy > Mattermost (MM is its own server)

      And yes, if I disable the CF Proxy, it works.

      Why the double reverse proxies?

      That's the standard. You are always expected to have your node.js servers behind a reverse proxy. And CloudFlare is the CDN cache in front. This is the universal standard for all web servers. Plenty of times to avoid it, of course, but this is the baseline system design.

      In this case, MM is a raw node server so has none of the protections or handling of a system like Nginx. Nginx also provides the ability to have multiple sites behind one IP address. MM doesn't do that on its own, nor does CloudFlare. No different than how MangoLassi is on NodeBB, also a node platform, behind Nginx, behind CloudFlare.

      CF can't do the details port and IP handling, Nginx can't do the globally distributed cache.

      Thanks for the clarification Scott. I (wrongly) thought that Cloudflare was a full featured proxy and could do the same job as haproxy, nginx etc.

    • JaredBuschJ

      Setup a Cloudflare Origin Certificate for use on a backend server

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion cloudflare origin certificate ssl
      18
      2 Votes
      18 Posts
      3k Views
      scottalanmillerS

      @FATeknollogee said in Setup a Cloudflare Origin Certificate for use on a backend server:

      @scottalanmiller said in Setup a Cloudflare Origin Certificate for use on a backend server:

      @FATeknollogee said in Setup a Cloudflare Origin Certificate for use on a backend server:

      noob question here:
      If you're hosting on Cloudflare, this should be used instead of LE?

      Not about "should", it's about which makes more sense for you in a given situation.

      "could" would probably have been a better word choice.

      Yup, you definitely can ๐Ÿ™‚

    • wrx7mW

      Resolved: Weird Website Redirect Issues

      Watching Ignoring Scheduled Pinned Locked Moved Solved IT Discussion wordpress cpanel centos cloudflare dns redirect domain name 301 redirect
      4
      0 Votes
      4 Posts
      1k Views
      wrx7mW

      Turns out that there was a wildcard A record in DomainA2.com

    • Emad RE

      Whats up with CloudFlare CDN

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion cf cdn cloudflare outage
      13
      0 Votes
      13 Posts
      2k Views
      dbeatoD

      @Emad-R said in Whats up with CloudFlare CDN:

      @scottalanmiller

      This site reports 2 as well:
      https://bgr.com/2019/07/02/internet-outage-2019-cloudflare-network-issues/

      They post two yes but not all due to Cloudflare,

      June 24, 2019 - Route Leak Impacting Cloudflare (Other ISPs involved)
      https://www.cloudflarestatus.com/incidents/46z55mdhg0t5

      July 2nd, 2019 -HTTP 502 errors
      https://www.cloudflarestatus.com/incidents/tx4pgxs6zxdr

    • scottalanmillerS

      WordPress Cutover Main Page Works, but Secondary Pages Do Not

      Watching Ignoring Scheduled Pinned Locked Moved Solved IT Discussion wordpress cloudflare nginx varnish apache php ubuntu linux ubuntu 19.04
      19
      0 Votes
      19 Posts
      2k Views
      CloudKnightC

      Well let's talk about fedora and updating killing a laptop lol....

    • B

      Cloudflare 301/2 Redirects ...

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion dns cloudflare
      7
      0 Votes
      7 Posts
      683 Views
      JaredBuschJ

      Like this.

      be78d39b-4bf6-4b74-a15e-ec044e88ed03-image.png
      04f1585b-838d-46eb-826c-be15fd766645-image.png

    • 1

      DNS woes

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion dns godaddy cloudflare
      5
      1 Votes
      5 Posts
      881 Views
      scottalanmillerS

      @Pete-S said in DNS woes:

      If I understand correctly, DNS propagates everywhere anyway so what difference does it make? Or are the DNS records not cached/replicated?

      It does, and they do. Propagation, caching, etc. all happens with DNS. But that doesn't mean that you don't still want your master DNS to be screaming fast, globally distributed, highly available, etc. If your DNS goes down, most DNS providers (Google, etc.) will known almost immediately and see your infrastructure as offline as part of their security system.

    • J

      Move dns hosting to Cloudflare?

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion cloudflare dns
      10
      1 Votes
      10 Posts
      1k Views
      scottalanmillerS

      @Dashrender said in Move dns hosting to Cloudflare?:

      @JaredBusch said in Move dns hosting to Cloudflare?:

      @JokkeM said in Move dns hosting to Cloudflare?:

      @JaredBusch

      You have public DNS servers that are the authoritative source for your domains? - Yes
      These servers are in our datacenter and they have like ~300 zones

      By doing the "move dns hosting to CF" i would get rid of those 3 servers totally.

      Do this today. I would hate to have to run public, authoritative DNS servers.
      Just for DNS, I cannot imagine how CloudFlare would not be cheaper than running this yourself. Unless you are doing more than just DNS, CloudFlare is free.

      They have a great API for managing things at scale.

      I'm thinking the same thing - in fact, unless you've been running these servers since the mid 90's I can't see any reason why you could do that. Most registrars offered the DNS hosting as part of the cost of the domain registration. Sure they might not have had simple APIs for managing them... but damn, self hosted just seems - odd.

      It actually simplifies some things (and makes others harder.) It's not common and there are good reasons to not do it, but there are good reasons to want it, too.

    • JaredBuschJ

      Cloudflare Domain registration

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion cloudflare domain name registration registrar
      28
      2 Votes
      28 Posts
      4k Views
      B

      @FATeknollogee said in Cloudflare Domain registration:

      @FATeknollogee said in Cloudflare Domain registration:

      @JaredBusch said in Cloudflare Domain registration:

      @FATeknollogee said in Cloudflare Domain registration:

      2 questions for those of you that moved to CF for domain registration:

      Are you using CF for DNS. If you have a web hosting provider, do you use their nameservers in your CF dashboard.

      WUT?

      What is WUT?

      Really..?? https://www.quora.com/What-does-โ€œwutโ€-mean

      Try this... Not sure Quora is a solid repository of slang meanings.

      https://www.urbandictionary.com/define.php?term=wut

      Used in response to an unclear or absurd statement when seeking to clarify it or expose said absurdity.

    • dbeatoD

      Setup LetsEncrypt Certbot with CLoudFlare DNS authentication (Ubuntu)

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion nginx lets encrypt cloudflare certbot dns ubuntu 18.04
      6
      4 Votes
      6 Posts
      21k Views
      scottalanmillerS

      @aboka said in Setup LetsEncrypt Certbot with CLoudFlare DNS authentication (Ubuntu):

      hi, thanks for sharing this guide, would like to ask, what port does ppa:certbot use? im running nginx and its already using 80 & 443. i need to find a way to renew the cert when using Cloudflare as the common way(certbot renew) will not work. thank you.

      There are certbot options to use the running server (Nginx in this case.) But I agree with Jared, better to use DNS.

    • wrx7mW

      Cloudflare - Forwarding CNAME to HTTPS URL?

      Watching Ignoring Scheduled Pinned Locked Moved Solved IT Discussion cloudflare cname
      12
      0 Votes
      12 Posts
      2k Views
      DashrenderD

      @JaredBusch said in Cloudflare - Forwarding CNAME to HTTPS URL?:

      @Dashrender said in Cloudflare - Forwarding CNAME to HTTPS URL?:

      I don't really understand this - wouldn't you need a redirect command to make this work correctly? As stated - the browser thinks it's going to careers.domain.com, but that's being redirected via cname to joes.website.com, and joe's has a TLS cert.

      Wouldn't the correct way be to have a server accept the request for careers.domain.com and execute a redirect to a new URL (joes.website.com) and now the browser will know it's going to joes site and accept the cert?

      What server? He has no server. He simply wanted an alias for a nasty long URL.
      careers.domain.com instead of adp.com/346y365hy3/365h56/456/y6/

      Any good proxy will do this. CloudFlare is one of the best.

      So process.

      Create a CNAME entry for careers.domain.com pointing somewhere. Make sure the orange cloud is on. This makes the actual destination not matter because the IP will return as CloudFlare. But you want it to be something intelligent in case of problems as the OP found out. Create a redirect rule in CloudFlare. This is no different than the redirect 301 that you would use on your NginX proxy or other system. Profit

      Well - there's your website I mentioned - the proxy. It's doing the redirect. OK - fine, it's not really a website (at least not likely), but you get the point - and I'm learning .. so thanks.
      But my general thinking was along the same lines as your setup.

    • travisdh1T

      Cloudflare and Nginx reverse proxy background.

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion cloudflare nginx reverse proxy
      6
      0 Votes
      6 Posts
      1k Views
      travisdh1T

      @taurex said in Cloudflare and Nginx reverse proxy background.:

      @travisdh1 Are there any benefits of configuring your own reverse-proxy if it's running behind CloudFlare that is essentially the one already? I know they offer their own Origin CA certs that you can install on your web servers to encrypt the traffic between CF and your cloud. As long as you're happy to stick with CloudFlare, there will be no need to run cron jobs with certbot renewals every 3 months.

      As @JaredBusch said, you can run self-signed certs with CloudFlare just fine. This was for my home lab, so I purposely do things the hard way sometimes, just to see what it's like. That's why I originally tackled this anyway. Running a reverse proxy mostly so I don't have to pay for nearly 30 IP addresses on the box I rent for it.

    • 1
    • 2
    • 3
    • 1 / 3