CD
Cloudflare Developers7mo ago
zNexus

Service (website) is really slow behind cloudflare, but using direct connection before cloudflare

Hello everyone, I have a home server. I run zipline in a docker container, which runs on port 3000. Then I proxy_pass this with an NGINX (1.26), using HTTP2, SSL to port 443. The cloudflared tunnel is configured to https://localhost:443 Cloudflare Tunnel config: 
Service
  https://localhost:443
Origin configurations
  http2Origin:
  httpHostHeader: domain.com
  originServerName: domain.com
Service
  https://localhost:443
Origin configurations
  http2Origin:
  httpHostHeader: domain.com
  originServerName: domain.com
NGINX: 
server {
    listen       443 ssl;
    http2 on;
    server_name  domain.com;
    access_log /var/log/nginx/cdn/access.log;
    error_log /var/log/nginx/cdn/error.log;
    ssl_certificate /etc/cert/cdn/fullchain.pem;
    ssl_certificate_key /etc/cert/cdn/privkey.pem;
    ssl_session_cache shared:SSL:10m;
    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_ciphers "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384";
    client_max_body_size 100M;
    location / {
        rewrite "^\/([a-zA-Z0-9]{12})\.png$" /u/$1.png last;
        rewrite "^\/([a-zA-Z0-9]{12})\.mp4$" /u/$1.mp4 last;
        rewrite "^\/([a-zA-Z0-9]{12})$" /u/$1.png last;
        proxy_pass http://localhost:3000;
        proxy_set_header Host $http_host;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}
server {
    listen       443 ssl;
    http2 on;
    server_name  domain.com;
    access_log /var/log/nginx/cdn/access.log;
    error_log /var/log/nginx/cdn/error.log;
    ssl_certificate /etc/cert/cdn/fullchain.pem;
    ssl_certificate_key /etc/cert/cdn/privkey.pem;
    ssl_session_cache shared:SSL:10m;
    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_ciphers "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384";
    client_max_body_size 100M;
    location / {
        rewrite "^\/([a-zA-Z0-9]{12})\.png$" /u/$1.png last;
        rewrite "^\/([a-zA-Z0-9]{12})\.mp4$" /u/$1.mp4 last;
        rewrite "^\/([a-zA-Z0-9]{12})$" /u/$1.png last;
        proxy_pass http://localhost:3000;
        proxy_set_header Host $http_host;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}
I don't think, that the problem would be in the NGINX config, I tried https://serverip:443 and it worked just fine, but when I connect through https://domain.com its loading for like 10-30 seconds.
2 Replies
zNexus
zNexusOP7mo ago
Also my portainer is having the same problem. Its running in docker, but when I access it through domain (cloudflare) it's really slow. Portainer does not go through NGINX
denisapain
denisapain7mo ago
try testing from a different ip, or.... un-zero trust i am definitely a cloudflare pro you've never seen me before
Want results from more Discord servers?
Add your server