CloudFlare and websocket support

For discussion of the Poker Mavens server module and other administration topics
Post Reply
ftpjesus
Posts: 164
Joined: Fri Dec 30, 2016 1:54 am

Re: CloudFlare and websocket support

Post by ftpjesus »

Theres no indication they should be having an issue with your useage.. It says if you start using a larger amount significantly then what most plans on that level use then they will ask you to upgrade.. I had the $20 plan and never saw an issue
Owner Operator of (TBA)
http://www.( TBA ) .com (Home Page)
http://www. (TBA) .net (Play Money)
http://www. (TBA) .eu (BTC Token tied currency and Stable Coins through Crypto quasi real money play)
Bcruey
Posts: 11
Joined: Mon Feb 01, 2021 9:53 pm

Re: CloudFlare and websocket support

Post by Bcruey »

I am trying to set up a secure connection to my site due to a few inquiries about site security. I found this post and have tried the following steps, but nothing seems to work.

GoDaddy
-I purchased a domain name https://mypokersite.com
-I created web content and have been using the site to supply information about my league

Atlantic
-I went to Atlantic.net and created an account
-I got an IP address from Atlantic

Cloudflare
-I followed your instructions shown in this post
-I put all my certs in the same folder as the PMServer.exe file
-I changed the settings in my GoDaddy account such that my domain DNS nameservers are isla.ns.cloudfare.com and jaime.ns.cloudfare.com
-in my DNS settings I created two A groups for mypokersite.com and www; both set to proxied and TTL=Auto. There was a CNAME for www that was automatically created. I deleted that to create the second A type for www.
-I set my SSL/TLS encryption mode to Full (strict)
-Turned on Always Use HTTPS


Poker mavens 6.33 Pro
-I set the internet IP address field to www.mpokersite.com
-I set Append Port to "No"
-I set Auto Lookup IP to "No"
-I set File Port to 443
-I set PAcket Port to 8443
-I set SSL encryption to "Yes"
-I directed the SSL Key, cert, and root files to the appropriate locations

The issues I am having is that for some reason I can no longer even access my website. secondly when I enter in www.mypokersite.com:443/?SitePassword=xxx I get an error "400 Bad Request The plain HTTP request was sent to HTTPS port".

I am hoping that I am missing a simple step.

Thanks.
Kent Briggs
Site Admin
Posts: 5878
Joined: Wed Mar 19, 2008 8:47 pm

Re: CloudFlare and websocket support

Post by Kent Briggs »

Can you get a connection if you turn all of the SSL stuff turned off and ports to 80 and 8080? Just to make sure the domain and DNS are working ok in non-SSL mode.
Bcruey
Posts: 11
Joined: Mon Feb 01, 2021 9:53 pm

Re: CloudFlare and websocket support

Post by Bcruey »

That does not seem to be working either. Two things that I noticed are:

1) that in Cloudflare, if I set my two A DNS groups to my Atlantic IP address, my website will not load. If I change that IP address back to the Godaddy IP address, then it works again. However, when I set things up this way, then www.mypokersite.com:443/?SitePassword=xxx simply routes me to my website, not the game server.

2) if I use file port 80 and packet port 8080, I get to my website, but no poker server.

3) my GoDaddy URL already has SSL encryption that I guess I purchased when I registered the domain name so it is already an https. Not sure if that makes a difference in any of the steps
Kent Briggs
Site Admin
Posts: 5878
Joined: Wed Mar 19, 2008 8:47 pm

Re: CloudFlare and websocket support

Post by Kent Briggs »

If you'e running a web server (IIS or Apache) on the same machine as Poker Mavens then you cannot use port 80 or 443 in PM because the web server will be using them.
Kent Briggs
Site Admin
Posts: 5878
Joined: Wed Mar 19, 2008 8:47 pm

Re: CloudFlare and websocket support

Post by Kent Briggs »

Bcruey wrote: Wed Feb 16, 2022 9:38 am 3) my GoDaddy URL already has SSL encryption that I guess I purchased when I registered the domain name so it is already an https. Not sure if that makes a difference in any of the steps
They likely supplied a free cert that is installed on their own servers in case you also used them for hosting. But you would still need all those cert and key files to be installed on the poker server. Domain names are independent from those certs.
Bcruey
Posts: 11
Joined: Mon Feb 01, 2021 9:53 pm

Re: CloudFlare and websocket support

Post by Bcruey »

I am not running a web server.

Do I need to have a URL that is set up specifically to host the game? I am currently trying to use my club website for everything at www.jackhighpokerleague.com.

I found this post: http://www.briggsoft.com/forums/viewtopic.php?t=3583

In this case, the user set up a play button on his/her website that pointed to a separate URL to host the game. That is not what I am trying to do, however, that does sound like an attractive feature. I am trying to provide a link that directs my club members to a secure site.
Kent Briggs
Site Admin
Posts: 5878
Joined: Wed Mar 19, 2008 8:47 pm

Re: CloudFlare and websocket support

Post by Kent Briggs »

You'll need a separate domain name just for the poker server if you want SSL support for it. Or you would need a wildcard SSL cert that supported multiple subdomains (like www.example.com for your website on one host and poker.example.com on another host.
Bcruey
Posts: 11
Joined: Mon Feb 01, 2021 9:53 pm

Re: CloudFlare and websocket support

Post by Bcruey »

Kent Briggs wrote: Wed Feb 16, 2022 2:55 pm You'll need a separate domain name just for the poker server if you want SSL support for it. Or you would need a wildcard SSL cert that supported multiple subdomains (like www.example.com for your website on one host and poker.example.com on another host.
Ok. This worked...sort of. I repeated all of the steps after purchasing another domain name www.jackhighpoker.com. I set up PM on a remote server and adjusted all of the Cloudflare settings as instructed.

First of all, when I set the internet IP address to my Atlantic cloud server IP {my IP address} and file and packet ports to the default 8087 and 8088 respectively, I am able to access the poker server just fine using {my IP address}:8087 when pasted into chrome. This is where I was at square 1 so that works.

When I set file and packet ports to 80 and 8080 respectively, and use my URL as the internet IP address and I turn off all SSL encryptions features both in PM and on Cloudflare, I am able to access the site.

When I set the SSL encryption server setting to "Yes" in PM and SSL/TLS encryption mode in Cloudflare to "Flexible", I get a Time Out Error code. When I set the SSL/TLS encryption mode to Full (strict), I get an Error 526 for an invalid SSL certificate. Furthermore, the error code indicates that the origin web server does not have a valid SSL certificate.

I am going to re-read all of the previous posts to see if I missed something. However, If you think you have the solution, let me know, please.

Thanks for all your help. I'm pretty dense when it comes to all of this stuff. Surprised I made it this far...
Kent Briggs
Site Admin
Posts: 5878
Joined: Wed Mar 19, 2008 8:47 pm

Re: CloudFlare and websocket support

Post by Kent Briggs »

Bcruey wrote: Wed Feb 16, 2022 6:15 pm First of all, when I set the internet IP address to my Atlantic cloud server IP {my IP address} and file and packet ports to the default 8087 and 8088 respectively, I am able to access the poker server just fine using {my IP address}:8087 when pasted into chrome. This is where I was at square 1 so that works.
The Internet IP Address setting is only used by www.pokermavens.net (if you have Directory listing = Yes) so it knows where to send the players. Put your domain name (full URL starting with http) in there instead of the Atlantic IP address so that connections pass through Cloudflare. Otherwise you are exposing your real IP to the world and not getting the DDOS-protection benefit of Cloudflare.
When I set the SSL encryption server setting to "Yes" in PM and SSL/TLS encryption mode in Cloudflare to "Flexible", I get a Time Out Error code. When I set the SSL/TLS encryption mode to Full (strict), I get an Error 526 for an invalid SSL certificate. Furthermore, the error code indicates that the origin web server does not have a valid SSL certificate.
Did you set your ports back to 443 and 8443? Email me your cert file, root cert file, and key file and I'll take a look.
Post Reply