Join the community today
Become a Member

Xenforo XenForo 2.1 CDN using Cloudflare free plan :D

Discussion in 'Forum software usage' started by rdan, Oct 7, 2019.

  1. rdan

    rdan Well-Known Member

    4,791
    1,150
    113
    May 25, 2014
    Ratings:
    +1,721
    Local Time:
    3:31 AM
    Mainline
    10.2
    Free and not using Cloudflare on main Domain.
    Just to save bandwidth and accelerate static files.

    Code:
    server {
        listen 443 ssl http2;
        server_name cdn.xf.com;
        include /usr/local/nginx/conf/ssl/xf.com_ssl.conf;
    
        access_log off;
        log_not_found off;
        error_log /home/nginx/domains/xf.com/cdn_error.log error;
        root /home/nginx/domains/xf.com/public;
    
        location /               { deny all; }
        location ~ \.(default|html|php|txt|xml)$ { deny all; }
       
        location /data/          { }
        location /js/            { }
        location /styles/        { }
        location ~ ^/(proxy.php) { include /usr/local/nginx/conf/php.conf; }
    
        include /usr/local/nginx/conf/staticfiles.conf;  
    }

     
  2. pdinh97qng

    pdinh97qng Member

    76
    8
    8
    Jan 24, 2016
    Ratings:
    +20
    Local Time:
    11:31 AM
    If I'm not wrong, CloudFlare doesn't allow customer to serve only static files. I saw an email for this situation before:p Better to not violate the rules :yawn:
     
    • Informative Informative x 1
  3. eva2000

    eva2000 Administrator Staff Member

    42,785
    9,685
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,945
    Local Time:
    5:31 AM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    I believe @rdan is setting up non-cloudflare protected domain.com hostname that serves static files directly from a separate cloudflare protected cdn.domain.com hostname on Centmin Mod Nginx origin web server. Basically disabling cloudflare orange cloud on domain.com DNS record and enabling cloudflare orange cloud on cdn.domain.com DNS record.

    Yeah they do have such a rule though it's open for interpretation and with their release of Cloudflare Workers, it is all about serving static files :) Cloudflare will contact you if you overstep their usage policy. So you can ask them if unsure.
     
    • Informative Informative x 1
  4. rdan

    rdan Well-Known Member

    4,791
    1,150
    113
    May 25, 2014
    Ratings:
    +1,721
    Local Time:
    3:31 AM
    Mainline
    10.2
    My fully working and updated config.

    Code:
    server {
        listen 80;
        server_name cdn.domain.com;
        return 301 https://cdn.domain.com$request_uri;
    }
    
    server {
        listen 443 ssl http2;
        server_name cdn.domain.com;
        include /usr/local/nginx/conf/ssl/domain.com/domain.com_ssl.conf;
    
        access_log off;
        log_not_found off;
        error_log /home/nginx/domains/domain.com/cdn_error.log error;
        root /home/nginx/domains/domain.com/public;
    
        location /                                { deny all; }
        location ~* \.(default|html|php|txt|xml)$ { deny all; }
    
        location ~* \.(gif|jpg|jpe|jpeg|png|ico)$ {
        gzip_static off;
        add_header Link "<https://domain.com$request_uri>; rel=\"canonical\"";
        add_header Access-Control-Allow-Origin *;
        add_header Cache-Control "public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800";
        expires 30d;
        break;
        }
    
        location ~* \.(3gp|wmv|avi|asf|asx|mpg|mpeg|mp4|pls|mp3|mid|wav|swf|flv|exe|zip|tar|rar|gz|tgz|bz2|uha|7z|doc|docx|xls|xlsx|pdf|iso|br)$ {
        gzip_static off;
        sendfile off;
        sendfile_max_chunk 1m;
        add_header Link "<https://domain.com$request_uri>; rel=\"canonical\"";
        add_header Access-Control-Allow-Origin *;
        add_header Cache-Control "public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800";
        expires 30d;
        break;
        }
    
        location ~* \.(js|json)$ {
        add_header Link "<https://domain.com$request_uri>; rel=\"canonical\"";
        add_header Access-Control-Allow-Origin *;
        add_header Cache-Control "public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800";
        expires 30d;
        break;
        }
    
        location ~* \.(css)$ {
        add_header Link "<https://domain.com$request_uri>; rel=\"canonical\"";
        add_header Access-Control-Allow-Origin *;
        add_header Cache-Control "public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800";
        expires 30d;
        break;
        }
    
        location ~* \.(eot|svg|ttf|woff|woff2|less|otf|scss)$ {
        add_header Link "<https://domain.com$request_uri>; rel=\"canonical\"";
        add_header Access-Control-Allow-Origin *;
        add_header Cache-Control "public, must-revalidate, proxy-revalidate";
        expires 365d;
        break;
        }
    
    
    }
    
     
    • Winner Winner x 2
    • Like Like x 1
    • Informative Informative x 1
  5. pdinh97qng

    pdinh97qng Member

    76
    8
    8
    Jan 24, 2016
    Ratings:
    +20
    Local Time:
    11:31 AM
    @rdan can you share your page rules :nailbiting:
     
  6. rdan

    rdan Well-Known Member

    4,791
    1,150
    113
    May 25, 2014
    Ratings:
    +1,721
    Local Time:
    3:31 AM
    Mainline
    10.2
    Why :nailbiting:? :D

    Just basic Cache Everything option.
    upload_2019-10-10_3-20-41.png
     
    • Informative Informative x 2
  7. eva2000

    eva2000 Administrator Staff Member

    42,785
    9,685
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,945
    Local Time:
    5:31 AM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    looks good with canonical headers properly in place too :)
     
    • Like Like x 1
  8. negative

    negative Active Member

    362
    43
    28
    Apr 11, 2015
    Ratings:
    +85
    Local Time:
    9:31 PM
    1.9.10
    10.1.11
    Do you advice that add the canonical header even without using the cloudflare as CDN in free plan ?
     
  9. eva2000

    eva2000 Administrator Staff Member

    42,785
    9,685
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,945
    Local Time:
    5:31 AM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    yeah doesn't hurt
     
  10. negative

    negative Active Member

    362
    43
    28
    Apr 11, 2015
    Ratings:
    +85
    Local Time:
    9:31 PM
    1.9.10
    10.1.11
    is it enough put that code to location / in my host conf ?
    Code:
    add_header Link "<https://domain.com$request_uri>; rel=\"canonical\"";
     
  11. rdan

    rdan Well-Known Member

    4,791
    1,150
    113
    May 25, 2014
    Ratings:
    +1,721
    Local Time:
    3:31 AM
    Mainline
    10.2
    Maybe, but static files won't have that header.

    After 1 month :)
    upload_2019-11-15_22-30-19.png
     
    • Like Like x 3
  12. eva2000

    eva2000 Administrator Staff Member

    42,785
    9,685
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,945
    Local Time:
    5:31 AM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    excellent results there :)
     
    • Like Like x 1
  13. JJC84

    JJC84 Ad astra per aspera Premium Member

    247
    109
    43
    Jan 31, 2018
    San Antonio, Texas
    Ratings:
    +167
    Local Time:
    1:31 PM
    1.15.x
    10.x.x
    I have to say this is an exemplary config! Thank you for sharing this @rdan it has helped me in squeezing a bit more performance.

    Because... performance matters right!
     
    • Like Like x 1