Cloudflare on Easy Engine

v3
#1

Hi there,

We have a site where we have implemented Cloudflare by pointing our domain’s DNS at Cloudflare

Disabling Cloudflare Flexible SSL from the Cloudflare Control Panel results in a 403 Forbidden when trying to access the WP Dashboard. Site loads normally…

Enabling Flexible SSL together with installing the Flexible SSL plugin (https://wordpress.org/plugins/cloudflare-flexible-ssl/) and forcing Cloudflare via page rule to always load the site via SSL breaks the front end of the site and loads the WP Dashboard as normal over SSL.

Can anyone maybe assist?

Kind regards Francois Wessels

#2

I’m sure someone will chime in here to help you, but meanwhile since you’re using Cloudflare there’s interesting article regarding its firewall issues: https://www.wordfence.com/blog/2016/10/revslider-mailpoet-gravityforms-exploits-bypass-cloudflare-waf/?utm_source=list&utm_campaign=101916&utm_medium=email

#3

I have been using cloudflare with Easy Engine for the last year with https with no issues.

My approach:

  1. Setup ngnix and wordpress to be https. You can use self signed certs, purchased certs or the lets encrypt. I do not use any cloudflare plugins. plain nginx and wp ssl setup.
  2. Once this is setup and running, at cloudflare, setup SSL as FULL.
  3. be sure to setup an alternate DNS setting like direct.domain-name.tld to access your site without going through the cache. It is necessary to access the control objects located in 22222.

If you need more assistance, chime in on where you are having troubles.

#4

Hi @lotusjeff

Thank you very much for your response. We have now managed to resolve our issue but something else in your comment interests me – do I understand correct that you are using SSL (Let’s Encrypt or other) in conjunction with Cloudflare?

I was under the impression that this is not possible. If this is correct, could you possibly elaborate more?

Kind regards @francois_wessels

#5

Yes. I have this set on multiple domains, both with standalone WP and Multisite. The domain is setup with SSL in nginx. Cloud flare is setup with full ssl. So…

User<=>ssl<=>cloudflare<=>ssl<=>domain.tld

Thousand of WP sites run this way.

#6

@lotusjeff thanks for the reply :slight_smile: Just to make sure I understand correct:

  1. DNS for domain is managed by Cloudflare?
  2. SSL for domain is setup per normal through, as an example, Let’sEncrypt? This is done before pointing your DNS at Cloudflare?
  3. What is the alternate DNS setting that you refer to? (direct.domain.tld)

Thanks for all your help on this.

Regards Francois

#7

  1. Yes, DNS is managed by Cloudflare. Cloudflare is a very good DNS provider. I have used Cloudflare exclusively for the last 3 years. I have accounts that Cloudflare only provides DNS services.

  2. No. I use Cloudflare for DNS. I do not turn on any of the features. You can also keep the site in dns mode until you are ready. (go to dns screen and turn the orange cloud off.) Setup your domain as a standalone SSL website. I always make sure the website is working correctly with SSL before turning on any of CloudFlare’s capabilities.

  3. I always setup a dns setting for direct.domain.tld that is a straight pass thru and does not use any of cloudflares features. This allows direct access to the website if there are issues. I also found it work better for access to the easy engine tools under the 22222 port.

#8

Port 22222 is not supported on Cloudflare.

You need to reconfigure your access to your utilities and pick a port from this list, which Cloudflare supports – “80, 443, 2052, 2053, 2082, 2083, 2086, 2087, 2095, 2096, 8080, 8880, 8443”.

But even when you have done that, the utilities will still be in the 22222 directory.

#9