Coded something up in Couch in an interesting way? Have a snippet or shortcode to share? Post it here for the community to benefit.
10 posts Page 1 of 1
The following is a code snippet that you can paste to your config.php file to resolve a few issues that occur when using CloudFlare with Couch:
Code: Select all
if (isset($_SERVER['HTTP_CF_CONNECTING_IP'])) {
    $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_CF_CONNECTING_IP'];

    unset($_SERVER['HTTP_CF_CONNECTING_IP']);
}
if (isset($_SERVER['HTTP_X_FORWARDED_PROTO'])) {
    if (strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']) == 'https')
        $_SERVER['HTTPS'] = 'on';

    unset($_SERVER['HTTP_X_FORWARDED_PROTO']);
}
if (isset($_SERVER['HTTP_CF_IPCOUNTRY']))
    unset($_SERVER['HTTP_CF_IPCOUNTRY']);
if (isset($_SERVER['HTTP_CF_RAY']))
    unset($_SERVER['HTTP_CF_RAY']);
if (isset($_SERVER['HTTP_CF_VISITOR']))
    unset($_SERVER['HTTP_CF_VISITOR']);
if (isset($_SERVER['HTTP_X_FORWARDED_FOR']))
    unset($_SERVER['HTTP_X_FORWARDED_FOR']);
Thanks @cheesypoof.

Just to explain the problem to users a bit - CloudFlare sits as a proxy between visitors and Couch (for load-balancing purposes) and in the process amends some of the original headers send by the browsers. This can throw off Couch (particular for SSL connections).

Cheesypoof's code above strips off the extraneous headers to normalize things.
cool
Hi,

Looks intresting indeed,

is there a chart of how much faster Couch is with lets say the CloudFlare free subscription?
( we want numbers ! :P )

And since we're sharing usefull information here is another one for all of you. If CloudFlare alone isnt enough :).

http://gtmetrix.com/

Ty
There is one more issue that I encountered.

CloudFlare caches requests based on file extension (e.g. yourwebsite.com/images/logo.png). Unfortunately, this means that securefile image requests (e.g. yourwebsite.com/couch/download.php?auth=blahblahblah) are not cached; this is not optimal.

There is a workaround however... With that said, it should not be used when you have set any of the following parameters for the cloak_url tag: expiry, access_level, prompt_login, or redirect. I wouldn't recommend using this for anything other than securefile images unless you fully understand what you are doing. We must first append '&cache=1' (or whatever querystring you prefer) to the end of the securefile image you wish to be cached by CF:

Code: Select all
<cms:show_securefile 'my_securefile_image'>
    <cms:if file_is_image>
        <img src="<cms:cloak_url link=file_id/>&cache=1"/>
    </cms:if>
</cms:show_securefile>

We then create a page rule in CF using the URL pattern: http://yourwebsite.com/couch/download.php?auth=*cache=1

We also set 'Custom caching' to 'Cache everything' and 'Edge cache expire TTL' to an explicit value (e.g. 8 hours).

See the screenshot below for an example. Make sure this page rule is at the top of the priority list or else it may not be applied.

Attachments

By the way, anybody implementing members functionality should really be using TLS (forcing https://...) in this day and age. You owe it to those registering with your websites to protect their information in transit.

CloudFlare offers this for free now - https://blog.cloudflare.com/introducing-universal-ssl/. You will even get better search ranking as a result - http://googlewebmastercentral.blogspot.com/2014/08/https-as-ranking-signal.html. This is a win in every respect.
Thanks for the Snippet, however when reading this a question comes to my mind, what are actually the problems that occur?

The REMOTE_ADDR and HTTPS I might understand, but why is there the need to remove the other headers?

If Couch isn't using them, there shouldn't be any issues, right?

I'm a little lost as in why they would be a problem :D
If I recall correctly, there is an issue with masquerading causing a CloudFlare error when these headers are set. The relevant code is at https://github.com/CouchCMS/CouchCMS/blob/master/couch/functions.php#L2941-2958.
Maybe this is a stupid question, but I'll ask it anyway.

I've set up a free cloudflare account, and changed the nameservers as instructed. I also added the snippet to the config file. I pasted it right at the bottom, is that ok? Because now I get this error: •The Domain Name Server (DNS) is not reachable.

Or is it a temporary problem due to the nameserver change?
Nevermind, appereantly it takes about 72h to move to cloudflare. Everything works just fine now :)
10 posts Page 1 of 1

Who is online

In total there are 3 users online :: 0 registered, 0 hidden and 3 guests
(based on users active over the past 5 minutes)

Users browsing this forum: No registered users and 3 guests