• The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Question Cloudflare

O

othmaqsa

Regular Pleskian
Server operating system version
18.0.55 Update #1
Plesk version and microupdate number
20.04.6 LTS
Hello,

I have few questions about using Cloudflare with Plesk.

1- Do I need to add all the DNS records mentioned in Plesk, in the Cloudflare dashboard, like SRV record etc ?
2- Is it recommended to use Cloudflare's Full (Strict) encryption with Plesk or Full is enough? I have tried few months ago to use the option Full, but I have noticed the error 520/521 is randomly occur, multiple times per day?

Thanks.
 
othmaqsa said:
1- Do I need to add all the DNS records mentioned in Plesk, in the Cloudflare dashboard, like SRV record etc ?
Click to expand...
You don't need all records, only those you believe you'll actually need so if you're planning on using autodiscover for email configuration then yes you'll need the SRV records.

Now there is an extension that allows you to sync your DNS records to Cloudflare for you so you can do all your records within Plesk itself.
othmaqsa said:
2- Is it recommended to use Cloudflare's Full (Strict) encryption with Plesk or Full is enough? I have tried few months ago to use the option Full, but I have noticed the error 520/521 is randomly occur, multiple times per day?
Click to expand...
In all honestly it's completely up to you what level of encryption to use but depending on which level will depends on if you need a valid certificate or not. Like for one of my site I use flexible so the encryption between the browser and cloudflare is encrypted but the rest is whatever because I've had weird issues using any of the others and been too lazy to fix it. Full allows you to use a self signed certificate on the server while full strict requires you to have a certificate from a trusted CA or use the cloudflare's origin ca cert on the server. It basically comes down to personal preferences with how you have things configured.

TECNECHALLY speaking you should use Full Strict whenever possible and use Full if you can't use Full Strict.
 
@scsa20 , thank you for your message.

I have another question please:

I have added real_ip_header CF-Connecting-IP; in the Additional nginx directives in order to log the real IP address of the user, but the CF IP still showing in the logs.

A solution please ?
 
If you do a search you can find this post

Nginx ngx_http_realip_module for Plesk?

Any chance of getting the Nginx ngx_http_realip_module module for the version of nginx included in Plesk 12 on CentOS 6 & 7? We have customers using Cloudflare who want the real IP in their logs from the requests handled by nginx; we can do the cloudflare mod to handle the requests apache sees.
talk.plesk.com talk.plesk.com

Follow that instructions to get real IP working correctly.
 
You must log in or register to reply here.

Similar threads

Oldiesmann
Question Cloudflare and Plesk
Replies
0
Views
281
Oldiesmann
Oldiesmann
P
Resolved PLESK 18.0.60 Problems to configure mails / Certificates, etc.
Replies
8
Views
829
mow
M
P
Issue Certificate problem in Plesk
Replies
5
Views
379
Raul A.
R
B
Issue High latency, unreliable performance & 522 errors on a Plesk server that ran fine for 6+ months
Replies
1
Views
223
Sebahat.hadzhi
Sebahat.hadzhi
R
Question The New Plesk Firewall is lacking port numbers/specifics. Can anyone supply a map of ports>services??
Replies
2
Views
275
regenix
R
Back
Top