While on it, I think the whole Network settings are irrelevant for Discourse:
- IPv6 compatibility cannot be disabled anymore, and of course Discourse does not depend on it, but can perfectly run on an IPv4-only system.
- IP Geolocation adds the
CF-IPCountryheader to requests, which is however not used by Discourse. It uses its own (optional) MaxMind feature. - Network Error Logging adds the Report-To response header, which browsers can use to report errors to. It is however deprecated, and even that the feature can be enabled with all Cloudflare plans, the dashboard element to actually view the reports is available only with Enterprise plan. So in this case for some old browsers it might just be a privacy regression and network overhead.
- Onion Routing enhances privacy for requests coming from the Tor network. Discourse won’t care or even know this.
- The Pseudo IPv4 feature might even be needed if the host runs some software, like ancient analytics or similar, which supports IPv4 addresses only. The proxy headers of Cloudflare, like
Cf-Connecting-IP(or others, depending on what one configures) can then be adjusted to have a moreless unique IPv4 address, instead of the actual IPv6 address of the client, to work around the fact that IPv6 support for client->Cloudflare requests cannot be disabled anymore. Again, Discourse won’t care. I mean it would be a problem for e.g. GeoIP detection, but the feature is disabled by default, and admins of course should enable it only, if strictly required by whichever software they run, accepting the downside of non-true client IPs. It can be also configured to only add a new header with the pseudo IPv4 address, and analytics (or whatever) requests can then rewrite client IP headers where needed, while requests to Discourse would not be affected. In any case, for Discourse functionality in general, the feature is irrelevant. - True-Client-IP Header adds just this header in addition to
CF-Connecting-IPandX-Forwarded-For. Discourse does not make use of it, also the Discourse config template usesCF-Connecting-IPinstead. So it has no effect. - gRPC is not used by Discourse, but having Cloudflare enabled to forward gRPC requests does not hurt either, same as with WebSockets. Both might be needed enabled for other software running on the same Cloudflare domain.
- Maximum Upload Size 100 MB is default and minimum. Larger upload sizes require Business or Enterprise plans, and Discourse won’t break if Cloudflare allows larger uploads.
The only thing I am not sure about whether it can have an effect is Response Buffering. And I cannot test as it is an Enterprise-only feature. But I cannot imagine that the client cares whether packets are streamed form CF edge as they come in, or sent in one chunk ones compete at the edge. For cached data (cached at Cloudflare I mean), this is done always anyway, and there is does not cause issues, at least. This feature only affects non-cached data.
So basically I would remove the whole “Network settings” section as something which is irrelevant for Cloudflare functionality, but other software might require certain settings or admins might prefer them a certain way, and should know that Discourse will function in any case.