Cloudflare CDN for HollaEx

Cloudflare provides a powerful CDN along with DNS services for your domain. While enabling the CDN, you can also get an SSL certificate from Cloudflare for free.

Applying CDN with Cloudflare can significantly boost the loading speed on your website as it uses optimized caching methods that help content and images to load faster.

Before You Get Started

DIY Operators 🧰

For On-Premise operators, please issue an SSL certificate on your server end before you go through to enable the CDN. You can issue the SSL certificate by running hollaex prod command.

Cloud Operators☁️

Please keep in mind that if you are using the Cloud, turn on the CDN proxy (the orange cloud) only after you have set your domain on the dashboard (No longer using the 'hollaex.cloud' domain supplied).

Setting Up Cloudflare

Type your domain, and click "Add Site".

Here select a plan. Fortunately, the free plan provides a decent setup to start with and you can always upgrade it later if you desire.

Cloudflare then displays the existing DNS configurations for your domain. Compare what Cloudflare has found to what is in your DNS settings and add anything it has missed (it's generally pretty good at picking up everything it needs though).

After editing the DNS records page if needed, if your domain was obtained through a provider other than Cloudflare, you will need to change these nameservers as shown in the screenshot below.

This will mean heading over to your DNS settings and finding a 'Change Nameservers' option. This will vary depending on what provider you use, so if you are struggling Google 'change nameservers <your-domain-provider>'.

Once you find how to do this for your provider, copy both the Cloudflare nameservers and swap out the old for the new.

The transfer will usually take a few minutes but it could take a few hours (up to 48 in rare cases). You will get an email notification once the transfer is completed.

One final step for better security and compatibility, after receiving this email, set the SSL/TLS encryption mode to 'Full' as you can see in the image below.

In case you have an existing SSL on your server side, the server connection will fail if you do not set this to 'Full'. For the Cloud exchanges, you should always set it to 'Full'. DIY exchanges with hollaex prod enabled should always set the option to 'Full' as well.

Once the nameservers are fully migrated and the SSL gets applied, you will be able to reach your HollaEx Kit exchange website with SSL and CDN enabled. You can confirm the status by checking the SSL certificate details on your website.

IP Logging

While Cloudflare functions as a broker between the user and your HollaEx Kit server, the Kit server could not read the user's original IP properly without adding a special configuration.

Instead of relying on a remote_addr To read the user's IP, you need to set the source of the user's IP to X-Forwarded-For HTTP header.

TL;DR

Please add a header option like the one below to your HollaEx Kit's Nginx configuration file (nginx/nginx.conf) and restart the server.

http {
  include    /etc/nginx/mime.types;
  include    /etc/nginx/proxy.conf;
  include    /etc/nginx/conf.d/upstream.conf;

  default_type application/octet-stream;
  log_format   main '$remote_addr - $remote_user [$time_local]  $status '
    '"$request" $body_bytes_sent "$http_referer" '
    '"$http_user_agent" "$http_x_forwarded_for"';

  (...)

  real_ip_header X-Forwarded-For; # The part you should add.