Managing Your Domain with CloudFlare

CloudFlare Setup

CloudFlare is a free DNS service that not only allows you to control DNS records, but also speeds up your website by caching it on various servers around the globe, hides your IP address, keeps site online even if your server isn't, protects against various threats including DDoS and provides unique analytics tools.

Sign up, in your home screen enter domain name and press 'Add Website'. Edit few A records with your IP address and toggle orange cloud on your domain name and 'www'. If you have only one IP address at your disposal, Zone File should look similar to this. Next, choose your security settings and finally redirect your name servers in your domain registrar to CloudFlare. That's about it, you can check some of the security or performance options in 'CloudFlare settings' page.

Resolve Real IP addresses in Apache Logs

Since CloudFlare is essentially a proxy for your website, IP addresses that appear in apache.log belong to CloudFlare servers. To log visitors' real addresses you need one simple mod for Apache. First, install few dependencies:

Then, download 'mod_cloudflare' source:

Now, just install the mod with:

It should enable automatically, if not, run:

Updating DNS Records with Dynamic IP Address

Most ISPs distribute their IP addresses to home users dynamically, so it changes from time to time and reaching your private server can sometimes be impossible. You can create an automated script to modify DNS records if your IP address changes. Before we start, backup your DNS record information, just in case. Go to DNS, click advanced, and export. Since this script contains sensitive information, I would suggest to do this as root user, or when you done setting up the script, modify permissions for script and log files to keep it away from other users. Let's start by creating a few log files:

Get your CloudFlare API token by going to account settings, and viewing your 'Global API Key'. Next, create script file and set permissions:

Download the script or paste the following:

You only need to change 'user variables' to make this script work, and in this case 'ip.mydomain.com' refers to address you want to use to connect to your server from outside. If there are errors, look for "message" field value in the output, usually they are quite informative. Example:

Visit CloudFlare Documentation on API for some more details.

Next, you can set up email alert system with nice little tool 'ssmtp'.

You can find how to quickly configure it here and here. Since I have my own email server, configuration looks something like this:

Save, exit and add the following line in the cloudflare.sh script just before the 'exit 1':

Fill in your email addresses, save and exit.

If your script is working correctly, then it's time to add a cronjob:

Paste:

Save and exit. It will run the script every 20 minutes. You can modify the timer depending on your needs, but keep it reasonable.

References