[DigitalPoint] Cloudflare 1.5.2

Everything is available from within XenForo (you do not need to go to Cloudflare for things) via the Cloudflare API. This allows you give admins permission to do certain things (for example block IP addresses within Cloudflare without giving them access to your Cloudflare account).

It simplifies/automates much of the configuration and usage of Cloudflare with XenForo.

• Manage all Cloudflare settings/options for your zone.
• Ability to purge Cloudflare cache...

Click to expand...

Fixed issue where changed to Argo Tiered Cache setting wouldn't update via API.

• Fixed issue where generation of Cloudflare backup would try to use zone-level permissions for Access instead of account-level.

Click to expand...

Fixed issue where changes to Argo Tiered Cache setting wouldn't update via API (for real this time).

Click to expand...

Click to expand...

• New option under Options -> External service providers -> Block IP addresses on spam clean from user approval queue (it's off by default, so you will need to enable it if you want to use it).
• Added additional info for cases where there's an exception making request to Cloudflare's API, but without an actual error received from the API.

Click to expand...

• Compatibility with very old (end-of-lifed for years) versions of PHP

Click to expand...

• Ability to use a Cloudflare Worker as a backend image proxy to hide the origin server's IP address when XenForo's image proxy fetches the image
• Some minor cosmetic tweaks to Cloudflare lists of things in admin area

Click to expand...

The option to Force registration challenge added in version 1.1.1 has been extended to optionally apply to the contact form as well. If you already created the managed challenge for registrations you can click the option again to toggle on/off the contact form option (it will update the existing rule).

View attachment 27239


Using Cloudflare Workers as an image proxy was added in version 1.1.0. Now you can also use Cloudflare Workers as an unfurl proxy to further hide the...

Click to expand...

• Removed stray variable in a tooltip
• Fixed issue where setting values considered "good" when disabled would show the opposite value for their setting (things like Development Mode and Rocket Loader which are considered "good" when disabled)

Click to expand...

• Handling of Access policy creation when some admins have no email address.
• Better handling of favicons when using unfurl proxy and destination is using relative favicons.

Click to expand...

• Give human-readable error when the domain/zone does not exist on Cloudflare account when trying to work with it.

Click to expand...

This adds some functionality to Cloudflare's Turnstile captcha option added to XenForo 2.2.12.

IMPORTANT for existing users: The new Turnstile functions require a new permission for the API Token you use. You can go to your Cloudflare API Tokens, edit the token you have and add the Account.Turnstile: Edit permission.


One-click Turnstile site creation

You can automatically set up Turnstile for your site...

Click to expand...

IMPORTANT for existing users: The new R2 functions and control of new settings require some new permissions for the API Token you use. You can go to your Cloudflare API Tokens, edit the token you have and add the following permissions:

• Account.Account Analytics: Read
• Account.Workers R2 Storage: Edit
• Zone.Bot Management: Edit
• Zone.Cache Rules: Edit

You should have a total of 14 permissions for...

Click to expand...

• Made some minor changes to the logic of when to serve cached pages or not (Guest page caching)
• If a session is empty (like when a user logs out), go ahead and fully expunge it
• Made some changes to R2 adapter so it could be configured for extra directories via config.php
• Added some code to work around XenForo not updating CSRF token in URLs (this bug report)...

Click to expand...

• More tuning of logic for when to do guest page caching
• Made change so other addons that are also extending the filesystem mount class are able to do so with backward compatibility
• Fixed cosmetic issue with overflow of R2 logs in overlay window
• Prevent users from using the same bucket for public and private areas (prevent users from exposing internal-data as a public bucket)
• Added note about style, language and advanced cookie consent in XF 2.2.12+ to known limitations...

Click to expand...