Webinoly is just the perfect tool for NGINX experts. Give it a try!
0 votes
1.1k views
by Talented
Hi Cristhian,

I'd like to request a NGINX conf file in /conf.d that sets the real ips of visitors if one uses Cloudflare (which is not an uncommon case for people running WP). It would not be a big file, just as simple as described here: https://community.easyengine.io/t/get-real-visitor-ip-behind-cloudflare/9036

And here a useful bash script that could be integrated and run every once in a while, maybe through cron every half a year: https://github.com/WordOps/WordOps/blob/8797699ead73ca67dfd303dc284ab7ac134a9215/wo/cli/templates/cf-update.mustache

Thanks for considering! :)

1 Answer

0 votes
by Expert

Native support for Cloudflare is not in our roadmap.

Sorry! sad

by Talented
Hey, there is nearly no overhead if you'd just include the .conf file by default, I am not talking about any -cf commands or anything that makes things too complicated, but it would mean native Cloudflare support for Webinoly and therefore a lot more user acceptance, because there are a lot of Cloudflarers out there.

If you still say no: How do I make a plugin for Webinoly? The script is there, I am not nearly anywhere bash wise where you are, but I might be able to manage.

Thanks.
by Expert

It would need changes in the log structure to make it work, which will not work for non-CF users. Also, I'm not a fan of having conf files loading on each request for users that don't need it.

The proper solution would be:

  1. Having a command for native support.
  2. Or, each user have to add this simple conf mods if they need it.
If you want to have your own plugin integrated into Webinoly, we have the "Internal API and Event" for this purpose. You can easily add your own code!
by Expert

Another option: You can add your own custom NGINX rules for each site (inside server block).

Doc: https://webinoly.com/en/documentation/sites/#nginx

by Talented

Ok, cool, how to best go about making that native implementation? How do I give you the files/code and where would I need to put it so it can be executed with sudo site example.com -wp -cf?

And a side note, the competition all have it natively in the nginx.conf or somewhere in conf.d. laugh Because a lot of site run behind Cloudflare, it is more the norm and less the fringe case nowadays, but of course if you want it as a plugin, then that's how it shall be.

by Expert

The easiest way and recommended:

  1. Create this file: /var/www/example.com/cf-nginx.conf
  2. Put all the NGINX rules you need inside that file.
  3. Restart Nginx service.
That will work for a specific site. If want to take these rules globaly, you can put this file en conf.d folder.
by Talented
Yes, but how would I go about making a plugin that offers this natively? I did not find documentation in that direction.
by Expert

As I mentioned in a previous comment, the Webinoly Internal API is very well documented and that's an easy way to integrate your own code into Webinoly.

Try this code and see what happens whene you run: sudo site example.com -wp -cf

api-events_catch_status() {
        [[ $1 == "si2" && -n $cf ]] && echo "Cloudflare Code!"
}
by Talented
Sorry, I was not clear, I mean would you put this in the webinoly repository, or how would I offer this to the general public so it would be easy for them to use? What is you policy about code contribution and how do I do it so it is conform with your wishes and policies? I understood that part about the API(not all of it but how it generally works), but not about all the things around it. Thanks! :)

Also, what are the conflicts with the log structure you mentioned?
by Expert

To Include the original visitor IP in your logs, add the variables $http_cf_connecting_ip and $http_x_forwarded_for in the log_format directive.

And sorry, Micha, it's not a matter of "code contribution", Cloudflare is not in our roadmap. Maybe in the future we can change this idea!

by Talented

Not a problem, I can just add it in a Webinoly install script. And I don't care much for access logs anyway, I leave them off, as is the default for Webinoly.

Just thought it would be beneficial for a large chunk of Webinoly users. You don't think that?

So if it ever get's implemented, I guess it should look like this:

webinoly -cf=on

webinoly -cf=off

 What it would do is simple: Add the .conf-file that gets generated into /etc/nginx/conf.d/ and use sed to put/remove that necessary $http_cf_connecting_ip in the log_format line in nginx.conf.

It will not be necessary to limit that configuration to one specific site as chances are very very high that you use Cloudflare when you use it on one site on all. And even if there is one that does not, the config would no get in the way anyways.

Welcome to the Community site for Webinoly.

Our Optimized LEMP Web Server is a powerful set of commands for doing just about anything you could wish.

With Webinoly you can set up your NGINX web server in just one step.

* * * * * * *

To report a bug, please create a new issue on GitHub or ask a question here with the bug tag.
Webinoly Support Paypal Donations

PayPal · GitHub Sponsors · Bitcoin

It is very important that any visitor to the site read the disclaimer, terms of use and privacy and legal statement before start browsing.

...