Discourse & Cloudflare

There’s a lot of back and forth in this community about using Cloudflare. Some people say it works just fine without any problems and others warn that the sky will fall if they use it. Either way, most of this info is very dated, from 2 years to nearly a decade ago.

Personally, I’m using Cloudflare with Discourse here in 2022 without any issue.

I’m fully minifying/caching all pages and HTML/CSS/JS, with Brotli compression. I’ve only excluded the /admin from Cloudflare performance as a personal preference.

I didn’t turn off the Rocket Loader, but it was already off by default. The only other change I made was to add:

- "templates/cloudflare.template.yml"

to my app.yml settings in order to restore user IPs.

It’s also worth mentioning that the site worked fine before I ever even made a single adjustment.

As long as your recognize that what you’re doing is completely unsupported that’s fine.

CloudFlare continue to tweak their optimizations and at times they cause no issues, then at others they’ll bring a site to its knees. For most the idea of their site breaking through no action on their part would be pretty unpalatable.

If you’ve ever watched a rebuild you will already know that minification already happens within Discourse. CloudFlare doesn’t minify the site better than it already does itself. Have you measured performance with and without CF enabled?

And don’t forget that once the JavaScript app is loaded into the browser CloudFlare is actually slowing your site down. Every ounce of traffic between the app and server now also has to traverse the CloudFlare network, increasing the number of network hops and with it latency.

But if it’s working for you that’s great. Just make sure you turn it off before asking for support, because it’s the first (and most likely) culprit.

I get the feeling that most (if not all) of the fear around using Cloudflare with Discourse is based on issues from years ago.

Both Cloudflare and Discourse have come a long way in the past decade.

I have extensive experience with caching issues in general, and it’s true that in the early days, Cloudflare broke a lot of scripts, but it’s been pretty behaved for many years now.

Some of the more aggressive caching tools definitely break stuff and require a lot of optimization to get them to play nice. That sentiment in general still holds true.

However, are you sure the statement that Cloudflare isn’t supported by Discourse is still accurate? Discourse literally has mechanisms built into it to handle Cloudflare.

Anyway, no, I didn’t do a before and after on https://gtmetrix.com/, but for me that’s somewhat moot because I have other reasons to use Cloudflare than just speed, so unless it caused a dramatic (or even noticeable) decrease in speed, I’d be using it anyway.

Final Thought: Yes, anytime you use a CDN/caching/minification/etc. tool, especially if you’re inexperienced, it can break stuff. That’s true of all websites regardless of how they’re built. But, the idea that Cloudflare is all, but guaranteed to wreak havoc on all Discourse sites feels like dated information, that needs to stop being perpetuated.

The CloudFlare template isn’t a new addition, and if you take the time to look at the source you will see that the sole purpose is grab their IP ranges and modify nginx to ensure it’s looking at the CF-Connecting-IP as the true client address is obscured by the proxying the orange cloud provides. It’s not a new thing, it’s been around for at least seven years. You can use Cloudflare to conceal the whereabouts of your server, or act as a cheap CDN for uploads, but in both cases we would recommend you disable all performance features and use a page rule to enable caching on your uploads folder.

What benefit would testing via GTMetrix demonstrate? I think you have a fundamental misunderstanding of how Discourse works to be citing that. Discourse isn’t a website, it’s a Javascript application. Navigating the site doesn’t serve flat HTML pages to the browser. The Javascript app which loads into your browser talks to the server directly, which is why certain page elements don’t appear to reload between clicks. The snappiness of said application is only determined by server resources and latency between client and server. CloudFlare can’t speed up your Discourse instance, and its presence between the two systems increases latency.

The above is based on years of experience, not a feeling. Discourse still has periodic problems with Cloudflare. Beyond obscuring your server IP and saving a little data transfer for uploads there’s nothing that Cloudflare can do to speed up a Discourse site.

The CloudFlare template isn’t a new addition, and if you take the time to look at the source you will see that the sole purpose is grab their IP ranges and modify nginx to ensure it’s looking at the CF-Connecting-IP as the true client address is obscured by the proxying the orange cloud provides. It’s not a new thing, it’s been around for at least seven years. You can use Cloudflare to conceal the whereabouts of your server, or act as a cheap CDN for uploads, but in both cases we would recommend you disable all performance features and use a page rule to enable caching on your uploads folder.

Right, my point was that if Cloudflare was unsupported, they wouldn’t bother officially adding in any kind of support for it the first place. They also wouldn’t have official tutorials on how to use it. Granted, they may recommend not using it because of X, Y, and Z in some cases, but that’s not the same as something being flat-out unsupported.

What benefit would testing via GTMetrix demonstrate? I think you have a fundamental misunderstanding of how Discourse works to be citing that. Discourse isn’t a website, it’s a Javascript application. Navigating the site doesn’t serve flat HTML pages to the browser. The Javascript app which loads into your browser talks to the server directly, which is why certain page elements don’t appear to reload between clicks. The snappiness of said application is only determined by server resources and latency between client and server. CloudFlare can’t speed up your Discourse instance, and its presence between the two systems increases latency.

Yes, I understand that Discourse isn’t a website. It’s a platform for delivering content like any other platform/software/CMS. Of course Cloudflare can’t impact anything at the server-level, which is especially true of LAMP setups. But, ultimately, every platform has to eventually deliver all the client-side code (HTML/CSS/JS). Of course GTmetrix can’t scan for server-side speed, but you can still glean some things about the final output of your setup. In other words, how the user experiences the loading of content.

Cloudflare doesn’t actually speed up a website all that much, not nearly as dramatically as server-side optimizations and better server resources do. We’re in full agreement on that. Its main focus is optimizing DNS. There’s some more advanced CDN features for paid accounts, especially where images are concerned, but I’ve never even used a paid account. I wonder if it’s some of those advanced features where people run into the most trouble and have to ask for help?

The above is based on years of experience, not a feeling. Discourse still has periodic problems with Cloudflare. Beyond obscuring your server IP and saving a little data transfer for uploads there’s nothing that Cloudflare can do to speed up a Discourse site.

Dang it. I knew I was going to get grief for saying “feeling,” but it’s just a figure of speech. I’m talking from experience too.

I wouldn’t challenge the fact that as a Leader in the official Discourse community, you obviously have more experience with Discourse, and clearly have seen all kinds of wacky issues caused by Cloudflare.

Aside from getting into the weeds about all the nuances of Cloudflare/Discourse, I still stand by my primary point though, which is merely that Cloudflare isn’t at all as scary as the narrative in this forum would have most people believe.

That said, I also understand managing communities and obviously not everyone is a developer or even tech-savvy. In that sense, I can see why being flooded with people thinking that Discourse is broken when it’s just Cloudflare or something similar would become annoying.

That’s the point. “unsupported” doesn’t mean “impossible”, but “good luck with that”. One frequent answer to “there is a bug” is “does it go away if you turn off cloudflare”?

If you do want to speed things up use a real CDN - - Enable a CDN for your Discourse

Or, ya know, if someone wants a completely free option or they otherwise just want to use Cloudflare, they can, no problem.

You’re citing a recommendation from nearly a decade ago. Things change. I would really like to see one of the official devs weigh in on this in 2022. I’m guessing he would say that things are much more stable, and also, any recommendation about not funking with JS is probably the recommendation for all CDNs, not just Cloudflare.

Please don’t tag team members, if they want to weigh in they will.

???

I tagged the creator of Discourse. We can go back and forth all day about where Discourse stands in 2022 concerning Cloudflare, but until we hear it from the horse’s mouth, it’s more speculation than a definitive answer.

How would he possibly even know that anyone’s asking for his thoughts in order for him to weigh in unless he’s tagged?

There was an issue just last week that had to do with people seeing ads when they shouldn’t that it was pretty clear was an issue with cloudflare. Turning it off is always one of the first things to do. Lots of people getting support here are complete novices and making things as trouble free as possible is the goal. If it works for you, that’s great. If you want to respond to twenty or more posts a week that

But that’s not true. If you use a real cdn discourse users it only for the stuff that should be served by cdn.

Hey @JammyDodger, I think it’s time for a cloudflare faq (though it’s not the first time I suggested it). You can get Jeff and Sam to weigh in.

Here’s the thing. Caching/combining/minification notoriously breaks JS, regardless of the software or CDN combo being used. I’ve seen this common issue with a dozen other tools/services. When dealing with novices, their browser cache alone is a constant pain to educate them about. I’ve managed large software communities before; I’m well aware of the same old issue coming up again and again.

What I’m wondering is, is this really a Cloudflare problem specifically OR is this a common problem that all optimization tools have where they can break JS and it just so happens that because of the popularity of Cloudflare, this general problem is mistakenly conflated as a Cloudflare problem. Does that distinction make sense?

In any case, yes, I would love for the official devs to weigh in on this and a current FAQ would be very helpful. I’m getting a lot of push back, but I’m not trying to cause problems. It’s just frustrating that the community is full of so many contradictions on this; I’m just trying to get to the bottom of where things truly stand in 2022.

But, if I can’t, if we can’t, that’s okay. Enjoy the rest of your weekend everyone. I’ll leave the poor alone now.

No, that is not true. We see issues with Cloudflare in combination with Discourse on a very frequent basis.

There is no such thing as “supported”. But if you don’t know what you’re doing, it can and will cause issues, and even you do know what you’re doing you can get unexpected problems.

The performance benefits of Cloudflare, if any, will be small. Most assets served by Discourse are well-compressed and immutable (i.e. they’re cached by the browser for a very long time). Most other content is non-cachable because it’s personalized application data.

That said, Cloudflare can be very useful for DDoS protection.

That would be welcomed since we have mixed opinions from different users

We’ve got a FAQ for Cloudflare and how to (not) configure it for Discourse. It applies to self-hosted instances as well.

I don’t doubt this, but I think you missed the distinction I was trying to get to the bottom of. Is it actually, specifically Cloudflare that’s the problem, or is it really just the fact that optimization tools of this nature can easily break JS in general? And most people just happen to use Cloudflare because of its popularity, creating a false conflation.

It would be like blaming Gmail or GoDaddy for issues that are inherent to all email or hosting services.

And if there were another CDN that was more popular than Cloudflare, you’d see just as many strange support requests about that service too.

Even if you don’t agree, do you understand what I mean?

Since we must avoid certain settings, and meta users said things like

All CloudFlare can do for you is hide your IP and act as a CDN for your uploads. The benefits are minimal

and

The performance benefits of Cloudflare, if any, will be small.

Is there a definitive and straightforward answer to the question “With no speed settings enabled, does Cloudflare have any benefit compared to Bunny CDN or Stackpath (or any “regular” CDN I suppose)”?

I’m still hesitating between Bunny which would decrease a lot my current CDN (Stackpath) costs, and Cloudflare, which in my case would be free (the domain’s owner can add my forum to his enterprise account).

Also, stuff I don’t understand because I’m not tech-savvy.

It’s not just about breaking JS. It’s also about proxying and making port 80 inaccessible, breaking LetsEncrypt, and some of these services caching more than they should.

Since Cloudflare is the biggest of these “optimization tools of this nature”, and it’s widespread, popular and free, it’s the one that most discussions are centering around. But yeah, you’re right. It’s a problem of tools like this in general.

So, yes, agreed.

Topics like these tend to be a bit dangerous in nature since people (especially in the “problem” target group) don’t tend to read very well. It’s like posting in a topic about the dangers of drug or alcohol abuse and claiming “no guys, it’s not just a problem of drugs and alcohol, I use drugs without any issue, and don’t forget people: overusing any substance is dangerous”. (Yes, I know. Every metaphor goes only so far, but it’s the best I could think of).

And we can say how dangerous things are as loudly as we want, but people will use it anyway.
That’s why we made a FAQ

A new FAQ guide sounds like a great idea. The Communiteq link was not very robust.

Here on this forum, some people are making general rules Cache Level: Bypass, Disable Performance, however, they are allowing Cloudflare to cache images or css. I haven’t seen an official response if that is a yay or nay…

Instead of saying don’t use Cloudflare, and then field problem children, perhaps it would be good to come forward with what should and should not be done. Then a quick link reference to that post in the future will answer those questions.

Just one man’s opinion.

@RGJ — Thank you! Many people may not see nor understand the point of my distinction or what difference it makes, but it brings a great deal of clarity to me. I get very frustrated without clarity, because without that initial, solid foundation, I then don’t know what path to go down to further focus on and gain better understanding of a particular subject.

If you have any specific comments, I’d love to hear them.

With respect to caching, I’d say it’s a not a “yay” or “nay” but more like a “meh”: