View attachment 42043
Everything is available from within XenForo (you do not need to go to Cloudflare for things) via the Cloudflare API. This allows you give admins permission to do certain things (for example block IP addresses within Cloudflare without giving them access to your Cloudflare account).
It simplifies/automates much of the configuration and usage of Cloudflare with XenForo.
- Manage all Cloudflare settings/options for your zone.
- Ability to...
- Don't assume R2 bucket still exists when getting usage stats for buckets (in case someone deleted the bucket they are currently using)
- Fixed issue when trying to configure R2 for the first time, but Cloudflare account does not have R2 enabled yet
- Added sanity check for external data URL option in case addon somehow got partially (but not fully) installed
- If using guest page caching and purge cache API call fails when a new post is created, edited or deleted, fail silently...
- Hate pushing quick versions out (sorry)... but a necessary fix for media uploads which are handled slightly differently than other uploaded content (like avatars and attachments).
- Fix for change to Crawler Hint API calls (needed to change Crawler Hints setting)
- Updated parameters for Network error logging when doing "Easy config"
- Normalize path when getting a list of multiple objects
- Add support for getting listings of directories inside buckets in R2 adapter (a little tricky because R2 it not a file system in the traditional sense as there are no actual directories). Should make it so exporting styles with attached assets should work if those...
- Removed repository dependency within R2 adapter
- When checking if a file exists on R2, only fall back to checking if it's a "directory" if there's no file extension in the path (less class A operations)
- Selecting Global API keys are disabled (can't setup new ones going forward). Includes deprecation notice (going away completely in the future, so migrate to API tokens if you are still using Global API keys!).
- Unify primary classes so they can be shared without changes with WordPress version of this addon
- If you don't already have a Cloudflare API token, the link to create one will pre-define the required permissions for you (way less annoying for new users)
- Updated...
- Consolidated buttons for new firewall rules into a menu
- Consolidated buttons for new cache rules into a menu
- Stop click propagation when clicking on link to Cloudflare in stats block header (prevents block from hiding/showing when you are just trying to go to Cloudflare dashboard)
- Viewing statistics block on main admin page requires admin permission viewAnalytics (not the permission for managing cloudflare) and block is hidden if the user doesn't have the necessary...
IMPORTANT for existing users: A change to Firewall API calls requires a new API permission to be able to set it. You can go to your Cloudflare API Tokens, edit the token you have and add the following permissions:
The Firewall API has been deprecated and turned into a Ruleset API, so no way around the new permission (sorry).
- Zone.Zone WAF: Edit
Changes:
- Fixed missing padding on timeframe...
- Better handling of situation where someone deleted R2 bucket in Cloudflare's dashboard but didn't disconnect that bucket from being used by XenForo yet.
- Fixed issue where we were assuming there was a firewall ruleset for firewall rules (not always the case, so don't assume it exists).
- Fixed issue with logging daily stats if a site isn't using Turnstile for CAPTCHAs
- Requires XF 2.1.0+ (always was the case technically, installer enforces it now)
- Better handling of stats rebuilding when rebuilding all stats for the site (from cache rebuild)
- Check if Cloudflare account ID is missing when generating R2 bucket URL and add a server error log if that's the case (if an API token has insufficient permissions, you could end up with a missing account ID, which would in turn make R2 functions not work).
- Backup option works properly again with Firewall rules (forgot to convert that to the new Ruleset API that the firewall uses...
- Added check to make sure the site's hostname has at least one dot in it when determining Cloudflare zone ID (things like "localhost" are not valid Cloudflare zones)
- Fetch up to 1,000 R2 buckets per account with API call instead of the default of 20
- If API permissions get revoked on accident, don't throw exception about it on main admin index (admin index won't break if API permissions went away for some reason)
- Guest page caching will work properly when a page immediately fires an AJAX request
- Don't try to purge Cloudflare's cache when using guest page caching and an orphaned post is being deleted (when a post is assigned to a thread that doesn't exist)
- Don't include all Zero Trust Access rules in backup (only include rules for your zone/domain)
- Cache Rules included in backup/restore process
- Fixed issue with creating Turnstile site via API (Cloudflare updated schema for API call)
- Added ASN support when creating IP address rules
- Cache Cloudflare zone/domain (makes it so an API call is not necessary on the admin index page to build deeplink to your zone in your Cloudflare account)
- Fixed issue where you would get a Call to a member function getBody() on array exception instead of the intended HTTP response if an API call failed twice (it automatically does a retry if it failed once)
- When using guest page caching, decouple the purge cache mechanism from the http request (the purge cache action is sent to XenForo's job system)
- Show egress bandwidth when hovering over R2 class A or class B operation stats
- Reorganized settings to align with Cloudflare's...
IMPORTANT for existing users: New functionality requires 2 additional API permissions in order to use the new functions. You can go to your Cloudflare API Tokens, edit the token you have and add the following permissions:
At this point, you should have a total of 18 permissions for your API token.
- Account.Allow Request Tracer: Read
- Account.Intel: Read
Changes:
- Added ability to cache...
Fix for issue when trying to enable guest page caching (ends up in a loop). Only needed if you don't have guest page caching enabled and you want to enable it.
- Can use R2 for storage without site being a domain/zone in Cloudflare
- Made change to XenForo's attachment data entity to be more efficient (normally XenForo checks if an attachment exists before making an additional call to actually get it). This will reduce an API call for every attachment view because we don't need to check if the attachment exists (we know it does already because we have a record of it in attachment data).
- Added new option: Use presigned URLs for...
- Moved Cloudflare options from External service providers to their own Options page
- New option (advanced): Show attachment data errors in server error log
- Add sanity check when using R2 with presigned URLs and users are allowed to upload audio/video media
IMPORTANT for existing users: New functionality requires 1 additional API permissions in order to use the new function. You can go to your Cloudflare API Tokens, edit the token you have and add the following permission:
At this point, you should have a total of 19 permissions for your API token.
- Account.Billing: Read
- Added sanity check to make sure attachment data exists when using presigned...
- Added support for new Cloudflare setting: Speed -> Optimization -> Content Optimization -> Cloudflare Fonts
- When using "Easy config", set "Security level" to "Essentially off" (was set to "Medium" before)
- Easy config enables Cloudflare Fonts