Skip to content

Commit 4f01f16

Browse files
committed
ssl: update cloudflare references
1 parent 9963d54 commit 4f01f16

2 files changed

Lines changed: 7 additions & 25 deletions

File tree

docs/best-practices/cdn/how-to-use-cloudflare-with-hypernode.md

Lines changed: 4 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -8,8 +8,6 @@ redirect_from:
88
- /en/best-practices/cdn/how-to-use-cloudflare-with-hypernode/
99
---
1010

11-
<!-- source: https://support.hypernode.com/en/best-practices/cdn/how-to-use-cloudflare-with-hypernode/ -->
12-
1311
# How to Use Cloudflare with Hypernode
1412

1513
To get started with Cloudflare on your Hypernode create an account at Cloudflare and change the nameservers of your domain to the Cloudflare nameservers.
@@ -30,7 +28,7 @@ Cloudflare blocks threats, limits abusive bots and crawlers from wasting your ba
3028

3129
To setup Cloudflare for your shop, use the following steps:
3230

33-
1. Create an [account at Cloudflare](https://support.cloudflare.com/hc/en-us/articles/201720164-How-do-I-sign-up-for-CloudFlare-)
31+
1. Create an [account at Cloudflare](https://developers.cloudflare.com/fundamentals/account/create-account/)
3432
1. Login to your [Cloudflare admin panel](https://www.cloudflare.com/a/login)
3533
1. Turn on caching and other performance optimization.
3634
1. Copy all DNS Records from your current domain provider to the Cloudflare DNS admin
@@ -42,25 +40,19 @@ To setup Cloudflare for your shop, use the following steps:
4240
Mirage mobile image optimization
4341
1. Test, test some more and after that, test it all again.
4442

45-
## Configuration of Cloudflare for Magento
46-
47-
Cloudflare provides [a very large knowledge base](https://support.cloudflare.com/hc/en-us) for dealing with a wide variety of issues and optimizations.
48-
49-
For using Cloudflare with Magento, please check [the article on their knowledge base](https://support.cloudflare.com/hc/en-us/articles/203904600-Using-CloudFlare-with-Magento) and their [Page Rules and Magento optimization article](https://www.cloudflare.com/features-page-rules/optimize-magento/).
50-
5143
## Using SSL With Cloudflare
5244

5345
Cloudflare offers SSL offloading. You can upload your SSL certificates to Cloudflare to make use of SSL. If you choose to do this, always manually order your SSL certificates so you can use the same certificate on both the Cloudflare servers and the Hypernode.
5446

5547
If you use manual SSL certificates, make sure you monitor when your certificate is about to expire.
5648

57-
You can also use a [Cloudflare Origin CA certificate](../../hypernode-platform/ssl/how-to-use-a-custom-ssl-certificate-on-hypernode.md#use-a-cloudflare-origin-ca-certificate) to encrypt traffic between Cloudflare and your Hypernode.
49+
You can also use a [Cloudflare Origin CA certificate](../../hypernode-platform/ssl/how-to-use-a-custom-ssl-certificate-on-hypernode.md#use-a-cloudflare-origin-ca-certificate) to encrypt traffic between Cloudflare and your Hypernode using a certificate signed by Cloudflare. This way you can use Cloudflare SSL/TLS mode **Full (Strict)** without having to worry about your certificate expiring.
5850

59-
## Redirection From HTTP to HTTP
51+
## Redirection From HTTP to HTTPS
6052

6153
Redirecting from HTTP to HTTPS can cause a *Too many redirects* error. This error comes from a cached redirect that is served on both HTTP and HTTPS connection, causing the site to redirect from HTTP to HTTPS.
6254

63-
To redirect all requests to HTTPS when using Cloudflare SSL, you should instead use [a page rule with the Always Use HTTPS action.](https://support.cloudflare.com/hc/en-us/articles/203295200-End-to-end-HTTPS-with-Cloudflare-Part-2-SSL-certificates)
55+
To redirect all requests to HTTPS when using Cloudflare SSL, you should instead use [the Always Use HTTPS](https://developers.cloudflare.com/ssl/edge-certificates/additional-options/always-use-https/#encrypt-all-visitor-traffic) setting.
6456

6557
## Blocking IP’s When Using Cloudflare
6658

@@ -72,16 +64,6 @@ For example have a look at [our documentation about blocking or whitelisting IP
7264

7365
Another option is to configure a blocklist in the [Cloudflare Admin](https://www.cloudflare.com/a/login).
7466

75-
## Don’t Use Railgun on Hypernodes
76-
77-
Cloudflare provides a service called [Railgun.](https://blog.cloudflare.com/cacheing-the-uncacheable-cloudflares-railgun-73454/) The key to this service is a local proxy daemon that sends all requests from Cloudflare through a tunnel to the proxy instance that does the actual web requests.
78-
79-
Our tests with Railgun on Hypernodes showed a performance gain of just a few milliseconds, making it not a very significant performance optimization when working with Magento.
80-
81-
As we do not support Railgun (yet), we’ve seen some implementations running the Railgun daemon on a separate server. Doing so is not recommended as it will make all HTTP requests from Cloudflare arrive from the same remote IP.
82-
83-
When someone is trying to brute force your server or in case of an attack, our protection mechanisms will block the attacker. When you use Railgun, our mechanisms will not block the remote IP but block the IP of the Railgun daemon instead, blocking all traffic coming from Cloudflare and therefore block all visitors to your shop.
84-
8567
## 520 Errors From Cloudflare
8668

8769
It can happen that Cloudflare returns a 520 error stating "Web server is returning an unknown error".

docs/hypernode-platform/ssl/how-to-use-a-custom-ssl-certificate-on-hypernode.md

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -59,7 +59,7 @@ If you want to check which custom SSL certificates are linked to a specific Hype
5959

6060
## Use a Cloudflare Origin CA Certificate
6161

62-
Cloudflare Origin CA certificates encrypt traffic between Cloudflare and your Hypernode. They are useful when your domain uses Cloudflare proxying and you want to use Cloudflare SSL/TLS mode **Full (strict)**. For more information, see the [official Cloudflare Origin CA documentation](https://developers.cloudflare.com/ssl/origin-configuration/origin-ca/).
62+
Cloudflare Origin CA certificates encrypt traffic between Cloudflare and your Hypernode. They are useful when your domain uses Cloudflare proxying and you want to use Cloudflare SSL/TLS mode **Full (Strict)**. For more information, see the [official Cloudflare Origin CA documentation](https://developers.cloudflare.com/ssl/origin-configuration/origin-ca/).
6363

6464
```{warning}
6565
Cloudflare Origin CA certificates are only trusted by Cloudflare. Site visitors can get certificate warnings if they connect directly to your Hypernode, if you pause Cloudflare, or if you turn off proxying for a hostname that uses this certificate.
@@ -101,13 +101,13 @@ After applying the SSL certificate, link it to the correct Hypernode. If the cer
101101
After the certificate is installed and linked in Hypernode, update the SSL/TLS encryption mode in Cloudflare:
102102

103103
```{note}
104-
Only set **Full (strict)** globally if all Cloudflare-proxied origin hosts in the zone use a valid Origin CA or publicly trusted certificate. If only this Hypernode uses the Origin CA certificate, configure **Full (strict)** for the relevant hostname in Cloudflare.
104+
Only set **Full (Strict)** globally if all Cloudflare-proxied origin hosts in the zone use a valid Origin CA or publicly trusted certificate. If only this Hypernode uses the Origin CA certificate, configure **Full (Strict)** for the relevant hostname in Cloudflare.
105105
```
106106

107107
1. Log into the [Cloudflare dashboard](https://dash.cloudflare.com/).
108108
1. Select your account and domain.
109109
1. Go to **SSL/TLS** > **Overview**.
110-
1. Set **SSL/TLS encryption mode** to **Full (strict)**.
110+
1. Set **SSL/TLS encryption mode** to **Full (Strict)**.
111111

112112
Test the website through the Cloudflare-proxied hostname after changing this setting.
113113

0 commit comments

Comments
 (0)