Cloudflare SSL and DNS fun times

cornnfedd

Captain Futurama
Joined
Aug 12, 2006
Messages
1,037
Firstly my knowledge on DNS and SSL and Cloudflare is very poor, I haven't really had much to do with this at all but have been messing around with my site the last few days and I think its about right now but still have a few questions, this was because my host making changes.

Dear Customers, Please be informed we will be shutting down the following Nameserver (NS) permanently on 27th February 2020 due to SPAMHAUS complain :

Ns1.hyperflux500.com Ns2.hyperflux500.com

There will be no replacement Nameserver and you are advised to register for external DNS service like cloudflare or freedns.

+++++++++++++++++++

OPTION 1: You can register for cloudflare via your control panel for free
OPTION 2: You can register for Free DNS from their website

++++++++++++++++++

Please take immediate action. Failing to change your DNS within the given time frame will cause your domain to be unreachable. For customer's that already using other Nameserver, you may ignore this notice. If you have any inquiries, kindly submit a ticket to ...Your cooperation and understanding are highly appreciated.
Anyway I have copied all my DNS info over to cloudflare and I think it seems to all be working properly, pretty much copied it accross.

Now to get https:// to work all I have done in cloudflare is chose encryption mode FULL

Full
Encrypts end-to-end, using a self signed certificate on the server


And I have also turned on

Always Use HTTPS
Redirect all requests with scheme “http” to “https”. This applies to all http requests to the zone.

So my question is, is this all I need to do? Seems like everything is working ok and https:// is working and everything is redirecting to it.
Do I need to copy a SSL certificate to my website and do it that one or is above all ok?

Sorry this might not make sense as I dont really understand it myself. Hahaha as in should I be doing this option below?

Full (strict)
Encrypts end-to-end, but requires a trusted CA or Cloudflare Origin CA certificate on the server



edit: I was reading through this topic on xneforo but I assume most of this doesnt need to be done anymore.. https://xenforo.com/community/resources/how-to-implement-ssl-to-secure-http-traffic-https.5425/
 

MagicalAzareal

Magical Developer
Joined
Apr 25, 2019
Messages
723
You can use Cloudflare either as a DNS server or as a proxy as sorts (caching is one perk), as far as I know. If you're doing the second, then you will likely want the receiving server to be somewhat Cloudflare aware, otherwise it will appear as if every user is using Cloudflare's IPs.
 

cornnfedd

Captain Futurama
Joined
Aug 12, 2006
Messages
1,037
Pretty much got most of it working now, will look at the Full one over the next few days I guess
 

Ali.Ch

Aspirant
Joined
Jun 1, 2016
Messages
34
Personally I would not use cloudflare proxy if I don’t have to. The reason is that I am a fan of optimization of my website because of SEO reasons and with CF I always have worse results. First byte time is always higher. For me there is a difference of 0.8-1 second difference which in page speed optimization world is conaiderable.

This depends though. My hosting provider offers LiteSpeed Enterprise which comes with man great features auch as LS cache and lsphp. If you are using XF as a forum software there is an official plugin for XF which connects XF to the LiteSpeed engine.
 

DigNap15

Adherent
Joined
Sep 14, 2019
Messages
264
Yes, why is running a forum so technically hard.
Half of these terms I have never heard of.
No wonder so many admins give up
 

eva2000

Habitué
Joined
Jan 11, 2004
Messages
1,778
Yes, why is running a forum so technically hard.
Half of these terms I have never heard of.
No wonder so many admins give up
Anything worth doing, should involve some effort :D

First byte time is always higher. For me there is a difference of 0.8-1 second difference which in page speed optimization world is conaiderable.
Depends on how you configure Cloudflare for optimal usage. This is due to Cloudflare caching certain static content https://support.cloudflare.com/hc/e...ons-does-Cloudflare-cache-for-static-content- but not dynamic/static generated html itself by default. But you can tell Cloudflare to cache dynamic/static generated html content to some extent depending on Cloudflare plan you’re on via cache everything page rule or use Cloudflare Workers with custom cache everything for guest visitors only. But have to be careful to only do this for static html content and not dynamic html content (otherwise you would cache private logged in user content).
example with https://tools.keycdn.com/performance

with Xenforo + Cloudflare

1593093764926.png

with Google Adsense + Analytics

1593094068481.png

with Wordpress + Cloudflare

1593093885463.png

with only Google Analytics

1593094124405.png
 

eva2000

Habitué
Joined
Jan 11, 2004
Messages
1,778
Top