Kukhonjiswa imibuzo ethegiwe: Veza yonke imibuzo

cloudifire questions

Hello, i need help with this questions for my customers. Is there someone that could indly help me? Instructions for each question: ● Assume you have access to the custom… (funda kabanzi)

Hello, i need help with this questions for my customers.

Is there someone that could indly help me?

Instructions for each question:

● Assume you have access to the customer’s DNS and Cloudflare settings

● Type your response as if you are responding over email directly to the customer

● Include your thought process behind each response

● List any tools you would use and why

Test Questions

1. Subject: TTFB higher with CloudFlare on for my site

I noticed that turning on CloudFlare results in a higher TTFB measure for my site. Why is my site slower with CloudFlare enabled?

2. Subject: CSS issue with HTTPS

After enabling CloudFlare SSL from my account, my site’s formatting and CSS is either missing or broken. What is causing this?

3. Subject:Upload content to CloudFlare

How do I go about uploading my content to CloudFlare now that I'm hosting my content with your service?

4. Subject: CloudFlare IPs

I started using CloudFlare about a week ago, and now I noticed in my AWStats all of my web traffic is showing that it's coming from CloudFlare's IPs? What gives?

5. Subject: Site down, your name servers are down

I am having trouble reaching my website http://example.com/ from different networks. Are your nameservers working properly?

6. Subject: Why is my site coming from California?!

My website is hosted in London, but looking at your IPs it shows that you are serving my website from California. Can that be right? Why is that? I thought you were supposed to serve my website from some place close to me?

7. Subject: Forbidden error

My website is showing a 403 forbidden error. Please fix this.

8. Subject: CloudFlare Nameservers

How are CloudFlare's nameservers different than the DNS provided by Google DNS or OpenDNS? Can I delegate to CloudFlare nameservers while still using my host’s DNS?

9. Subject: Content not Being Cached

After activating CloudFlare on my site, I am seeing that resources on my pages are not being cached:

curl -svo /dev/null roskolniv.us

  • Trying 104.16.27.128...

> GET / HTTP/1.1

> User-Agent: curl/7.40.0

> Host: roskolniv.us

> Accept: */*

>

< HTTP/1.1 200 OK

< Date: Mon, 22 Jun 2015 03:03:59 GMT

< Content-Type: text/html; charset=utf-8

< Transfer-Encoding: chunked

< Connection: keep-alive

< Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0

< Strict-Transport-Security: max-age=10

< X-Powered-By: Express

< Server: cloudflare-nginx

< CF-RAY: 1fa4b922fef517a4-SIN

<

{ [3507 bytes data]

Why is CloudFlare’s caching not working on my site?

10. Subject: Website is loading slow

My website has been loading slowly the past several days. I've seen slowness in Chrome and Firefox. Here is an MTR I ran from my location to my site with CloudFlare enabled:

mtr -rwc 30 roskolniv.us

Start: Mon Feb 2 14:20:02 2015

HOST: beaker.local Loss% Snt Last Avg Best Wrst StDev

1.|-- 10.25.73.1 0.0% 30 6.4 10.0 4.0 82.5 14.3

2.|-- 108.162.209.1 0.0% 30 23.4 9.6 4.5 23.4 5.2

3.|-- xe-0-4-0-7.r05.plalca01.us.bb.gin.ntt.net 10.0% 30 12.0 12.7 5.5 116.9 19.9

4.|-- ae-15.r01.snjsca04.us.bb.gin.ntt.net 10.0% 30 10.6 111.5 16.7 133.1 5.5

5.|-- xe-0-1-0-16.r01.snjsca04.us.ce.gin.ntt.net 0.0% 30 7.8 22.3 6.4 420.5 75.2

6.|-- 198.41.186.76 0.0% 30 9.3 24.3 6.6 252.1 53.8

What's going on? Is there an issue with my code, settings, and/or my server?

Asked by gabrieleitis 1 inyanga edlule

I keep getting SECURE CONNECTION FAILED trying to sign in to my GMail account.

I keep getting SECURE CONNECTION FAILED trying to sign in to my Gmail Email account. It was fine yesterday. Everything else (websites etc) I can accesson Firefox Browser.… (funda kabanzi)

I keep getting SECURE CONNECTION FAILED trying to sign in to my Gmail Email account. It was fine yesterday. Everything else (websites etc) I can accesson Firefox Browser.

HOW CAN I SORT THIS?

Asked by imagefact2014 2 izinyanga ezidlule

Last reply by Roland Tanglao 2 izinyanga ezidlule

Recent upgrades broke gmail and audio for Amazon Prime video

Recent updates are causing problmes with gmail and video sound. Using URL https://mail.google.com/mail/u/0/#inbox I keep seeing a not connected, trying again message. Cl… (funda kabanzi)

Recent updates are causing problmes with gmail and video sound.

Using URL https://mail.google.com/mail/u/0/#inbox I keep seeing a not connected, trying again message. Closed tab and opened new one with same URL and just get blank white screen. Works fine on Chrome.

Sound does not work on Youtube or Amazon Prime video sometimes. Reopen same URL in Chrome and all is good again.

BTW, it would be useful if Firefox browser upgrades could be skipped. Sometimes one needs to open a browser in a hurry but no can do because Upgrades seem they are going to upgrade, user wishes dismissed. Maybe updates would be a better word than upgrades. Not as bad a Windows but y'all don't want to be like them, do ya? They are the McDonald's of software, they sell a lot of it but it ain't very good.

Thanks for letting me whine. I will go back to my safe space now...

Asked by jvh24521 2 izinyanga ezidlule

Last reply by gumper 2 izinyanga ezidlule

  • Kusonjululiwe

DNS-to-HTTPS is causing the REMOTE_ADDR server variable to be incorrect

I am a software developer for a Human Resource Information System (HRIS) called EnterpriseAxis. My HRIS software checks the IP address of each user to determine whether o… (funda kabanzi)

I am a software developer for a Human Resource Information System (HRIS) called EnterpriseAxis. My HRIS software checks the IP address of each user to determine whether or not the user is on the company's LAN or VPN. However, there is a bug in Firefox that prevents this security feature from working.

The bug is in DNS-to-HTTPS. When this feature is enabled in Firefox, it changes the value of the REMOTE_ADDR server variable. Normally, when a VPN tunnel is active, REMOTE_ADDR contains the workstation's IP address, such as 192.168.11.6. However, when DNS-to-HTTPS is enabled, REMOTE_ADDR contains the router's WAN IP address, such as 96.91.16.207.

Please correct the issue.

Asked by John Bunch 3 izinyanga ezidlule

Answered by jscher2000 3 izinyanga ezidlule

  • Kusonjululiwe

Can't get Firefox working with custom Dns-Over-Https server

Greetings, I have a custom DoH server that I'm trying to get working with Firefox's DoH mode. Looking at the traffic, Firefox is sending an initial NS query type to the s… (funda kabanzi)

Greetings,

I have a custom DoH server that I'm trying to get working with Firefox's DoH mode. Looking at the traffic, Firefox is sending an initial NS query type to the server, and the server is sending back what looks like a valid response in Wireshark, but Firefox seems to give up on sending further DoH queries after this.

Is there a debug mode I can enable in Firefox to glean what about the response it doesn't like? I couldn't find any console in the Web Developer tools to display diagnostics on the DoH handshaking.

Thanks, Ryan

Asked by Ryan 3 izinyanga ezidlule

Answered by Ryan 3 izinyanga ezidlule

Can DNS over HTTPS settings be fixed to provide support for authentication via client certificates?

DoH is being configured by default in the US in the near future. While a great tool, I believe the companies can benefit as well. Most users have laptops. Laptops leave t… (funda kabanzi)

DoH is being configured by default in the US in the near future. While a great tool, I believe the companies can benefit as well. Most users have laptops. Laptops leave the confines of the office regularly. Why not have laptops configured so that they point to a companies DNS infrastructure when not in the office? The benefit would be that any filtering/monitoring being done via DNS no longer is limited to when devices are on the company network!

This would require companies exposing DNS to the internet which is considered a bad idea. DNS will expose internal secrets and let the bad guys probe the architecture of the network for information they can use later. Adding authentication to the DoH solution would allow companies to leverage their internal certificate infrastructure and already deployed client certificates to protect that DNS information.

TLS mutual auth via client certificates is part of the SSL/TLS protocol already in use by DoH and there is nothing in the RFC to prevent this from being a possibility.

Is this something that can be added to the roadmap (or is it already on the roadmap)?

Thanks!

Asked by Scott S 5 izinyanga ezidlule

Last reply by Scott S 5 izinyanga ezidlule

  • Kusonjululiwe

Many sites not loading due to PR_END_OF_FILE_ERROR

For some time now - two or three weeks - I experience R_END_OF_FILE_ERROR on many websites. It is only under Firefox. And not on all sites. One example is coronavirus.bg.… (funda kabanzi)

For some time now - two or three weeks - I experience R_END_OF_FILE_ERROR on many websites. It is only under Firefox. And not on all sites. One example is coronavirus.bg. I can't open it under Firefox. I use Firefox v.75 on Windows 7. I tried:

  • checking TLS settings - screenshot attached. Seems fine.
  • clearing the cache; didn't help.
  • turning network.dns.disableIPv6 to 'true'; didn't help.
  • turning network.dns.disablePrefetch to 'true'; didn't help.
  • restarting Firefox with add-ons disabled; didn't help.
  • scanning for malware; Malwarebytes didn't find any.

I am also attaching my browser test results from ssllabs.com.

I honestly don't know what to do and what is the issue. Please advise.

Asked by radi.stoyanov 4 izinyanga ezidlule

Answered by radi.stoyanov 4 izinyanga ezidlule

  • Kusonjululiwe

Does Firefox + Cloudflare DNS over HTTPS block queries to known malicious sites?

Does Firefox + Cloudflare DNS over HTTPS block queries to known malicious sites like OpenDNS. I use OpenDNS at home to automatically block queries to known malicious sit… (funda kabanzi)

Does Firefox + Cloudflare DNS over HTTPS block queries to known malicious sites like OpenDNS. I use OpenDNS at home to automatically block queries to known malicious sites. Using Firefox DoH bypasses this. Am I faced with privacy versus security or does Cloudflare service also prevent access to malicious sites? Thank you.

Asked by miwiinga 4 izinyanga ezidlule

Answered by philipp 4 izinyanga ezidlule

  • Kusonjululiwe

Configured DNS over HTTPS, but DNS is still coming from my ISP

I have configured Firefox (version 74.0 for Mac) for DNS over HTTPS with Cloudflare (see image 1). But if I enter a domain that does not exist, I get a branded page from … (funda kabanzi)

I have configured Firefox (version 74.0 for Mac) for DNS over HTTPS with Cloudflare (see image 1). But if I enter a domain that does not exist, I get a branded page from my ISP, Verizon, that says the domain does not exist (see image 2). So apparently Verizon is still responding to my DNS requests, not Cloudflare over HTTPS. Any idea what's up? Thanks.

Asked by crismerritt 4 izinyanga ezidlule

Answered by TyDraniu 4 izinyanga ezidlule

  • Kusonjululiwe

Firefox refuses to allow me to connect to my centurylink.net email page

before the most recent update I have no trouble connecting to my centurylink.net email.....and now after the update I get this message: Secure Connection Failed An error … (funda kabanzi)

before the most recent update I have no trouble connecting to my centurylink.net email.....and now after the update I get this message:

Secure Connection Failed

An error occurred during a connection to webmail.centurylink.net. PR_CONNECT_RESET_ERROR

   The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
   Please contact the website owners to inform them of this problem.

Nothing I do will allow it to connect. yet it seems to work fine in chrome or internet explorer, just not firefox.

Asked by draculas.tomb 5 izinyanga ezidlule

Answered by jscher2000 5 izinyanga ezidlule

Verizon page result from DNS over HTTPS with bad domain name?

I have DNS over HTTPS enabled to Cloudflare (also tried using Custom 1.1.1.1 version) Have noticed over the last few days that a bad domain name will take me to a searcha… (funda kabanzi)

I have DNS over HTTPS enabled to Cloudflare (also tried using Custom 1.1.1.1 version) Have noticed over the last few days that a bad domain name will take me to a searchassist.verizon.com page.

Asked by SteveBresson 5 izinyanga ezidlule

Last reply by user1321319 5 izinyanga ezidlule

Enable ESNI without DoH?

I'd like to enable ESNI. However, I can't seem to do this without enabling DoH on FireFox, which bypasses my DNS filter at home (which also uses DoH). Is there any way I … (funda kabanzi)

I'd like to enable ESNI. However, I can't seem to do this without enabling DoH on FireFox, which bypasses my DNS filter at home (which also uses DoH). Is there any way I can get ESNI enabled without DoH on FireFox? Thanks!

Asked by S 5 izinyanga ezidlule

Last reply by RobertJ 5 izinyanga ezidlule

  • Kusonjululiwe

Why is DNS-over-HTTPs not being disabled when I have the canary domain set to return status NXDOMAIN?

I'm trying to disable DNS-over-HTTPs on my home network so my Pi Hole acts as my DNS server for Firefox while at home. I've configured it to treat the canary domain use-a… (funda kabanzi)

I'm trying to disable DNS-over-HTTPs on my home network so my Pi Hole acts as my DNS server for Firefox while at home. I've configured it to treat the canary domain use-application-dns.net as if it doesn't exist. If I try to open that site in a different browser it says the server can't be found, and if I do a DNS lookup for it it confirms that my system gets NXDOMAIN for that domain name:

$ host -t ns use-application-dns.net

Host use-application-dns.net not found: 3(NXDOMAIN)

However Firefox continues to use DNS-over-HTTPs. Is there somewhere to find a log that shows when Firefox looks up that hostname to see if it's actually performing the check?

Environment:

Firefox 73.0 64-bit

macOS 10.15.3

Asked by trolley 6 izinyanga ezidlule

Answered by trolley 5 izinyanga ezidlule