Want more timely Centmin Mod News Updates?
Become a Member

Using Cloudflare

Discussion in 'Install & Upgrades or Pre-Install Questions' started by cloud9, Mar 8, 2022.

  1. cloud9

    cloud9 Premium Member Premium Member

    431
    117
    43
    Oct 6, 2015
    England
    Ratings:
    +217
    Local Time:
    7:03 AM
    1.25.3
    10.6.x
    Please fill in any relevant information that applies to you:
    • CentOS Version:CentOS7
    • Centmin Mod Version Installed:123.09beta01
    • Nginx Version Installed: 1.21.6
    • PHP Version Installed: 8.0.16
    • MariaDB MySQL Version Installed: 10.3.x
    • When was last time updated Centmin Mod code base ? : today
    • Persistent Config: Do you have any persistent config file options set in /etc/centminmod/custom_config.inc ? You can check via this command:
      Code (Text):
      cat /etc/centminmod/custom_config.inc
      

      Post output in CODE tags.
    I have a forum running fine, thinking of using Cloudflare, site has SSL with letsencrypt, is it just a case of swopping DNS - as I see some # Cloudflare settings in Centmin Mod configs (the domain ssl conf file)

    If I enable Cloudflare on DNS - do I need to unease these ? And any Cloudflare settings I should disable or enable ? Its the free Cloudflare plan

     
  2. eva2000

    eva2000 Administrator Staff Member

    53,212
    12,113
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,650
    Local Time:
    4:03 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    After swapping DNS/nameservers to Cloudflare and adding your domain to Cloudflare Account, if you already have HTTPS/Letsencrypt enabled on Centmin Mod Nginx site, then make sure you set in CF SSL tab dashboard and change from Flexible SSL to Full SSL at minimum.

    Other Cloudflare settings, would entirely depend on your web application used on your domain. Cloudflare when you add a new domain will have email/links to getting started guides. One will ask if you want to redirect non-HTTPS to HTTPS requests or always use HTTPS. If you Nginx vhost config has a non-https to https redirect via a 302, you can only enable one - either Cloudflare side and disable Nginx vhost config 302 redirect via commenting out that 1st server{} context or leave Nginx vhost config 302 redirect and NOT enable Cloudflare side for those settings to redirect non-HTTPS to HTTPS.
     
  3. cloud9

    cloud9 Premium Member Premium Member

    431
    117
    43
    Oct 6, 2015
    England
    Ratings:
    +217
    Local Time:
    7:03 AM
    1.25.3
    10.6.x
    Thanks

    What about these in my .conf.ssl settings

    Code:
    # cloudflare authenticated origin pull cert 
    #  ssl_client_certificate /usr/local/nginx/conf/ssl/cloudflare/mydomain.co.uk/origin.crt;
    #  ssl_verify_client on;
     
  4. eva2000

    eva2000 Administrator Staff Member

    53,212
    12,113
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,650
    Local Time:
    4:03 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
  5. cloud9

    cloud9 Premium Member Premium Member

    431
    117
    43
    Oct 6, 2015
    England
    Ratings:
    +217
    Local Time:
    7:03 AM
    1.25.3
    10.6.x
    @eva2000 Thanks, all set up and working fine, added all the csf stuff you mention in all your links as well....