Cloudflare causing logout

Permalink
I've checked all the forum posts about Cloudflare and C5, and also read this how-to:
http://www.concrete5.org/documentation/how-tos/developers/using-clo...

And I'm finding when a site using C5.6.3.1 with Cloudflare gets the admin user logged out after just a minute or two. I've tested every possible factor, such as APC enable/disable, various browsers, and the only factor that actually fixes the problem is turning off CloudFlare. I'd prefer to keep it if possible, but the site is edited on a daily basis, so turning it on and off isn't really viable.

Also I'd prefer not to setup a "direct" subdomain as recommended in the "how to" for SEO/duplicate content reasons, plus it does confuse the site editors a little.

Anyone else had the same issue and any suggested workarounds?

jb1
View Replies:
apc123 replied on at Permalink Reply
apc123
I use Cloudflare for a bunch of clients and don't have this issue, but I also use "direct" sub domains. You really don't want/need Cloudflare to cache all of the admin stuff anyway.

To handle the issue of confusing site editors you can setup a redirect for the login page to take the editors to the direct subdomain.

As for the SEO issues, I've not experienced that. Modify robots to prevent crawling and make sure that editors do not link to the direct subdomain and you should be fine.
zanedev replied on at Permalink Reply
zanedev
This is happening to us as well, before it was certain settings like rocket loader that would cause it but recently it seems to happen with cloudflare on at all. I tried disabling the minification of js/css/html and any other aggressive settings but it didn't help. I submitted a support ticket with cloudflare and I'll post back here once we figure it out.
jb1 replied on at Permalink Reply
jb1
Great, I'd love to know your solution. I still have cloud flare disabled on that site but would really like to activate it.
zanedev replied on at Permalink Reply
zanedev
will do.. for now I went with the management subdomain that goes around CF so I could leave CF on and people can keep working. seems okay so far but like you I agree that I would rather not have the subdomain for a variety of reasons.
zanedev replied on at Permalink Reply
zanedev
I was wrong on this it was the auto-minify js option in CloudFlare. mod_cloudflare is fine. the auto minification of the js option is screwing up the session somehow
jb1 replied on at Permalink Reply
jb1
Cool, thanks for that feedback. It certainly makes sense. It's been a while now, but I recall having the issue before installing the apache module. But I will give it another go anyway. But I think you're on the ball as far as the IP address in the header causing problems. Sometimes the request must be coming directly from the user and other times from the CloudFlare cache. That makes the most sense. I'll also ask my host if they can configure the module to always pass through the user's IP address, although I get the feeling it may be a structural clash between the way C5 works and Cloudflare.