The Old Man Posted June 10, 2021 Posted June 10, 2021 Hi Just a thought... Have you got your SSL/TLS encryption mode in Cloudflare on Full Strict? If so try it on Full (not Full Strict). ASTRAPI and Dakar 2
HDiddy Posted June 11, 2021 Posted June 11, 2021 On 6/10/2021 at 11:12 AM, The Old Man said: Hi Just a thought... Have you got your SSL/TLS encryption mode in Cloudflare on Full Strict? If so try it on Full (not Full Strict). It was on FULL, I ultimately had to pull everything back because I could not get past the 522 issue. Nothing I did would work. Kind of at my wits end though. I decided to try a multiple provider approach to see if I an spread my bandwidth around. First I tried Digital Oceans, but after some trial and error and reading up some more their API is not compatible. Next I tried Backblaze which seemed to look promising but when I switched the storage settings over...images and thumbnails work, hower I could not upload anything to the site and trying to download files I get a ":contentdisposition is prohibited for unauthenticated requests:" error Still brainstorming what to do next but options are getting really really limited at this point.
Circo Posted June 23, 2021 Posted June 23, 2021 (edited) Is anyone that's upgraded to 4.6 experiencing any issues with this setup? My users can't seem to upload after the 4.6 update... Not sure if this is causing it or not. nevermind... seems to have been a possible addon causing problems. Edited June 23, 2021 by Circo
Circo Posted June 25, 2021 Posted June 25, 2021 (edited) On 6/23/2021 at 3:54 PM, Circo said: Is anyone that's upgraded to 4.6 experiencing any issues with this setup? My users can't seem to upload after the 4.6 update... Not sure if this is causing it or not. nevermind... seems to have been a possible addon causing problems. Ok, so my users can no longer upload files larger than 100MB after updating to 4.6. I've verified with my website host, DreamHost, that my php config is fine and is setup to allow files up to 2G. Is there anything that could be on the Cloudflare or Wasabi side that I need to check that could cause this? I have not made any changes to Cloudflare or Wasabi since setting it up and it's been working perfect. Any suggestions? Ahh, this appears to be chunk size related... Cloudflare limited to 100M. I can't seem to find what controls chunk size. Bah, just set 50M in php.ini... Seems to be working now. Edited June 25, 2021 by Circo
ASTRAPI Posted June 25, 2021 Author Posted June 25, 2021 Cloudflare limits upload size (HTTP POST request size) per plan type: 100MB Free and Pro. 200MB Business. 500MB Enterprise by default (contact Customer Support to request a limit increase)
iamART Posted July 14, 2021 Posted July 14, 2021 We need a updated version of all this. Does not work for 4.6 at least for those of us with a new installed forum.
Randy Calvert Posted July 15, 2021 Posted July 15, 2021 12 hours ago, iamART said: We need a updated version of all this. Does not work for 4.6 at least for those of us with a new installed forum. The guide is still valid. I'm guessing your problem is not being able to download the marketplace "S3 Compatible Downloads" plugin from the AdminCP. That's because it has not been flagged for 4.6 yet even though it actually works. Just download it from: Choose that you are installing version 4.4 which will let you download the file without being told to go through the AdminCP marketplace. Once you have it downloaded, go to your AdminCP. Install it by going to the Plugins section and choosing "Manual Installation". Outside of that, follow the guide as written. ASTRAPI 1
INDIG0 Posted October 13, 2021 Posted October 13, 2021 @ASTRAPI Please tell me how to solve the issue with the certificate on cdn.mysite.com? Support gave a link Is it possible to white label Wasabi storage? I didn't get it, they want $ 1000 to install my certificate? 😁 P.S. On my main domain, I use a free certificate let's encrypt.
Randy Calvert Posted October 13, 2021 Posted October 13, 2021 (edited) You don't need to use Wasabi's SSL. You don't need a custom certificate. You should be using CLOUDFLARE to secure traffic. it has it's own wildcard certificate that is used that will cover anything.yourdomain.com. The request flow should be USER -> cdn.yourdomain.com (CLOUDFLARE) -> cdn.yourdomain.com.wasabisys.com (WASABI) -> USER Create cdn.yourdomain.com within CF's DNS interface. It should be a CNAME pointing to cdn.youdomdomain.com.s3.wasabisys.com (or whatever CNAME you have from Wasabi). You need to make sure the Proxied status is set to Proxy meaning the cloud is orange not grey. You also need to make sure your CF SSL certificate is not set to Strict mode. Go to the SSL/TLS section. You'll see options for "Off", "Flexible", "Full", and "Full (Strict)". Make sure "Full" is selected and not Strict. Edited October 13, 2021 by Randy Calvert
INDIG0 Posted October 13, 2021 Posted October 13, 2021 (edited) @Randy Calvert Thanks for your reply. Apparently I didn't quite understand what the cloudflare was needed for here, I thought to protect against DDoS. 😞 The problem is that I have a Russian-language forum, and the ip addresses of the cloudflare service is being banned by a certain state structure Roskomnadzor. Is there any other solution at the server level? Maybe another certificate like Wildcard SSL? Edited October 13, 2021 by AlphaStar
Randy Calvert Posted October 13, 2021 Posted October 13, 2021 (edited) Technically you can use any other Russian CDN in front of Wasabi and do the same thing. It would be on that CDN provider if they're providing a SSL cert or allowing you to use Lets Encrypt, etc. CF was suggested and defaulted here because it's free for both the CDN as well as the certificate. You could use any other provider you like however we obviously cannot comment on costs, availability, etc. Edited October 13, 2021 by Randy Calvert INDIG0 and ASTRAPI 1 1
flashpoint Posted October 17, 2021 Posted October 17, 2021 (edited) Anyone know how long it takes for Wasabi to covert trail accounts to non trail. Paid for an account but still getting the "Public use of objects is not allowed by default for trial accounts" message. Edit: approx an hour 🙂 Edited October 17, 2021 by flashpoint David N. 1
Randy Calvert Posted October 18, 2021 Posted October 18, 2021 It was about an hour or so for me. David N. 1
flashpoint Posted October 23, 2021 Posted October 23, 2021 Bucket policy to only allow cloudflare IPs if anyone is interested: { "Id": "S3PolicyId1", "Version": "2012-10-17", "Statement": [ { "Sid": "AllowRead", "Effect": "Allow", "Principal": { "AWS": "*" }, "Action": "s3:GetObject", "Resource": [ "arn:aws:s3:::bucket-name", "arn:aws:s3:::bucket-name/*" ] }, { "Sid": "IPBasedNarrowFurther", "Effect": "Deny", "Principal": { "AWS": "*" }, "Action": "s3:GetObject", "Resource": [ "arn:aws:s3:::bucket-name", "arn:aws:s3:::bucket-name/*" ], "Condition": { "NotIpAddress": { "aws:SourceIp": [ "173.245.48.0/20", "103.21.244.0/22", "103.22.200.0/22", "103.31.4.0/22", "141.101.64.0/18", "108.162.192.0/18", "190.93.240.0/20", "188.114.96.0/20", "197.234.240.0/22", "198.41.128.0/17", "162.158.0.0/15", "104.16.0.0/13", "104.24.0.0/14", "172.64.0.0/13", "131.0.72.0/22", "2400:cb00::/32", "2606:4700::/32", "2803:f800::/32", "2405:b500::/32", "2405:8100::/32", "2a06:98c0::/29", "2c0f:f248::/32" ] } } } ] } ASTRAPI 1
INDIG0 Posted December 26, 2021 Posted December 26, 2021 Who has a problem after the update? Instead of files, docs downloads xml with an error: <Error> <Code> SignatureDoesNotMatch </Code> <Message> The request signature we calculated does not match the signature you provided. Check your key and signing method. </Message> 🙏
INDIG0 Posted December 28, 2021 Posted December 28, 2021 (edited) can someone help with this? @Randy Calvert @All Astronauts 😀 Edited December 28, 2021 by INDIG0
Randy Calvert Posted December 28, 2021 Posted December 28, 2021 No problems for me. It looks like a bucket permission or credential problem from Google searching. Have you checked your config to make sure your credentials did not get goofed in your upgrade? You might just make a new Wasabi API credential and use it to make sure it’s not a problem with the account itself.
INDIG0 Posted December 28, 2021 Posted December 28, 2021 @Randy Calvert Yes, I checked the settings, everything is the same as it was. I don’t understand, but what does Google have to do with it? 🙃 Maybe this plugin is not compatible with version 4.6.9? Or do you also have the latest version of IPS and everything is ok?
Randy Calvert Posted December 29, 2021 Posted December 29, 2021 (edited) Yes. I’m using the latest stable version. No problems on 4.6.9. So it’s not that. There would be a lot more people posting in this thread if it was a version compatibility issue. 🙂 Edited December 29, 2021 by Randy Calvert
SUBRTX Posted December 8, 2022 Posted December 8, 2022 On 12/28/2021 at 7:18 PM, Randy Calvert said: Yes. I’m using the latest stable version. No problems on 4.6.9. So it’s not that. There would be a lot more people posting in this thread if it was a version compatibility issue. 🙂 Hey Randy, does this guide still works well with latest IPS and php 8?! Thanks!!!!!!
SUBRTX Posted December 20, 2022 Posted December 20, 2022 It's confirmed to work with latest IPS and PHP 8 I was wondering do you need to create a page rule to cache the file? Anyone did this?
Sirmadsen Posted January 14, 2023 Posted January 14, 2023 Also, does this work with Cloudlfares own storage R2? Really wish IPS would add more options than just Amazon S3 considering the cost difference.
Sirmadsen Posted January 15, 2023 Posted January 15, 2023 (edited) Followed the tutorial exactly and get: There appears to be a problem with your Amazon (cdn.throneofgeeks.com) file storage settings which can cause problems with uploads. A connection could not be established to the Amazon S3 server. Update your settings and then check and see if the problem has been resolved Do I require to add a credit card and pay just to see if it works? I also have my DNS through cloudflare and not my web host. Edited January 15, 2023 by Sirmadsen
Randy Calvert Posted January 15, 2023 Posted January 15, 2023 (edited) Per the first post... Quote GUIDE: BEFORE PROCEEDING, PLEASE BACKUP YOUR DATA FIRST! YOUR FILES WILL BE IN PRIVATE MODE AND WILL NOT BE ACCESSIBLE ON YOUR FORUM ! YOU MUST GET A PAID PLAN TO BE ABLE TO ACTIVATE THE INVISION FILE PERMISSIONS AND GET YOUR FILES ACCESSIBLE AT YOUR FORUMS. JUST ADD YOUR CREDIT CARD NOW (AT YOUR PROFILE PAGE) AND THEY WILL CHARGE YOU 5,99$ FOR A MONTH FOR 1TB STORAGE AND UNLIMITED BANDWIDTH. THE FREE TRIAL WILL NOT WORK FOR INVISION ! Once you have a paid account, you'll have to wait a short while for it to sync and realize your account is paid. I would suggest waiting an hour after you activate it at least. Edited January 15, 2023 by Randy Calvert Sirmadsen and ASTRAPI 2
Recommended Posts