merp (Taiwan arc)
CDCloudflare Developers
•Created by merp (Taiwan arc) on 11/12/2024 in #general-help
Different nameservers for different zones
Hi, since Cloudflare name servers are a way to uniquely identify an account, and it is possible to identify all domains under the account by simply seeing which domains have the same set of 2 name servers, is it possible to switch up the name servers for each new zone for enhanced privacy?
5 replies
CDCloudflare Developers
•Created by merp (Taiwan arc) on 9/28/2024 in #general-help
Can I reset or delete a Cloudflare account with lost 2fa?
We have a login on Cloudflare that was created under an email similar to “[email protected]” (basically a generic IT email) but this account was formerly managed by a single person, who had 2FA on, and left the company giving us the password but not the 2FA. The account, as far as I know, is empty, we’ve revoked access for it from our org, and we still have access to the actual Cloudflare org/sites through other logins. However, we just want to have the ability to use this email login again (and also prevent the former employee from using an account tied to a company email). Is this possible?
5 replies
CDCloudflare Developers
•Created by merp (Taiwan arc) on 5/19/2024 in #general-help
Custom challenge pages
Hi, I'm trying to create a custom challenge page per https://developers.cloudflare.com/support/more-dashboard-apps/cloudflare-custom-pages/configuring-custom-pages-error-and-challenge/#step-2-select-your-custom-error-tokens
This tells me to use the token
::CAPTCHA_BOX::
where the CAPTCHA will be placed. I did so, but it seems like no matter what I do, the additional text:
is displayed around the CAPTCHA box.
However, I've seen other sites protected by Cloudflare that also have custom challenge pages without this, for example, Dcard.tw (basically Reddit in Taiwan). It's not any CSS or injected JS trickery, there's absolutely no mention of the phrase "Performance & security by Cloudflare" in the page source whatsoever. How are they doing this?18 replies
CDCloudflare Developers
•Created by merp (Taiwan arc) on 5/16/2024 in #general-help
Cloudflare Zero Trust OpenID IdP with HS256 id_token signature
Hi, I’m trying to configure an OpenID IdP for my Zero Trust config. However, the OpenID IdP in question provides HS256 signatures. In Cloudflare Zero Trust it appears like it’s only possible to configure a certificate URL but not a HS256 secret key. Is this configuration somehow possible or do I need some sort of OpenID proxy to handle it?
2 replies
CDCloudflare Developers
•Created by merp (Taiwan arc) on 4/29/2024 in #general-help
Deleting a hostname association for authenticated origin pulls
Hi, I am trying to delete a hostname association for authenticated origin pulls:
https://developers.cloudflare.com/api/operations/per-hostname-authenticated-origin-pull-enable-or-disable-a-hostname-for-client-authentication
For now I set all of them to
null
with PUT https://api.cloudflare.com/client/v4/zones/**snip**/origin_tls_client_auth/hostnames
, which according to the docs is supposed to invalidate the entry, but then when I do GET https://api.cloudflare.com/client/v4/zones/**snip**/origin_tls_client_auth/hostnames
it is still listed there. Can it be deleted entirely?2 replies
CDCloudflare Developers
•Created by merp (Taiwan arc) on 4/28/2024 in #general-help
Wordpress APO for a site with multiple Wordpress installations in different directories
Hi, I'm interested in setting up Wordpress APO (https://wordpress.org/plugins/cloudflare/) and hopefully having my entire Wordpress site served from the Cloudflare edge.
My site actually consists of multiple Wordpress installations on the same domain but in different directories (more specifically, there's a Wordpress installation in the root directory https://example.com, and then a second Wordpress installation, with its own files, in a subdirectory like: https://example.com/wp). It is not a "multisite" configuration, both installations are independent installations each with its own set of files, its own database schema, etc.
I'm wondering if I can still use the Wordpress APO plugin. Do I need to install the plugin on both installations? Will there be any issues? If I install it, should I remove other caching plugins such as WP Rocket?
3 replies