EzDevInfo.com

cloudflare interview questions

Top cloudflare frequently asked interview questions

Can I use CloudFlare as a video provider? [closed]

I'm creating a website where people can upload and watch videos. I'm expecting 1000 simultaneous viewers at all times (on average). The problem is that all the CDNs I've looked at charges about $0.06/GB. This means that 0,17 MB/s (720p) x 1000 users x 60 seconds x 60 minutes / 1024 = $36 an hour to host!

Am I missing something?

Over at CloudFlare you don't pay for the bandwith. Does this mean that I can get it really cheap at CloudFlare. Isn't that too good to be true?


Source: (StackOverflow)

How do I get my rails assets to be served by cloudflare instead of my server?

I'm running a rails app on heroku and recently switched to cloudflare for CDN for asset serving. My understanding was that once I use cloudflare, my assets (ie js,css,images) would be served from cloudflare and not from my own server but in my heroku logs I still see the requests for assets. Do I need to configure something in my rails app like setting the asset_host or something? Thanks.


Source: (StackOverflow)

Advertisements

CloudFlare and logging visitor IP addresses via in PHP

I'm trying to track and log users/visitors that are accessing my website using PHP's $_SERVER['REMOTE_ADDR'] to do so. A typical method for IP address tracking in PHP.

However, I am using CloudFlare for caching and such and receiving their IP addresses as CloudFlare's:

108.162.212.* - 108.162.239.*

What would be a correct method of retrieving the actual users/visitors IP address while still using CloudFlare?


Source: (StackOverflow)

How to test CloudFlare without changing your domain's name server

How can you test CloudFlare without changing your domain's name server?

I would not want to change my domain's name server and wait hours for propagation only to find out there is a issue with the DNS settings.

Can you spoof a nameserver or something on a local hosts file?


Source: (StackOverflow)

How to make nginx redirect based on the value of a header?

I'm hosting a website behind a Cloudflare proxy, which means that all requests to my server are over port 80, even though Cloudflare handles HTTP (port 80) and HTTPS (port 443) traffic.

To distinguish between the two, Cloudflare includes an X-Forwarded-Proto header which is set to "http" or "https" based on the user's connection.

I would like to redirect every request with an X-Forwarded-Proto: http header to the SSL version of my site. How can I achieve this with an nginx configuration?


Source: (StackOverflow)

How do I prevent Rails 3.1 from caching static assets to Rails.cache?

I'm using CloudFlare CDN on my Rails 3.1 application. Cloudflare is a CDN that works at the DNS level. On the first hit to a static asset, CloudFlare loads it from your app then caches it in their CDN. Future requests for that asset load from the CDN instead of your app.

The problem I'm having is that if you set controller caching to true:

config.action_controller.perform_caching = true

it enables the Rack::Cache middleware. Since Rails sets a default cache control setting for static assets, those assets get written to the Rails.cache store. As a result my cache store (in my case redis) is being filled up with static assets with the url as the hash key.

Unfortunately, I can't turn off the static asset cache control headers without affecting how Cloudflare and my users' browsers cache the assets. I can't turn off controller caching or I lose page/action/fragment caching. Same result if I delete the Rack::Cache middleware.

Does anyone have any other ideas?

Update: I've opened a ticket on GitHub here.


Source: (StackOverflow)

PHP https check with flexible ssl (cloudflare), how to do?

Background: Website (example.com), dns setup through cloudflare pro plan, this offers "flexible ssl" (read here), which means that ssl only exists between client and cloudflare and not between cloudflare and server, thus not needing dedicated ip and not needing special setups on the server. The server is setup to not use ssl (just a generic website), however cloudflare's flexible ssl is is taking care of the ssl aspect.

Language: PHP (codeignighter, but that doesnt really matter)

Goal: when browsing to domain "exmple.com/" or "http:// exmple.com/", to generate a variable "http:// example.com", and when browsing to "https:// example.com/*" to generate a variable "https:// example.com".

What should work (but doesnt):

$root = '';
if( isset($_SERVER['HTTPS'] )  && $_SERVER['HTTPS'] != 'off' )
{
    //it doesnt reach here...
    $root .= 'https://';
}
else
{
    $root .= 'http://';
}
$root  .= "".$_SERVER['HTTP_HOST'];
$root .= str_replace(basename($_SERVER['SCRIPT_NAME']),"",$_SERVER['SCRIPT_NAME']);

I can always make it do: "//example.com", but that doesnt really solve the problem for me. Thoughts? Should i be doing some string comparison to determine the https-ness?

Im sure the reason for this is when a request reaches the server (https or http), it comes through port 80 and it doesnt get recognized as ssl, so $_SERVER['HTTPS'] is not defined. I could setup a custom ssl between the server and cloudflare, but would be nicer (less effort) if i could just use some regexp and compare the url somehow.

I would also like to know possible issues and vulnerabilities.

Thanks :)


Source: (StackOverflow)

Bypassing Cloudflare Scrapeshield

I'm working on a webscraping project, and I am running into problems with cloudflare scrapeshield. Does anyone know how to get around it? I'm using selenium webdriver, which is getting redirected to some lightspeed page by scrapeshield. Built with python on top of firefox. Browsing normally does not cause it to redirect. Is there something that webdriver does differently from a regular browser?


Source: (StackOverflow)

Can CloudFlare perform automatic failover to a different backend?

I am looking for an easy way to fail over to a different DC quickly, does CloudFlare offer anything special in this regards with things like health checks or is it just like a standard DNS service?


Source: (StackOverflow)

Do services like Cloudflare and Incapsula actually improve the performance of websites hosted on Windows Azure?

I'm running an image-heavy website hosted on Windows Azure. Back-end performance is great but response times for image thumbnails, which make the bulk of page sizes, are quite volatile. I'm using the Azure CDN for serving all images but their response times vary by orders of magnitude and I haven't found any pattern in the fast (~150 milliseconds) vs slow (3-4 seconds) requests yet. This also doesn't seem to be a local phenomenon since I've tested the load times from different locations/continents. My conclusion so far is that the Azure CDN is simply not that good after all and I started looking for other ways to improve the load times of static assets.

Now that the context is clear, here is my actual question: does anyone have experience with services like Cloudflare and Incapsula for improving the performance of websites hosted on cloud infrastructure like Windows Azure? These services promise reduced server load among other things, but I'm more interested if they are actually effective in reducing response times for static files, as well as any negative impact on dynamic page content. I'd greatly appreciate any answers based on practical experience and/or advice for alternative solutions.

UPDATE: Here are the response headers for one of the images on the CDN:

HTTP/1.1 200 OK
Cache-Control: public, max-age:31536000
Content-Length: 4245
Content-Type: image/jpeg
Last-Modified: Sat, 21 Jan 2012 12:14:33 GMT
ETag: 0x8CEA64D5EC55FB6
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d7a1ef38-6c99-4b38-a9f5-987419df5d24
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 05 Feb 2012 12:56:12 GMT
Connection: keep-alive

Source: (StackOverflow)

DNS MadeEasy or Cloudflare

I'm currently using DNS Made Easy (dnsmadeeasy.com) as my DNS manager and trying to use Cloudflare as a CDN.

The problem is that if I start using Cloudflare, I need to stop using DNS Made Easy as Cloudflare will do the DNS management if I use their CDN services.

I understand that Cloudflare is pretty stable and obviously fast, so why do we bother using DNS Made Easy?

Is this because it's got better stability?

I'm based in Australia


Source: (StackOverflow)

Sending emails without revealing server's ip address

To reduce attacks, we put our servers behind cloudflare's cloud service.

But, our app sends emails (via sendmail and smtp) to users (password reset etc), and those email headers contain the real backend ip addresses. Is there anyway to hide these ip addresses in emails, such as

  1. setup a separate server for smtp which can strip sender ip info?
  2. any existing service available?
  3. any other thoughts?

thanks!


Source: (StackOverflow)

Cannot use Cloudflare's Rocket Loader in manual mode with wp_enqueue_script

I have several plugins on my wordpress site which relies on the wp_enqueue_script function. Recently I've had a client who's using Cloudflare who wants to implement Rocket Loader which is an automatic javascript async loader. The issue is that several scripts don't work well with it, which is why I have to disable them from getting asynchronously loaded automatically.

According to the Rocket Loader wiki I need to insert the data-cfasync="false" attribute into the tag which doesn't seem to be possible with the wp_enqueue_script function.

Are there other ways to define these attributes? If not, is there another way to prevent Rocket Loader from asynchronously loading these specific scripts?


Source: (StackOverflow)

WebSocket over SSL: Cloudflare

I have a website behind cloudflare. I need to enable websockets over SSL without turning off cloudflare support. I have a PRO plan and hence won't get the new websocket support. I am using Nginx to proxy a SSL connection to a web socket running on a node server. Now, I read somewhere that cloudflare could work with approved ports would support websockets. Hence, I'm using 8443 for the Nginx port and another port for the node server. Using wscat it returns a 200 error.

$ wscat -c wss://xyz.com:8443
error: Error: unexpected server response (200)

I know that the websocket is expecting a 101 code. However, if I visit https://xyz.com:8443, I can see the page displayed by the node server telling me proxy is working. Also, once I turn off cloudflare support, the websocket starts working. Any clues to get this working. I know I can create a subdomain but I'd prefer running the websocket behind cloudflare.


Source: (StackOverflow)

Rails + Heroku + Cloudflare - Eliminate www as a subdomain

I have a multi-tenant Rails 4 app that uses subdomains with PostgreSQL schemas to 'tenant' the application. I have the subdomain wildcards "*" set up in Heroku and Cloudflare and the site loads, but it keeps "thinking" that the www is a valid subdomain. Because of this, normally valid links (that work in development) do not work in production because www.mysite.com/accounts/new etc. is the same as asdf.mysite.com/accounts/new. Is there any way I can get my app to pretty much ignore www as a subdomain? I'd still like mysite.com to re-direct to www.mysite.com, but pretty much just set the subdomain to false when it is www?

To make things a little more concrete, in my application_controller, I have some code that does the following. Notice the comments. In development mode, the redirect_to root_url(subdomain: false) works, but in production, it just infinitely re-directs and will not load. To get it to load, I simply render the page, but doing so never sets the subdomain to false.

  def load_schema
    Apartment::Tenant.switch!('public')
    return unless request.subdomain.present?
    if current_account
      Apartment::Tenant.switch!(current_account.subdomain)
    else
      redirect_to root_url(subdomain: false) # Works locally, but infinite re-direct in production
      #render 'welcome/index' # - Renders the page in production, but nothing else works.
    end
  end

Basically, everything works as expected in development mode, but in production, there appear to be some DNS issues that need ironed out, but I can't seem to figure out what to do. Any thoughts?


Source: (StackOverflow)