CloudFlare and IPS

[Khoa Nguyen_64878]

Hello everyone,

Recently I switched to CloudFlare from the recommendation of my server host. Upon doing so, however, my license key dropped off the board and it's now impossible for my board to contact the IPS licensing servers.

Has anyone else who is on CloudFlare experienced this issue? Is there a way for me to fix this.

I do have a support ticket in, but thought maybe reaching out to the community would see a little help.

[MADMAN32395]

have you properly configured CF?

[Khoa Nguyen_64878]

have you properly configured CF?

As far as I am aware, yes. I went through the user guide that was emailed to me upon signup, and everything appears to be in working order. On my end, things have improved - the only issue I am having is in regards to my server attempting to contact the IPS License Server.

[G17 Media]

Since CloudFlare only proxies traffic to your server, and not traffic instigated from your server, I don't see how this could be caused by CloudFlare.
I'd wait for the support ticket to be resolved, as it may be an unrelated issue.

[EmpireKicking]

I find that cloudflare makes my site go offline if I get allot of traffic. Lcpdfr seems to have a paid service of cloudflare, doesn't do it for you G17

[GriefCode]

I have also the free licensing of CF running in front of my servers, mainly to hide my IP.

I never experienced any issues like that, for reference i recommend:

• Remove the whole cache from CF, so you are sure that the actual version is cached to CF, also an option is to enable development mode once.
• Check your secure connection settings, either enable HSTS or disable HTTPS flexible setting to off.
  • Before i had several issues that IPB is not loading properly, fonts, images etc., the reason is that IPB loads with the URL you can find in your global conf, probably once you have set it to http, you are always loading files through http. Since CF mostly enables a https protocol in front of your page for the matching devices, they try to load data from https, which cause some issues
• As already someone said, CF is there to manage incoming traffic, but not outgoing, you may want to ask the IPS support for the specific IP / IPs to be whitelisted when hosting IPS, maybe your Hoster detected a connection there which detected by some exploit scripts and was automatically blocked (i do not think that is the reason, because afaik, the license is once saved on install and only updated/renewed when you hit the refresh button)

 

I find that cloudflare makes my site go offline if I get allot of traffic. Lcpdfr seems to have a paid service of cloudflare, doesn't do it for you G17

To the last statement, your site is going offline on a lot traffic, what is a lot of traffic for you? I have seen pages behind CF which basically manage up to 500.000 requests per minute behind a free license. If you have more requests (which i highly don't doubt) you may want to contact their support and you may need to upgrade to a business or (what i think)  a pro license. (Happy Payments \ / )

Also, you should always consider if the action, to put your site behind CF makes sense. If your Hoster recommend it, it doesn't mean it's always the best decision. CF offers a various points which are good, but also has mostly side effects.

Caching:
Caching is the most efficient feature of CF in one.

• You have lower page speeds, since CF is nearly on every central net node with their cache servers.
• Less server traffic, looking up the CF Analytics displays you the saved traffic of your page
  • This is the reason why Hosters recommend it, it's pretty simply to know why (im working myself as hobby with a VPS Hoster, and i know the struggle)
    You may have a shared, container based system and a limited Traffic amount at the end of the month. The provider is always calculating with an average way, you may have 1TB Traffic, but the calculation is 200GB Traffic at a maximum, because most servers are using less than 100GB Traffic. If you are using CF you are mainly saving traffic, which has a positive turn for a Hoster. You get even less traffic for the traffic which you are actually allowed to use, so the Hoster can reduce the traffic he buys monthly.
    Additionally, the shared system generally lowers, since CF is caching your requests, you have less requests gone to your server, less load, less usages = more space for other containers on the virtualization machine.
• Development is a negative point i need to bring up. Im constantly developing and the caching part always disturbs me, you need to turn on the development mode, and it does expire after 2 hrs, when you don't notice you are sitting there confused why its not on the server what you changed etc.

DDos Protection:
This is the main feature why i moved to CF, you can filter traffic which is going through your web port (flooding attacks), if you don't have any experience regarding attacks, you don't need that actually. DDos is currently badly mainly in the gaming communities placed, and we were recently targets from a lot DDos attacks, i wish that no one must experience what we did there, however it had a side effect, my Hoster upgraded to a 500GBit/s DDos cloud-filter protection \ /

Also the DDos protection coming up with issues, CF protects you only against a limited band width, on your free plan, you either put in front the 5 seconds loading screen, or you will be asked to upgrade your plan, else they will simply block your page in a jail, so no one is able to access it in that case.

Free SSL Certificate:
If you enable the HSTS and set the HTTPS to Full, you will get a free certificate from CF for your side. However, the whole thing has a backside, the SSL cert is pretty low. So if you have a huge community, you may want to get your own certificate which offers a bit more security.

This are the basic ideas of CF, i hope i didn't scare you with the wall post. But this are the known facts which need to be looked at before using CF. In some cases its really recommend to use CF, but in some it's really not.

Regards

[Khoa Nguyen_64878]

Since CloudFlare only proxies traffic to your server, and not traffic instigated from your server, I don't see how this could be caused by CloudFlare.
I'd wait for the support ticket to be resolved, as it may be an unrelated issue.

This is what I presumed as well - however, CloudFlare is amongst the only changes I have made in the past few days, the other being clearing the cache via the "something isn't working right utility."

I have also the free licensing of CF running in front of my servers, mainly to hide my IP.

I never experienced any issues like that, for reference i recommend:

• Remove the whole cache from CF, so you are sure that the actual version is cached to CF, also an option is to enable development mode once.
• Check your secure connection settings, either enable HSTS or disable HTTPS flexible setting to off.
  • Before i had several issues that IPB is not loading properly, fonts, images etc., the reason is that IPB loads with the URL you can find in your global conf, probably once you have set it to http, you are always loading files through http. Since CF mostly enables a https protocol in front of your page for the matching devices, they try to load data from https, which cause some issues
• As already someone said, CF is there to manage incoming traffic, but not outgoing, you may want to ask the IPS support for the specific IP / IPs to be whitelisted when hosting IPS, maybe your Hoster detected a connection there which detected by some exploit scripts and was automatically blocked (i do not think that is the reason, because afaik, the license is once saved on install and only updated/renewed when you hit the refresh button)

Tried all of this, unfortunately nothing. 

Thanks for the tips guys. Guess I just have to wait for CloudFlares incredibly slow support (despite having a pro account), IPS' average-time support, and my hosting providers incredulously slow support. No complaint if they get it fixed though, haha =)

[GriefCode]

Thanks for the tips guys. Guess I just have to wait for CloudFlares incredibly slow support (despite having a pro account), IPS' average-time support, and my hosting providers incredulously slow support. No complaint if they get it fixed though, haha =)

Good luck with that, i never contacted CF support, since i rarely anyway use support. I faced a lot of issues and used to test a lot different hosters. Mostly of them do not help and support on a professional level an individual customer. From up to 28 hosters, i can definitly say that only two of them had experinced, professional and fast support.

Please let me know the support reply from CF, im interested into that and their support level.

[Khoa Nguyen_64878]

Well, here's an update:

1. CloudFlare support is actually pretty helpful. Very succinct and generally great.
2. IPS Support provided me the host-name I needed.
3. My hosting provider is great too!

However, none of those things mattered. Randomly, this afternoon, the prompt asking for my license key disappeared without any action on my part. I don't even know anymore...

[GriefCode]

Well, here's an update:

1. CloudFlare support is actually pretty helpful. Very succinct and generally great.
2. IPS Support provided me the host-name I needed.
3. My hosting provider is great too!

However, none of those things mattered. Randomly, this afternoon, the prompt asking for my license key disappeared without any action on my part. I don't even know anymore...

Thanks for letting me know that. They need to be succinct to handle all the support requests 

I'm glad you solved your issues.