cold
Explore posts from serversCDCloudflare Developers
•Created by cold on 1/29/2025 in #general-help
Cloudflare load balancer session affinity set cookie?
Is it possible to tell cf (on the client) which server to choose (with the
__cflb cookie)? My current approach is just hardcoding one of the __cflb values for each server and overwriting it that way, but I'm not sure if this is a permanent and stable approach.
Has anyone done this before or has any idea how to do this?1 replies
CDCloudflare Developers
•Created by cold on 1/29/2025 in #general-help
Cloudflare dynamic sticky sessions
So I'm using a load balancer, which has server1 and server2. Now I want each user to have a sticky session, because of states on the server. If the user had a state on server1, and would request server2, the state wouldn't be found. So I used cookie and Client IP fallback, but what if the user logs in from a different device with a different ip, while the state is ongoing? Then we have an issue. So I would save the state in an external db accessable from both servers, with a value on which server the state is on, and if the user requests the wrong server, I return that they need to change the server in the api, and it would change to use that server.
Is this possible? Can you tell users through an api which server to set their sticky session to?
Any help is appreciated.
1 replies
KPCKevin Powell - Community
•Created by cold on 3/14/2024 in #front-end
Angled border radius?
13 replies
CDCloudflare Developers
•Created by cold on 2/15/2024 in #general-help
Protected API?
Hi, so for pages like the index file, I can set up a WAF rule to force a challange, to prevent it from getting ddossed,
but when i for example have /api/getInfo, I obviously can't force a challange on that endpoint.
My question is, is there a way to sign api calls, so that without cloudflare cleareance that you got from getting on the page, you can't reach the api?
I know things like caching, ratelimiting etc. help, but there is always a limit, it won't protect a massive botnet for example on an endpoint that has to be uncached.
2 replies