Configure Cloudflare on PS Hosting

Prerequisites for activating the Cloudflare PS Hosting offer

The store runs on its naked domain (shop.com)

If your registrar offers CNAME flattening or ANAME, the Cloudflare PS Hosting offer is compatible with your project.

Entry A targeting an IP address will need to be modified to be replaced by an ANAME or CNAME to the appropriate target. You will need to contact the PS Hosting team to obtain the correct value and instructions.

 

If your registrar does not offer CNAME flattening or ANAME, the Cloudflare PS Hosting offer cannot be activated as is.

To do this, we recommend transferring your DNS zone (without moving the domain) to a free Cloudflare account. It's effective in less than 30 minutes, all you need to do is open a CF account and select the free offer then follow the instructions to modify the name servers on the current registrar.

Once the DNS zone is at Cloudflare it is imperative that all entries are in DNS ONLY and not in PROXY.

 

The store runs on a subdomain (shop.brand.com ou www.shop.com)

If the CNAME sent by the PS Hosting team during production is correctly configured, then the Cloudflare PS Hosting offer is compatible with this project.

Otherwise, we will provide you with the correct CNAME configuration to set up in your DNS zone.

 

Ensure the proper functioning of your external services

Once we are assured that the Cloudflare offering is compatible with your store's DNS configuration, we need to know which external services are using the site.

From the ERP which will synchronize stocks to the Colissimo web service which generates transport labels.

It is therefore very important for us to collect the following answers:

1. Do you have synchronization with an ERP, if so which one?
2. What carrier modules are installed and active on the store?
3. Do you have a SaaS search engine such as doofinder, algolia, etc.?
4. Any other external services that might want to connect to the site from outside?

These responses will be used to populate the list of services to be excluded from the security rules of our Cloudflare offer. If they are not present in our list they may be considered as illegitimate traffic (bots, etc.) and be blocked by Cloudflare.

 

What information can we whitelist?

In order of preference for our infrastructure team:

• A domain which groups together the IPs of the third-party service
• An ASN which groups the IPs of the third-party service found on https://ipinfo.io/ with one of the service IPs. If the ASN bears the name of the third-party service, there is a good chance that DB can whitelist it.
• A User Agent (e.g. VicAvailMonEU/v1.2.0)
• A subnet mask that contains all the service IPs (ex: 80.150.46.82/64)
• The path called by the service (eg: modules/payplug/confirmation)
• A list of IPs

Please note: Some external services are impossible to whitelist and our Cloudflare configuration is a generic configuration for all our customers. If you were already using Cloudflare and had specific rules, these cannot be applied in the majority of cases. You will need to contact the PS Hosting technical team to find out more depending on your needs.