I installed Varnish 5.2 on my vps and i'm using cloudflare and https.
I added a rule to cache html pages for 1 hour then i tested the cache.
All pages were cached and expired after 1 hour and everything works fine.
It's known that Varnish doesn't work with https, so did i miss something?
I'm using Wordpress, the site is a very simple blog, only admins login to the site.
You haven't provided many details but you're probably talking about Cloudflare's service Flexible SSL. The traffic from client to CF is encrypted but the traffic from CF to your Varnish server goes over HTTP with an X-Forwarded-Proto header to inform the backend server that the original request was over HTTPS and to render the website as such.
Related
This is about the cache strategy for serving multiple languages on the same URL, while using Cloudflare (not enterprise).
(Obviously that's not a problem when navigating with JavaScript with Ajax requests or when using an "hreflang" link)
Our server handles it correctly, the nginx cache is able to store the different caches per language and serve them by a cookie or accept-language value. Also the client browser will be able to differentiate caches by language using “Etags” header.
But Cloudflare (not Enterprise), only holds one cache per URL, and cannot serve a cache depending on a cookie value.
My fix for this, is using Cache-Control=“no-cache”, so Cloudflare will always validate if the cache is still valid, if the requested language is the same as the Cloudflare cache, that will be true, if not, Cloudflare will receive a new cache.
I guess you can see the problem, if a page is constantly requested in different languages, Cloudflare will be changing the cache all the time, on top of always be validating to my server.
Do you see any better strategy with the same setup? (Not including: using Cloudflare Enterprise, using my own mini-CDN network of proxy servers, or separating the URLs completely by language.)
I have a spring boot application which works over http.I do not want to touch the application - so no keystore etc. I want to use reverse proxy - i.e. the request will land at some other machine over TLS and
will get redirected to my spring boot application over secure socket layer. How it could be done?
Edit: When I try to login to that site, developer tool console tells me:
"Mixed Content: The page at 'https://xxxx-uat.xxxx.com:4200/login' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://151.253.73.106:9091/login'. This request has been blocked; the content must be served over HTTPS."
Nginx reverse proxy is being used.
Best way to do it is to use cloudflare. Cloudflare is free for basic use. You can create a new site, point to your HTTP URL and configure SSL as flexible. So, now your service is behind https. Cloudflare will act as proxy. Request will go to cloudflare via https, then it will be routed to your http.
I'm developing a site that's virtually entirely static. I use a generator to create all the HTML.
However, my site is a front-end to a store embedded in its pages. I have a little node.js server proxying requests on behalf of the browser to the back-end store. All it does is provide the number of items in the shopping cart so I can keep the number updated on all pages of my site. That's because the browser doesn't allow cross-domain scripting. My server has to act as a proxy between the client and the store.
(The embedded store is loaded from the store's web site and so itself does not require proxying.)
I was hoping to eventually deploy to Netlify or some similar JAMstack provider. But I don't see how I'd proxy on Netlify.
What is the standard solution to this problem? Or is proxying unavailable to JAMstack solutions? Are there JAMstack providers that solve this problem?
Netlify does allow for proxy rewrites using redirect paths with status code 200.
You can store your proxy redirects in _redirects at the root of your deployed site. In other words the file needs to exist at the root of the site directory to be deployed after a build.
_redirects
/api/* https://api.example.com/:splat 200
So a call to:
/api/v1/gifs/random?tag=cat&api_key=your_api_key
will be proxied to:
https://api.example.com/v1/gifs/random?tag=cat&api_key=your_api_key
If the API supports standard HTTP caching mechanisms like Etags or Last-Modified headers, the responses will even get cached by CDN nodes.
NOTE: you can also setup your redirects in your netlify.toml
When I pass an URL to load a website, say, http://yoururl.com, it redirects to https://yoururl.com
I mean, passing an URL with HTTP automatically redirects as https://yoururl.com in the browser URL.
#driver.get("http://yoururl.com")
Browser used: Chrome
Is there a way to stop redirecting the HTTP url as HTTPS?
The Chrome 63 and above versions will no longer take HTTP with domain .dev since you are in the local/dev environment.
https://iyware.com/dont-use-dev-for-development/
Chrome 63 (out since December 2017), will force all domains ending on
.dev (and .foo) to be redirected to HTTPS via a preloaded HTTP Strict
Transport Security (HSTS) header
https://ma.ttias.be/chrome-force-dev-domains-https-via-preloaded-hsts/
There are couple of reasons this would happen.
Redirection at load balancer or reverse proxy level.
This can be fixed by altering web server or LB configuration.
As browsers getting smarter everyday, when you open an https url is browser then next time if you even want to open http url it'll by default go to https because browser already knows that the site supports https as well. So it'll prefer to use secured communication rather text when it is available.
Here is some help for second case https://superuser.com/questions/565409/chrome-how-to-stop-redirect-from-http-to-https
I've pushed my website's DNS through Cloudflare and is now experiencing redirect loops when accessing admin and checkout pages.
The redirect is - http://postimg.org/image/ehq0kjcw1/
My Magento setup
Community 1.9
Cache management has been disabled
Index management has also disabled
Clear all cache
I've followed every steps (except step 4 about restoring visitor IP) mentioned in Cloudflare's article, but I am still having the redirect loop problem. Here are my cloudflare page rules.
This redirect loop problem occurs with or without Cloudflare flexible SSL turned on.
Does anyone has any idea?
If your server supports SSL, you should generally use Full SSL instead of flexible:
https://support.cloudflare.com/hc/en-us/articles/200170416-What-do-the-SSL-options-Off-Flexible-SSL-Full-SSL-Full-SSL-Strict-mean-
This ensures you don't have any weird redirect logic taking place with CloudFlare, since Flexible SSL redirects HTTPS requests to HTTP at the backend.
You could get a redirect loop by having conflicting redirects on your server and/or with PageRules.
Example:
You have one redirect saying send domain.com to www.domain.com, then you have another redirect saying send www.domain.com to domain.com.
If you have access to terminal on your computer, then try running this command to see what is returned in the location field on the URL the error happens on:
curl -v http://yourdomain.com (replace with the actual URL).
I have gotten an excellent and simple answer from Cloudflare support.
I just need to simply use Full SSL instead of Flexible SSL.
Printscreen - http://i.stack.imgur.com/FWl0Y.png
I think my Magento has a secure base URL defined and it tries and redirects to HTTPS when I access a secure page.