Cloudflare + Heroku

Question

Cloudflare + Heroku

Closed this issue 3 years ago · 8 comments

Hello everyone,

This is more of a question instead of an issue.
Not sure if anyone is using Cloudflare for the CDN, but is happening is that camaleon CMS always ask to relogin very frequently to the admin panel - almost when I'm navigating between 1 menu to the other.

This issue doesn't exist if I access the apps directly from the heroku link - nor if I disable the Cloudflare (direct root domain access with no CDN).

My configuration is as follow:

Redirect from root domain to www.
Force HTTPS
SSL Certificate = Full
Cache level is standard
Updated the domain name in the admin panel to www.mysite.com

If anyone can share their configuration, that would be highly appreciated! :)
I can do a redirect of admin page to Heroku if needed, but would like to avoid this.

Thanks everyone in advanced!

Answer 1 · 2019-01-15T01:40:48.000Z

The authentication system checks the IP address of the request, and I suspect this is causing your problem. If the CDN has nodes all over the place, and you don't hit the same one on every request, and if the app sees the CDN proxy node's IP instead of your own, then it would force another login. I'm honestly not sure how to fix this, though.

Answer 2 · 2019-03-22T13:26:09.000Z

Same issue here...
@stjokro , how did you solved?

Answer 3 · 2019-03-22T15:39:59.000Z

didn't get to solve this @zener79 =
i think @brian-kephart have a point - maybe try to not check IP address on request.

Let me know if you have any luck!

Answer 4 · 2019-03-22T15:58:56.000Z

I think I will use a different subdomain not proxyed by Cloudflare (orange cloud turned off) for admin tasks for the moment.

Answer 5 · 2019-03-22T16:04:25.000Z

that's a good option!
what i did is that if i need to make admin tasks, ill just go directly on the heroku app link.

not the sweetest - but itll do its job for now. :)

btw, have you done a comparison between wordpress and camaleon CMS in terms of speed, resources, performance for an apple-to-apple website?

Thinking to migrate it to wordpress as i've never had such an issue with wordpress

Answer 6 · 2019-03-23T03:06:37.000Z

@owen2345 can the IP check be removed, or would that compromise security? I'm not sure what role that check plays.

Answer 7 · 2019-03-23T23:48:59.000Z

Hi @brian-kephart
done: browser and ip verification removed (2.4.5.14)

Answer 8 · 2019-04-05T19:33:50.000Z

@stjokro did this solve your issue?