2022-11-27, 12:41 AM
Hello:
I am Waldo Alvarez from TradingFuturo, LLC
I finally after years dealing with the issue found the cause of mybb not working properly with cloudflare. At some point even considered dropping mybb and get another forum software. I could not stop using cloudflare since we have a very high traffic, enough to bring down servers if we stop using it.
Anyways I decided to check mybb sources since I saw a similar problem happening with another php files I wrote.
Thing is cloudflare was caching register page for downloads. And when authenticated users attempted to download attachments, were presented with cached copy of "register to download" page instead of contacting the server and download the attachment.
The solution is very simple, I manually patch mybb with every release that overwrites attachment.php
I think is time to integrate it to main source code of mybb save myself time, fix headaches to many sysadmins around the globe and help with mybb adoption
<?php
/**
* MyBB 1.8
* Copyright 2014 MyBB Group, All Rights Reserved
*
* Website: http://www.mybb.com
* License: http://www.mybb.com/about/license
*
*/
define("IN_MYBB", 1);
define('THIS_SCRIPT', 'attachment.php');
+// prevent CloudFlare caching
+header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0");
+header("Cache-Control: post-check=0, pre-check=0", false);
+header("Pragma: no-cache");
require_once "./global.php";
if you can please provide credit on next release as that will help me get more known in my sector.
Regards
I am Waldo Alvarez from TradingFuturo, LLC
I finally after years dealing with the issue found the cause of mybb not working properly with cloudflare. At some point even considered dropping mybb and get another forum software. I could not stop using cloudflare since we have a very high traffic, enough to bring down servers if we stop using it.
Anyways I decided to check mybb sources since I saw a similar problem happening with another php files I wrote.
Thing is cloudflare was caching register page for downloads. And when authenticated users attempted to download attachments, were presented with cached copy of "register to download" page instead of contacting the server and download the attachment.
The solution is very simple, I manually patch mybb with every release that overwrites attachment.php
I think is time to integrate it to main source code of mybb save myself time, fix headaches to many sysadmins around the globe and help with mybb adoption
<?php
/**
* MyBB 1.8
* Copyright 2014 MyBB Group, All Rights Reserved
*
* Website: http://www.mybb.com
* License: http://www.mybb.com/about/license
*
*/
define("IN_MYBB", 1);
define('THIS_SCRIPT', 'attachment.php');
+// prevent CloudFlare caching
+header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0");
+header("Cache-Control: post-check=0, pre-check=0", false);
+header("Pragma: no-cache");
require_once "./global.php";
if you can please provide credit on next release as that will help me get more known in my sector.
Regards