They are working on build image v2 which will support node 18. Until then, if you need node 18, then
They are working on build image v2 which will support node 18. Until then, if you need node 18, then you need to use direct upload
BThank you.
JAutomatic setup should work fine for any subdomain that's proxied
JI've not tested, but maybe it doesn't detect the wildcard proxy
EFwiw you can change ssl settings for a single subdomain using page rules or configuration rules
But that aside I would always recommend using whatever ensures encryption all the way through, which would be Full strict and a certificate on the origin. Setting to Full would mean the connection between CF and origin isnt secure, and unproxying means you lose all the benefits of the CF proxy (Performance, security, etc.) The actual choice is up to you
But that aside I would always recommend using whatever ensures encryption all the way through, which would be Full strict and a certificate on the origin. Setting to Full would mean the connection between CF and origin isnt secure, and unproxying means you lose all the benefits of the CF proxy (Performance, security, etc.) The actual choice is up to you
Uthat would have to be an iframe
Uno other way that would happen
UThey could but they dont
UThat returned error means they couldnt reach your origin which means none of your websites code would be there it would entirely be a page returned by cloudflare
Amy server is currently being ddos attacked and its struggling a lot
Ahow do i blacklist all hosting providers ips from accessing my site?
UI would just make a firewall rule blocking the asns
Athats probably a good idea
Aits mostly coming from digital ocean and ovh
Acurrently the site "works" but a lot of requests are failing
Alooks like cloudflare is blocking a lot but a ton is still getting past
CUnmetered Rate Limiting is free now, throwing it on might not be a bad idea (although if it is truly distributed it might not do too much).
I would make sure they aren't bypassing Cloudflare either (you properly have only allowed CF IPs to connect)
I would make sure they aren't bypassing Cloudflare either (you properly have only allowed CF IPs to connect)
Ayea they are hitting my webservers only accessible by the domain
Aand i have the ip logs comming from the cf-connecting-ip header
Aunless they are manually adding the host and the connecting ip header then they are going over cf
E(its not the same as Advanced Rate Limiting, thats still the name for the ent addon that has far more options, the new one for paygo is generally called Unmetered Rate Limiting)
Aand it shows 310 million logs of blocked traffic so far
Aso i think its over cf
Ashould i just copy all those over
Eyou can set it to Challenge if you are hesitant and want to allow the real humans who are using those ASNs for whatever reason
Cah opps, yea it is very limited compared to full ent adv. rate limiting lol
Aeh the program i use would fial anyway
E
Asharex
Ebut presumably youre not using one of those ASNs...?
Ealso if you block or challenge google cloud its going to break discord embeds
Aim using hetzner but i have a rule above this one to bypass those ips
E
EMake sure to keep in mind the caveats if Google Cloud is on that list
Aumm
Ai applied
Aand under a second later
A.
Ei would file that under "working as intended"
Ayea
Astill blasting my webserver tho
Aill boot some of the backend servers
EYeah users using datacenter ASNs is quite uncommon, youd see some % on a very high traffic site but I dont imagine it being much more than 0.5-1%
Eassuming its not an api anyway, apis are a whole other story
EYep, rate limits is how I handle api traffic too
Eone of my sites is designed to be consumed by rss readers
EI put like 30 req/min on it
E
