[DigitalPoint] App for Cloudflare®

[DigitalPoint] App for Cloudflare® 1.8.2

No permission to download
Overview FAQ Updates (51) Reviews (19) History Discussion
digitalpoint said:
Hmmm… Strange because uninstalling the addon really shouldn’t do anything in that scenario (the settings are set on Cloudflare, not locally on your server). So uninstalling the addon should only remove your ability to change setting on your Cloudflare account (it won’t revert any Cloudflare settings you set).

That being said, do you have a specific reason you are changing your Cloudflare encryption settings? It’s not uncommon for changing those to end up putting your site in a redirection loop since the encryption state for the user and your server are different (if your server is setup to redirect http to https, it can be a problem for example.
Click to expand...

If I change to anything then Flexable it redirects me to that site which when i just looked at intodns it shows that the site is hosted on the shared server I am on also. So I think it something to do with my hosting.
 
RandallC said:
If I change to anything then Flexable it redirects me to that site which when i just looked at intodns it shows that the site is hosted on the shared server I am on also. So I think it something to do with my hosting.
Click to expand...
Yep… sounds like your web server is not configured to serve your site as an https site (which is needed if you want to use Full Encryption). Either way, uninstalling the addon isn’t going to change that one way or another, so not sure how that was able to fix anything for you.
 
FWIW, this is the info about each mode (just copy/pasted from Cloudflare's site). Going from Flexible to Full means your web server needs to be configured to serve HTTPS on it's side, where Flexible allows the user to be encrypted between them and Cloudflare, but the origin connection between Cloudflare and your web server isn't required to be HTTPS (so the user sees it as encrypted, but somewhere along the network path on the Internet, it's not).

Off: No visitors will be able to view your site over HTTPS; they will be redirected to HTTP.

Flexible SSL: You cannot configure HTTPS support on your origin, even with a certificate that is not valid for your site. Visitors will be able to access your site over HTTPS, but connections to your origin will be made over HTTP. Note: You may encounter a redirect loop with some origin configurations.

Full SSL: Your origin supports HTTPS, but the certificate installed does not match your domain or is self-signed. Cloudflare will connect to your origin over HTTPS, but will not validate the certificate.

Full (strict): Your origin has a valid certificate (not expired and signed by a trusted CA or Cloudflare Origin CA) installed. Cloudflare will connect over HTTPS and verify the cert on each request.
Click to expand...

From what you've mentioned, it just sounds like the web server isn't configured for HTTPS and you ended up at a different site because that's probably the first/default site that works under HTTPS as the web server is configured.
 
digitalpoint said:
FWIW, this is the info about each mode (just copy/pasted from Cloudflare's site). Going from Flexible to Full means your web server needs to be configured to serve HTTPS on it's side, where Flexible allows the user to be encrypted between them and Cloudflare, but the origin connection between Cloudflare and your web server isn't required to be HTTPS (so the user sees it as encrypted, but somewhere along the network path on the Internet, it's not).



From what you've mentioned, it just sounds like the web server isn't configured for HTTPS and you ended up at a different site because that's probably the first/default site that works under HTTPS as the web server is configured.
Click to expand...
Your prob right, I need to go back and check the settings in the cpanel SSL due to me having it set up prior to using Cloudflare. The web host also offers letsencrypt or did.
 
RandallC said:
So refreshing my site would send me to - Abdul Wahab – Infomation Security Analyst and if I typed my domain name into the address bar it would send me to the same thing, I am not sure where it happens either server side or cloudflare side but it hijacks my dns.


Code: 
https://abdulwahab.biz/
Click to expand...
We had the same issue a few days ago. It is related to the SSL certificate generated by cPanel which triggers an error (check your DNS records) because if one of them fails then the site loads another cPanel account on the same server. Just make sure that AutoSSL successfully creates all the SSL certificates.
 
Not sure what that second screenshot is, but it doesn’t look like Cloudflare dashboard. If you have setup that subdomain to be served by your own web server, Cloudflare cannot serve it because you already have a different entry for it in your DNS.

Make sure your Cloudflare DNS entry for that subdomain shows R2 on the DNS record.
 
digitalpoint said:
Not sure what that second screenshot is, but it doesn’t look like Cloudflare dashboard. If you have setup that subdomain to be served by your own web server, Cloudflare cannot serve it because you already have a different entry for it in your DNS.

Make sure your Cloudflare DNS entry for that subdomain shows R2 on the DNS record.
Click to expand...
Thank you your suggestion to fix Cloudflare DNS entry helped.
 
Enabling guest cache through the addon causes (randomly) a user session caching. Users who are logged in sometimes see they are logged out but it happens randomly so it makes difficult to reproduce/troubleshoot.

Disabling the guest cache resolves the issue.
 
The only thing that I can think of that would cause that may be something browser specific (like if a browser wasn’t fully adhering to the cache-control directives). The addon instructs to edge cache but not cache in the user’s browser. If a browser was not adhering to that directive and serving up a locally cached version of the page, you might see that. But don’t think there would be a way to fix that as it would more be a browser issue with a very old browser.
 
Ivancas said:
No, I was able to reproduce it with the latest version of Brave web browser for example
Click to expand...
Well if it’s reproducible, maybe check another browser to see if it’s only with that browser? I’ve never run across a situation where it happened myself so I can’t really check anything.

It could also be a config issue with something upstream of the application (XenForo). For example if your browser (or even Cloudflare) is overwriting or removing HTtP headers, it could be an issue. It’s pretty important the the cache control headers make it to the user’s browser unaltered for guest page caching to work properly.
 
digitalpoint said:
For example if your browser (or even Cloudflare) is overwriting or removing HTtP headers, it could be an issue.
Click to expand...
How can I check that?
I see the Litespeed addon is installed but I removed it and users were still experiencing the same issue.

Where can I check if CF is removing the http headers?
 
If something like a Litespeed addon was altering the headers, it would still be an issue for users that already visited the site and got the mocked headers (the headers can instruct the browser to not check for an updated page for example). So until that original header expired or the browser flushed its cache it would still potentially be an issue. As far as figuring out what might be messing with headers, first just check what the cache control header is at the browser. From there you could at least know if it’s what it’s supposed to be or not and go from there.
 
You must log in or register to reply here.

Similar threads

N
[DigitalPoint] App for Cloudflare® - FRENCH translation
Replies
8
Views
851
Ozzy47
Ozzy47
digitalpoint
App for Cloudflare (appforcf.com)
Replies
12
Views
1K
securedme
securedme
Top Bottom