Get the most out of your Centmin Mod LEMP stack
Become a Member

Xenforo XenForo 2.1 CDN using Cloudflare free plan :D

Discussion in 'Forum software usage' started by rdan, Oct 7, 2019.

  1. rdan

    rdan Well-Known Member

    4,671
    1,121
    113
    May 25, 2014
    Ratings:
    +1,663
    Local Time:
    11:35 PM
    Mainline
    10.2
    Free and not using Cloudflare on main Domain.
    Just to save bandwidth and accelerate static files.

    Code:
    server {
        listen 443 ssl http2;
        server_name cdn.xf.com;
        include /usr/local/nginx/conf/ssl/xf.com_ssl.conf;
    
        access_log off;
        log_not_found off;
        error_log /home/nginx/domains/xf.com/cdn_error.log error;
        root /home/nginx/domains/xf.com/public;
    
        location /               { deny all; }
        location ~ \.(default|html|php|txt|xml)$ { deny all; }
       
        location /data/          { }
        location /js/            { }
        location /styles/        { }
        location ~ ^/(proxy.php) { include /usr/local/nginx/conf/php.conf; }
    
        include /usr/local/nginx/conf/staticfiles.conf;  
    }

     
  2. pdinh97qng

    pdinh97qng Member

    71
    8
    8
    Jan 24, 2016
    Ratings:
    +19
    Local Time:
    8:35 AM
    If I'm not wrong, CloudFlare doesn't allow customer to serve only static files. I saw an email for this situation before:p Better to not violate the rules :yawn:
     
    • Informative Informative x 1
  3. eva2000

    eva2000 Administrator Staff Member

    41,726
    9,396
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,432
    Local Time:
    1:35 AM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    I believe @rdan is setting up non-cloudflare protected domain.com hostname that serves static files directly from a separate cloudflare protected cdn.domain.com hostname on Centmin Mod Nginx origin web server. Basically disabling cloudflare orange cloud on domain.com DNS record and enabling cloudflare orange cloud on cdn.domain.com DNS record.

    Yeah they do have such a rule though it's open for interpretation and with their release of Cloudflare Workers, it is all about serving static files :) Cloudflare will contact you if you overstep their usage policy. So you can ask them if unsure.
     
    • Informative Informative x 1
  4. rdan

    rdan Well-Known Member

    4,671
    1,121
    113
    May 25, 2014
    Ratings:
    +1,663
    Local Time:
    11:35 PM
    Mainline
    10.2
    My fully working and updated config.

    Code:
    server {
        listen 80;
        server_name cdn.domain.com;
        return 301 https://cdn.domain.com$request_uri;
    }
    
    server {
        listen 443 ssl http2;
        server_name cdn.domain.com;
        include /usr/local/nginx/conf/ssl/domain.com/domain.com_ssl.conf;
    
        access_log off;
        log_not_found off;
        error_log /home/nginx/domains/domain.com/cdn_error.log error;
        root /home/nginx/domains/domain.com/public;
    
        location /                                { deny all; }
        location ~* \.(default|html|php|txt|xml)$ { deny all; }
    
        location ~* \.(gif|jpg|jpe|jpeg|png|ico)$ {
        gzip_static off;
        add_header Link "<https://domain.com$request_uri>; rel=\"canonical\"";
        add_header Access-Control-Allow-Origin *;
        add_header Cache-Control "public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800";
        expires 30d;
        break;
        }
    
        location ~* \.(3gp|wmv|avi|asf|asx|mpg|mpeg|mp4|pls|mp3|mid|wav|swf|flv|exe|zip|tar|rar|gz|tgz|bz2|uha|7z|doc|docx|xls|xlsx|pdf|iso|br)$ {
        gzip_static off;
        sendfile off;
        sendfile_max_chunk 1m;
        add_header Link "<https://domain.com$request_uri>; rel=\"canonical\"";
        add_header Access-Control-Allow-Origin *;
        add_header Cache-Control "public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800";
        expires 30d;
        break;
        }
    
        location ~* \.(js|json)$ {
        add_header Link "<https://domain.com$request_uri>; rel=\"canonical\"";
        add_header Access-Control-Allow-Origin *;
        add_header Cache-Control "public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800";
        expires 30d;
        break;
        }
    
        location ~* \.(css)$ {
        add_header Link "<https://domain.com$request_uri>; rel=\"canonical\"";
        add_header Access-Control-Allow-Origin *;
        add_header Cache-Control "public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800";
        expires 30d;
        break;
        }
    
        location ~* \.(eot|svg|ttf|woff|woff2|less|otf|scss)$ {
        add_header Link "<https://domain.com$request_uri>; rel=\"canonical\"";
        add_header Access-Control-Allow-Origin *;
        add_header Cache-Control "public, must-revalidate, proxy-revalidate";
        expires 365d;
        break;
        }
    
    
    }
    
     
    • Like Like x 1
    • Informative Informative x 1
  5. pdinh97qng

    pdinh97qng Member

    71
    8
    8
    Jan 24, 2016
    Ratings:
    +19
    Local Time:
    8:35 AM
    @rdan can you share your page rules :nailbiting:
     
  6. rdan

    rdan Well-Known Member

    4,671
    1,121
    113
    May 25, 2014
    Ratings:
    +1,663
    Local Time:
    11:35 PM
    Mainline
    10.2
    Why :nailbiting:? :D

    Just basic Cache Everything option.
    upload_2019-10-10_3-20-41.png
     
    • Informative Informative x 1
  7. eva2000

    eva2000 Administrator Staff Member

    41,726
    9,396
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,432
    Local Time:
    1:35 AM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    looks good with canonical headers properly in place too :)
     
    • Like Like x 1
  8. negative

    negative Active Member

    346
    39
    28
    Apr 11, 2015
    Ratings:
    +81
    Local Time:
    6:35 PM
    1.9.10
    10.1.11
    Do you advice that add the canonical header even without using the cloudflare as CDN in free plan ?
     
  9. eva2000

    eva2000 Administrator Staff Member

    41,726
    9,396
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,432
    Local Time:
    1:35 AM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    yeah doesn't hurt
     
  10. negative

    negative Active Member

    346
    39
    28
    Apr 11, 2015
    Ratings:
    +81
    Local Time:
    6:35 PM
    1.9.10
    10.1.11
    is it enough put that code to location / in my host conf ?
    Code:
    add_header Link "<https://domain.com$request_uri>; rel=\"canonical\"";