Hi,
I was told a while back that I had to add a line to enable CloudFlare compatibility? Can someone please explain to me the exact steps to do so?
I would like to enable and use CloudFlare for my website.
All help is much appreciated!
Hi,
I was told a while back that I had to add a line to enable CloudFlare compatibility? Can someone please explain to me the exact steps to do so?
I would like to enable and use CloudFlare for my website.
All help is much appreciated!
Hey,
I can’t access that account anymore which is why I am making a fresh topic.
I am unaware on how to edit the config to include those lines? All help is appreciated.
Mind explaining why? Have you tried to reset the password?
I used Putty to add the line at the end of templates - but when I attempted to rebuild the app, it said that the CloudFlare YML file was missing.
Yes, just:
cloudflare.template.yml
to the end of the templates section in app.yml
.Here’s how to edit in a nutshell:
cd /var/discourse
nano containers/app.yml
# Make sure to use spaces, not the tab key.
# Ctrl-O to "write [O]ut"
# Ctrl-X to "e[X]it"
./launcher rebuild app
credit to @riking
Wait a moment, this works and has worked for a very long time
You must follow the guide, in particular long polling base url
MUST be set correctly to the origin otherwise the message bus will not work right. You must also mixin the cloudflare template so it does not look like everyone is coming from the same IP which is a disaster.
I think it’s fine to setup this way if you wish, but in general I prefer just to use cloudflare as a CDN endpoint and point the site at Discourse to avoid moving parts and a more complex setup for little gain.
Solved most of problem. But still have problem with some new users has Digital Ocean’s VPS ip’s.
Another example:
My Discourse on the Frankfurt, Digital Ocean.
That’s the “Data Saver” proxy available on Android Chrome. It would be possible to add its IP range as a trusted X-Forwarded-For source. matomo/core/Tracker/VisitExcluded.php at 5.x-dev · matomo-org/matomo · GitHub
We are using Cloudflare and I’m a bit confused on what should be our long polling base url
.
Is it site.com or discourse.site.com? By default it already has / as the value.
I’m fairly certain you have to include the scheme if you need it to point to a different domain.
I’m just trying to understand exactly what long polling base url is for Discourses purposes and if we need to declare it from the default “/” that is there. After reading @sam’s instructions, I’m still unclear what, if any, URL I should input for that config.
In sam’s instructions:
The message bus long polling URL should be set to the non-CDN domain name that you set up
Maybe I’m dense and the language is stumping me…
Our site is https://ftw.in
Our Discourse is https://discussions.ftw.in
Both are behind Cloudflare.
So our long polling url is https://discussions.ftw.in/
?
No, your long polling URL would be
https://discussions-origin.ftw.in/
or, seeing as you have had DDOS problems: https://discussions-proxy.ftw.in
Where discussions-proxy is a non-Cloudflare server proxying the origin, but only for message-bus requests.
Ok, this explanation definitely helps me understand more clearly, but this is also where I get lost. Is this documented where and how to create this server for message-bus requests?
Also - we want all servers to be behind Cloudflare for the protection and CDN it provides. We would not want to have it outside of Cloudflare.
How: Just stand up a nginx with a single proxy_pass rule at OVH (“the premier bargain basement cloud provider”) or something.
You CANNOT put long polling behind CloudFlare. They terminate long-running requests as, incidentally, a anti-DoS measure.
Because DDoS protection is a priority for you, set up this server at a DIFFERENT provider so attacks on it do not actually take down the main site; you just get degraded live update functionality.
Got it. Thanks for the help!
Not to be totally dense here. but I’m not sure if I am configured for cloudflare correctly or not. I setup our discourse install about a year ago, behind cloudllare and I don’t believe I setup anything for long polling… Notifications appear to be working OK.
Is there something else I should look for.?
In the past it has been flaky, somehow over the years cloudflare has figured out how to proxy long HTTP calls, I would not say it is an optimal config to pass the message bus through cloudflare, but it it is working for you and you are not noticing any issues, so be it.
Should I proceed with following or let long polling through discourse subdomain which is proxied through Cloudflare?
I’m using Digital Ocean and I can set up a different subdomain, eg. poll.mydomain.com as the base and provide the same IP Address as the main website www.mydomain.com. The only difference is main site is proxied through Cloudflare and polling domain is not proxied i.e. orange cloud off. I’m hosting the discourse on www subdomain.
Will updates work if I continue to use polling to be proxied through CloudFlare ? If not, should use above approach, will that work without issue?