Question for Cloudflare users

Forums › IT Pro and developers › Question for Cloudflare users

dramatic

41 posts

Geek
+1 received by user: 5

#143341 11-Apr-2014 10:55

Is anyone using Cloudflare to limit their International traffic for a site?
We are, and while it has greatly reduced the amount of unwanted traffic from bots in (the usual suspects), we belatedly realised that it is serving New Zealand requests from Sydney. Since we are on a typical VPS with unlimited, free domestic traffic but 25GB/month International then $5/GB, this is Not a Good Thing™

We have turned on Cloudflare's location header, now we need a way to use that data to ensure that NZ requests are redirected to bypass Cloudflare. I'm thinking of an alias pointing straight to our server (like their direct. alias) but not sure how to proceed from there.
The site is Drupal 7 + CiviCRM on CentOS/Plesk

Richard

ubergeeknz

3344 posts

Uber Geek
+1 received by user: 1041

Trusted

Vocus

#1023325 11-Apr-2014 11:04

As far as I know there's no way to do this with CloudFlare. There might be other DNS services which can serve location-specific IPs for requests, but that would probably break Cloudflare given the way it operates.

freitasm

BDFL - Memuneh
80646 posts

Uber Geek
+1 received by user: 41030

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#1023334 11-Apr-2014 11:25

Correct. You can use some DNS providers to reply with specific IP addresses depending on location but that will break Cloudflare because it uses its own DNS.

Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

marpada

487 posts

Ultimate Geek
+1 received by user: 182

#1023337 11-Apr-2014 11:27

We evaluated Cloudfare but the fact that the nearest POP was in Sydney and there was no way of service the content locally from NZ users put us off, as we already use AWS Cloudfront. You may want to take a look at fastly.com instead.

freitasm

BDFL - Memuneh
80646 posts

Uber Geek
+1 received by user: 41030

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#1023339 11-Apr-2014 11:31

The OP uses Cloudflare as a way to reduce traffic impact on costs. Fastly has NZ presence but charges per request and volume, which will not meet the OP's needs.

Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

dramatic

41 posts

Geek
+1 received by user: 5

#1023388 11-Apr-2014 12:16

(second attempt at replying after my browser most thoughtfully crashed)

Cloudflare had confirmed that they can't deal with it at their end, but it should be fixable at our end with some server-fu.

As I see it:
1) NZ-based user requests www.example.co.nz - DNS is with Cloudflare.
2) If request is for a static page they have cached, they serve it, all well and good. If not cacheable, they send request to our server, complete with CF_IPCountry header.
3) Server reads that header and if it has value "NZ" responds with a 301 to nz.example.co.nz which is set up as an alias here and has a DNS record for our server's IP.

I'm guessing that step 3 should happen in .htaccess, which is where drupal does all its URL rewriting
How would I structure it to avoid loops?
Should I use 301, 302, 307 or 308 as redirection code?

Should I also put code in settings.php to change the URLs used by Drupal in links?

ubergeeknz

3344 posts

Uber Geek
+1 received by user: 1041

Trusted

Vocus

#1023426 11-Apr-2014 13:30

I'm not 100% on the implementation details but I'd say you're on the right track with that idea. Nice thinking.

Lenovo

Shop now for Lenovo laptops and other devices (affiliate link).

Zeon

3926 posts

Uber Geek
+1 received by user: 759

Trusted

#1023427 11-Apr-2014 13:31

That seems pretty expensive for your international traffic?!

Speedtest 2019-10-14

dramatic

41 posts

Geek
+1 received by user: 5

#1023428 11-Apr-2014 13:37

Net24, and I thought it was fairly typical. Although their VPS pricing is much cheaper than many NZ companies I've seen, so it might be a balance between base price and built-in.
I don't think I could face another server move at present :-)

Zeon

3926 posts

Uber Geek
+1 received by user: 759

Trusted

#1023435 11-Apr-2014 13:48

maybe you could negotiate with them? Seriously $5 per GB even for enterprise bandwidth is way too high. Should be maybe $0.50 max.

Speedtest 2019-10-14

dramatic

41 posts

Geek
+1 received by user: 5

#1027714 19-Apr-2014 14:20

Okay, an update on this.

It failed on our test site but then I realised that that is because the test site DNS bypasses Cloudflare so doesn't get the header.

I confirmed that the live site does receive the header, but my rewrite, which is

# Redirect traffic originating from NZ to NZ subdomain
RewriteCond %{HTTP:CF_IPCountry} ^NZ$ [NC]
RewriteRule ^(.*)$ http://nz.permaculture.org.nz/$1 [L,R=301]

is not having effect. Not sure whether this is because of the way Plesk handles aliases or because other parts of the Drupal .htaccess are interfering?

SteveON

1916 posts

Uber Geek
+1 received by user: 105

#1027738 19-Apr-2014 15:24

It wont work if your server is behind CF you need to implement page rules.