You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
To get started with Cloudflare on your Hypernode create an account at Cloudflare and change the nameservers of your domain to the Cloudflare nameservers.
@@ -30,7 +28,7 @@ Cloudflare blocks threats, limits abusive bots and crawlers from wasting your ba
30
28
31
29
To setup Cloudflare for your shop, use the following steps:
32
30
33
-
1. Create an [account at Cloudflare](https://support.cloudflare.com/hc/en-us/articles/201720164-How-do-I-sign-up-for-CloudFlare-)
31
+
1. Create an [account at Cloudflare](https://developers.cloudflare.com/fundamentals/account/create-account/)
34
32
1. Login to your [Cloudflare admin panel](https://www.cloudflare.com/a/login)
35
33
1. Turn on caching and other performance optimization.
36
34
1. Copy all DNS Records from your current domain provider to the Cloudflare DNS admin
@@ -42,25 +40,19 @@ To setup Cloudflare for your shop, use the following steps:
42
40
Mirage mobile image optimization
43
41
1. Test, test some more and after that, test it all again.
44
42
45
-
## Configuration of Cloudflare for Magento
46
-
47
-
Cloudflare provides [a very large knowledge base](https://support.cloudflare.com/hc/en-us) for dealing with a wide variety of issues and optimizations.
48
-
49
-
For using Cloudflare with Magento, please check [the article on their knowledge base](https://support.cloudflare.com/hc/en-us/articles/203904600-Using-CloudFlare-with-Magento) and their [Page Rules and Magento optimization article](https://www.cloudflare.com/features-page-rules/optimize-magento/).
50
-
51
43
## Using SSL With Cloudflare
52
44
53
45
Cloudflare offers SSL offloading. You can upload your SSL certificates to Cloudflare to make use of SSL. If you choose to do this, always manually order your SSL certificates so you can use the same certificate on both the Cloudflare servers and the Hypernode.
54
46
55
47
If you use manual SSL certificates, make sure you monitor when your certificate is about to expire.
56
48
57
-
You can also use a [Cloudflare Origin CA certificate](../../hypernode-platform/ssl/how-to-use-a-custom-ssl-certificate-on-hypernode.md#use-a-cloudflare-origin-ca-certificate) to encrypt traffic between Cloudflare and your Hypernode.
49
+
You can also use a [Cloudflare Origin CA certificate](../../hypernode-platform/ssl/how-to-use-a-custom-ssl-certificate-on-hypernode.md#use-a-cloudflare-origin-ca-certificate) to encrypt traffic between Cloudflare and your Hypernode using a certificate signed by Cloudflare. This way you can use Cloudflare SSL/TLS mode **Full (Strict)** without having to worry about your certificate expiring.
58
50
59
-
## Redirection From HTTP to HTTP
51
+
## Redirection From HTTP to HTTPS
60
52
61
53
Redirecting from HTTP to HTTPS can cause a *Too many redirects* error. This error comes from a cached redirect that is served on both HTTP and HTTPS connection, causing the site to redirect from HTTP to HTTPS.
62
54
63
-
To redirect all requests to HTTPS when using Cloudflare SSL, you should instead use [a page rule with the Always Use HTTPS action.](https://support.cloudflare.com/hc/en-us/articles/203295200-End-to-end-HTTPS-with-Cloudflare-Part-2-SSL-certificates)
55
+
To redirect all requests to HTTPS when using Cloudflare SSL, you should instead use [the Always Use HTTPS](https://developers.cloudflare.com/ssl/edge-certificates/additional-options/always-use-https/#encrypt-all-visitor-traffic) setting.
64
56
65
57
## Blocking IP’s When Using Cloudflare
66
58
@@ -72,16 +64,6 @@ For example have a look at [our documentation about blocking or whitelisting IP
72
64
73
65
Another option is to configure a blocklist in the [Cloudflare Admin](https://www.cloudflare.com/a/login).
74
66
75
-
## Don’t Use Railgun on Hypernodes
76
-
77
-
Cloudflare provides a service called [Railgun.](https://blog.cloudflare.com/cacheing-the-uncacheable-cloudflares-railgun-73454/) The key to this service is a local proxy daemon that sends all requests from Cloudflare through a tunnel to the proxy instance that does the actual web requests.
78
-
79
-
Our tests with Railgun on Hypernodes showed a performance gain of just a few milliseconds, making it not a very significant performance optimization when working with Magento.
80
-
81
-
As we do not support Railgun (yet), we’ve seen some implementations running the Railgun daemon on a separate server. Doing so is not recommended as it will make all HTTP requests from Cloudflare arrive from the same remote IP.
82
-
83
-
When someone is trying to brute force your server or in case of an attack, our protection mechanisms will block the attacker. When you use Railgun, our mechanisms will not block the remote IP but block the IP of the Railgun daemon instead, blocking all traffic coming from Cloudflare and therefore block all visitors to your shop.
84
-
85
67
## 520 Errors From Cloudflare
86
68
87
69
It can happen that Cloudflare returns a 520 error stating "Web server is returning an unknown error".
Copy file name to clipboardExpand all lines: docs/hypernode-platform/ssl/how-to-use-a-custom-ssl-certificate-on-hypernode.md
+3-3Lines changed: 3 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -59,7 +59,7 @@ If you want to check which custom SSL certificates are linked to a specific Hype
59
59
60
60
## Use a Cloudflare Origin CA Certificate
61
61
62
-
Cloudflare Origin CA certificates encrypt traffic between Cloudflare and your Hypernode. They are useful when your domain uses Cloudflare proxying and you want to use Cloudflare SSL/TLS mode **Full (strict)**. For more information, see the [official Cloudflare Origin CA documentation](https://developers.cloudflare.com/ssl/origin-configuration/origin-ca/).
62
+
Cloudflare Origin CA certificates encrypt traffic between Cloudflare and your Hypernode. They are useful when your domain uses Cloudflare proxying and you want to use Cloudflare SSL/TLS mode **Full (Strict)**. For more information, see the [official Cloudflare Origin CA documentation](https://developers.cloudflare.com/ssl/origin-configuration/origin-ca/).
63
63
64
64
```{warning}
65
65
Cloudflare Origin CA certificates are only trusted by Cloudflare. Site visitors can get certificate warnings if they connect directly to your Hypernode, if you pause Cloudflare, or if you turn off proxying for a hostname that uses this certificate.
@@ -101,13 +101,13 @@ After applying the SSL certificate, link it to the correct Hypernode. If the cer
101
101
After the certificate is installed and linked in Hypernode, update the SSL/TLS encryption mode in Cloudflare:
102
102
103
103
```{note}
104
-
Only set **Full (strict)** globally if all Cloudflare-proxied origin hosts in the zone use a valid Origin CA or publicly trusted certificate. If only this Hypernode uses the Origin CA certificate, configure **Full (strict)** for the relevant hostname in Cloudflare.
104
+
Only set **Full (Strict)** globally if all Cloudflare-proxied origin hosts in the zone use a valid Origin CA or publicly trusted certificate. If only this Hypernode uses the Origin CA certificate, configure **Full (Strict)** for the relevant hostname in Cloudflare.
105
105
```
106
106
107
107
1. Log into the [Cloudflare dashboard](https://dash.cloudflare.com/).
108
108
1. Select your account and domain.
109
109
1. Go to **SSL/TLS** > **Overview**.
110
-
1. Set **SSL/TLS encryption mode** to **Full (strict)**.
110
+
1. Set **SSL/TLS encryption mode** to **Full (Strict)**.
111
111
112
112
Test the website through the Cloudflare-proxied hostname after changing this setting.
0 commit comments