CloudFlare and websocket support

For discussion of the Poker Mavens server module and other administration topics
jfullerton44
Posts: 6
Joined: Wed Apr 08, 2020 7:36 pm

Re: CloudFlare and websocket support

Post by jfullerton44 »

I solved my issue, the issue was the since I was hosting the server on an AWS EC2 there was a firewall created that did not allow for cloudflare connections. Once I configured the firewall to allow for cloudflare connections and set the SSL on cloudflare to strict everything started working.
mikez
Posts: 9
Joined: Sat Apr 11, 2020 11:34 am

Re: CloudFlare and websocket support

Post by mikez »

Really appreciate this work.

One caveat I found while going through this today is to make sure you select the "Always Use HTTPS" option within Cloudflare's Edge Certificates, otherwise it won't auto re-direct.
Also, when changing packet ports, I eventually realized I had to clear my cache to get my browser to update to the new port.

Lastly, I did waste some money this morning ordering an SSL cert that I won't be using after discovering the Cloudflare solution, but I'm glad things are up and working now. :)

Thanks for all the support.
Kent Briggs
Site Admin
Posts: 5588
Joined: Wed Mar 19, 2008 8:47 pm

Re: CloudFlare and websocket support

Post by Kent Briggs »

mikez wrote:One caveat I found while going through this today is to make sure you select the "Always Use HTTPS" option within Cloudflare's Edge Certificates, otherwise it won't auto re-direct.
And for those using SSL without going though Cloudflare, there is a redirect utility that you can run with the poker server:

http://www.briggsoft.com/docs/pmavens/U ... m#redirect
Kent Briggs - [email protected]
Briggs Softworks - http://www.briggsoft.com
hxe
Posts: 71
Joined: Sat Apr 04, 2020 1:59 pm

Re: CloudFlare and websocket support

Post by hxe »

Discovered this in another thread by Kent.
Figured I'd post it here because this is the instructions for how to use Cloudflare.


Those are their IP addresses because they intercept all your traffic (for DDOS protection and anonymity). Do this:
System tab -> Server Settings -> Proxy IP Header = CF-Connecting-IP
Kent Briggs
Site Admin
Posts: 5588
Joined: Wed Mar 19, 2008 8:47 pm

Re: CloudFlare and websocket support

Post by Kent Briggs »

hxe wrote:Figured I'd post it here because this is the instructions for how to use Cloudflare.
Good catch, I should have mentioned that in the first post. I've added it now.
Kent Briggs - [email protected]
Briggs Softworks - http://www.briggsoft.com
RCP
Posts: 4
Joined: Sat Apr 18, 2020 4:02 pm

Re: CloudFlare and websocket support

Post by RCP »

What DNS records do you input for cloudfare? NS?

If your domain is using custom DNS pointing to a VPS (i.e. Atlantic; ns1.quickroutedns.com), would you use the Atlantic nameserver for cloudfare as well?
Kent Briggs
Site Admin
Posts: 5588
Joined: Wed Mar 19, 2008 8:47 pm

Re: CloudFlare and websocket support

Post by Kent Briggs »

RCP wrote:What DNS records do you input for cloudfare? NS?
If your domain is using custom DNS pointing to a VPS (i.e. Atlantic; ns1.quickroutedns.com), would you use the Atlantic nameserver for cloudfare as well?
Use Cloudflare's name servers at your domain registrar. In your Cloudflare account edit your DNS record and input your VPS IP address. My demo site has two "A" records, one for "pm-demo.com" and another for "www". Both point to my Atlantic IP address with TTL set to Auto and Proxy Status set to "Proxied". My domain account at GoDaddy has dom.ns.cloudflare.com and molly.ns.cloudflare.com set for the name servers (yours might be different).
Kent Briggs - [email protected]
Briggs Softworks - http://www.briggsoft.com
RCP
Posts: 4
Joined: Sat Apr 18, 2020 4:02 pm

Re: CloudFlare and websocket support

Post by RCP »

Thanks for that^

Even when I try to launch client on a locally using 127.0.0.1.

IE gives me an unsafe to proceed error. If I proceed antways, we get this:

00:56:39.128 MSG Version 6.16 : Win64 : G6-24119
00:56:39.142 MSG Connecting to wss://127.0.0.1:8443 ...
00:56:39.247 MSG WebSocket Connection Error
00:56:39.247 MSG Check Browser Error Console
00:56:39.284 MSG Connection Closed with Event Code 1015
Kent Briggs
Site Admin
Posts: 5588
Joined: Wed Mar 19, 2008 8:47 pm

Re: CloudFlare and websocket support

Post by Kent Briggs »

RCP wrote:IE gives me an unsafe to proceed error.
IE is so locked down on a Windows Server that it won't make a websocket connection in the default configuration. Put Chrome or Firefox on that machine and make it the default browser.
Kent Briggs - [email protected]
Briggs Softworks - http://www.briggsoft.com
RCP
Posts: 4
Joined: Sat Apr 18, 2020 4:02 pm

Re: CloudFlare and websocket support

Post by RCP »

I have followed all the instructions to a T, and can't seem to get it to connect.

I'm using Alantic VPS, namecheap for domain registrar, and Cloudflare.

NAMECHEAP:
Custom DNS pointing to servers specified by cloudflare
may.ns.cloudflare.com
christian.ns.cloudflare.com

CLOUDFLARE
DNS Management
type: A, name: urlname.com, content: my Atlantic IP address, TTL: auto, Proxied
type: A, name: www, content: my Atlantic IP address, TTL: auto, Proxied

SSL
Flexible, Always Use HTTPS (I've tried On and Off), followed your instructions to create MyDomain.crt, MyDomain.key, and MyRoot.crt (these are in my PMServer directory)

File Port: 443
Packet Port: 8443

I can't figure out what I'm missing, cause it doesn't connect when I goto either my url.com or my IP directly.
Do I need to do anything with Reverse DNS on atlantic?

FYI, if I change the file port to 80 and disable SSL, I can connect to PM by my Atlantic IP directly.
Post Reply