• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Question Cloudflare

O

othmaqsa

Regular Pleskian
Server operating system version
18.0.55 Update #1
Plesk version and microupdate number
20.04.6 LTS
Hello,

I have few questions about using Cloudflare with Plesk.

1- Do I need to add all the DNS records mentioned in Plesk, in the Cloudflare dashboard, like SRV record etc ?
2- Is it recommended to use Cloudflare's Full (Strict) encryption with Plesk or Full is enough? I have tried few months ago to use the option Full, but I have noticed the error 520/521 is randomly occur, multiple times per day?

Thanks.
 
othmaqsa said:
1- Do I need to add all the DNS records mentioned in Plesk, in the Cloudflare dashboard, like SRV record etc ?
Click to expand...
You don't need all records, only those you believe you'll actually need so if you're planning on using autodiscover for email configuration then yes you'll need the SRV records.

Now there is an extension that allows you to sync your DNS records to Cloudflare for you so you can do all your records within Plesk itself.
othmaqsa said:
2- Is it recommended to use Cloudflare's Full (Strict) encryption with Plesk or Full is enough? I have tried few months ago to use the option Full, but I have noticed the error 520/521 is randomly occur, multiple times per day?
Click to expand...
In all honestly it's completely up to you what level of encryption to use but depending on which level will depends on if you need a valid certificate or not. Like for one of my site I use flexible so the encryption between the browser and cloudflare is encrypted but the rest is whatever because I've had weird issues using any of the others and been too lazy to fix it. Full allows you to use a self signed certificate on the server while full strict requires you to have a certificate from a trusted CA or use the cloudflare's origin ca cert on the server. It basically comes down to personal preferences with how you have things configured.

TECNECHALLY speaking you should use Full Strict whenever possible and use Full if you can't use Full Strict.
 
@scsa20 , thank you for your message.

I have another question please:

I have added real_ip_header CF-Connecting-IP; in the Additional nginx directives in order to log the real IP address of the user, but the CF IP still showing in the logs.

A solution please ?
 
If you do a search you can find this post

Nginx ngx_http_realip_module for Plesk?

Any chance of getting the Nginx ngx_http_realip_module module for the version of nginx included in Plesk 12 on CentOS 6 & 7? We have customers using Cloudflare who want the real IP in their logs from the requests handled by nginx; we can do the cloudflare mod to handle the requests apache sees.
talk.plesk.com talk.plesk.com

Follow that instructions to get real IP working correctly.
 
You must log in or register to reply here.

Similar threads

majdi draouil
Question How to Block Direct IP Access and Ensure All Traffic Routes Through Cloudflare
Replies
1
Views
598
Raul A.
R
C
Question How can I secure my Mail with Letsencrypt next to Cloudflares Origin Certificate in Plesk?
Replies
4
Views
1K
cpulove
C
C
Question Plesk with Cloudflare Proxy DNS Records and Letsencrypt..
Replies
0
Views
962
cpulove
C
C
Issue Cloudflare Origin SSL Zertifikate does work and protect
Replies
1
Views
1K
cpulove
C
Oldiesmann
Question Cloudflare and Plesk
Replies
0
Views
776
Oldiesmann
Oldiesmann
Back
Top