Using Cloudflare with VPN on Hosteurope
I have my website hosted on a virtual server at Hosteurope with a PLESK dashboard.
My website has 10.000 users, and is used world-wide in over 100 countries. Most of the user-generated content is static, so it makes sense to use a CDN service together with some cache rules. If content would not be static and I had a high traffic, I would probably would need reach out for LoadBalancing and AWS, but luckily, I don’t need that at the moment, so I can save quite a bit of money.
I want to talk about the challenges that I had when using a CDN.
First step is to go to https://www.cloudflare.com and register for the free CDN for your domain.
Keep HostEurope Mail
My domain is registered at HostEurope on a WebServer. I am using the WebServer mainly for my mails and the email browser client (although, I think HostEurope has a really bad email client, but still better then roundmail). Providing a email client for my own clients is a nice to have. The costs of a WebServer a very low compared to a MailServer. I then usually set the A record from my website to point to a VPS. This way, I can easily replace the VPS when its outdated, without worrying about emails.
So my first concern was, if the emails are still manageable. For that it’s required that the MX records are not proxied
Change NameServer in Hosteurope:
Go to Domainservices and click on edit domains (The submenu edit Nameserver does not allow you to edit the Nameserver.. who knows why)
Now enjoy the journey of HostEuropes GUI from 1902:
Then enter the new nameserver in the form and submit.
Redirect Issue
At Hosteurope my VPN is managed with PLESK. I usually use the permanent 301-redirect from HTTP to HTTPS for SEO reasons (avoid duplicate content)
When I switched on Cloudflare, I suddenly had a permanent redirect issue. The reason was that for SSL/TLS the default setting is flexible. Meaning Cloudfalre has a SSL protection to the browser, but the connection between cloudflare and my server is not protected, meaning cloudflare tries to access my page to HTTP and gets redirected to HTTPS. To fix it, I had to switch to “Full” encryption.
Captcha
For security reasons, IP’s with bad reputation will be asked to solve a captcha. My goal was to reduce the loading time by users across the world, not to stress them with captchas.
If you are in the situation as me, that you don’t care about security or attacks yet, you can put the captcha essentialy off in the security settings:
