Using CloudFlare with NodeBB
-
@AOKP As far as I know, Incapsula supported caching and minify tools
@all Sorry for off-topic, just for fun
OK, back to topic, how many method can I use CloudFlare with NodeBB?-
- Follow lenovouser , but your IP will not be hidden.
-
- Upgrade to Enterprise CloudFlare Plan
a lot of money
- Upgrade to Enterprise CloudFlare Plan
-
- Use middleman as I said, I'm not sure it will work fine. (IP blacklist...)
-
- Could you guys split one server to listen socket.io? one will serve others request, so we can hide main IP
-
- ???? I'm thinking...
-
-
Just going to drop this here. https://support.cloudflare.com/hc/en-us/articles/200170706-How-do-I-restore-original-visitor-IP-with-Nginx-
-
@ThingBreaker last time I checked with there live chat... I had 2 people say 2 different things. One said that they didn't support websockets at all (how!?) And the other one said it on there most expansive plans. One thing is for sure. They cannot make up there mind with what package supports what features
-
@lenovouser said:
@L33t Yes, that is normal. An established WebSocket connection is not "closed" until you close the tab. That's why it shows up with so many seconds. You can happily ignore that
Thanks for the clarification. I kinda figured as much, but wanted to make sure.
-
@lenovouser I am aware how to setup NodeBB in a folder, however the issue is that the above given instructions of yours, do not work with a folder based installation.
-
@AOKP are there any errors I could take a look at?
-
@lenovouser basically the same as if you wouldn't use the config.
If you try to visit the forum under the new URL for example (live.<domain.tld>) it is saying that the page wasn't found, so it seems that the "entrance" of it is false. -
Is this working for anyone? I've been struggling trying to make it work. I'm getting an "invalid session" error whenever the site uses websockets.
I have the realip installed and it's working according to my nginx logs.
Seems like it could be something wrong with the forums, the request query is blank (no sid), and doesn't have any cookie. (My Java app, which injects the cookie itself, seems to be working with websockets.)
EDIT: My default cookie settings were somehow incorrect, setting and unsetting fixed it.
-
Good news, CloudFlare will open WebSockets for everyone
https://www.cloudflare.com/websockets/
https://support.cloudflare.com/hc/en-us/articles/200169466-Can-I-use-CloudFlare-with-WebSockets- -
This is great news!
We're now running on CF CDN.
We have around 2-300 concurrent connection. No problem so far. Much snappier! And nice to offload the SSL to them
-
anyone got ws and polling working at same time with cloudfare?
i did 3 test ith different config and this plugin to disable ws https://addons.mozilla.org/en-US/firefox/addon/websocket-disabler/
"socket.io": {
"transports": ["websocket"]
]
result: only websocket"socket.io": {
"transports": ["polling","websocket"]
}
result: only polling"socket.io": {
"transports": ["websocket","polling"]
}
result: only websocketso disabling ws it doesnt let you write a post
-
@exodo you can now totally remove the whole configuration and let it run over your main domain as CloudFlare has enabled WebSockets for free.
-
@lenovouser said in Using CloudFlare with NodeBB:
@exodo you can now totally remove the whole configuration and let it run over your main domain as CloudFlare has enabled WebSockets for free.
I have it that way
@lenovouser said in Using CloudFlare with NodeBB:
@exodo you can now totally remove the whole configuration and let it run over your main domain as CloudFlare has enabled WebSockets for free.
-
I ended up configuring ssl on our domain (Cloudflare Full SSL setup).
I had to adopt config.json to enable ssl for websockets. But as you can see I didn't change the socket.io transports defaults.{ "port": ["4567", "4568", "4569"], "ssl": { "cert": "/etc/nginx/ssl/mysensors_certificate.pem", "key": "/etc/nginx/ssl/mysensors_key.pem" }, "url": "https://forum.mysensors.org", "secret": "****************", "database": "redis", "redis": { "host": "127.0.0.1", "port": "6380", "password": "**********", "database": "1" } }This is our nginx config.
upstream io_nodes { ip_hash; server 127.0.0.1:4567; server 127.0.0.1:4568; server 127.0.0.1:4569; } server { server_name forum.mysensors.org; listen 443 ssl spdy; ssl on; ssl_certificate /etc/nginx/ssl/mysensors_certificate.pem; ssl_certificate_key /etc/nginx/ssl/mysensors_key.pem; # enables all versions of TLS, but not SSLv2 or 3 which are weak and now deprecated. ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # disables all weak ciphers ssl_ciphers 'AES128+EECDH:AES128+EDH'; ssl_prefer_server_ciphers on; # prevents 502 bad gateway error large_client_header_buffers 8 32k; client_max_body_size 2M; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_set_header X-NginX-Proxy true; proxy_redirect off; proxy_buffering off; # Socket.IO Support proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; gzip on; gzip_min_length 1000; gzip_proxied off; gzip_types text/plain application/xml application/x-javascript text/css application/json; location @nodebb { proxy_pass https://io_nodes; } location ~ ^/(images|language|sounds|templates|uploads|vendor|src\/modules|nodebb\.min\.js|stylesheet\.css|admin\.css) { root /home/msforum/NodeBB/public/; try_files $uri $uri/ @nodebb; } location / { error_page 502 =200 @maintenance; # prevents 502 bad gateway error proxy_buffers 8 32k; proxy_buffer_size 64k; proxy_pass https://io_nodes; } location @maintenance { root /opt/nginx/maintanance/; try_files $uri /index.html =503; } }Quite a few browsers still seem to use polling. I really don't know why.
We got quite a peak in cloudflare.. But a slowly decreasing bandwidth usage:
