Questions about Cloudflare and their services

Hello everyone,

I recently started using Cloudflare Pro for my personal projects and I have a couple of questions that I’m hoping someone can help me with.

  1. How can I configure CSP headers in Cloudflare to allow scripts, images, and other resources from Firebase Hosting?
  2. I have my static HTML, CSS, JS, and other files hosted by Firebase, and I’m pointing my DNS for my domain, which I’ve set up with Cloudflare, to my Firebase-hosted URL. Everything works fine, and I can access my website without any issues. However, Firebase Hosting indicates “Needs Setup” for my domain from the Firebase Console, suggesting that I stop using Cloudflare proxies and remove the DNS records that Cloudflare adds for the proxies. Why does this occur even though my website is functioning correctly, and how can I resolve this while continuing to use Cloudflare’s security features?
  3. Does Cloudflare offer a service to protect my Express.js backend server from malicious requests, DDoS attacks, and more?

Any insights or suggestions would be greatly appreciated. Thanks in advance!

Regarding the third question, could Cloudflare Spectrum be effectively utilized for a Google Compute Engine VM that is running an Express.js backend server? Given that Spectrum was primarily designed for TCP/UDP applications, would it still function optimally in this context? Specifically, the program in question hosts an HTTPS API and a WebSocket server. Would these factors influence the compatibility or performance of Spectrum in this scenario?

If this were to work, the downside is, I believe, that Spectrum only protects your apps from DDoS attacks, rather than bots, malicious requests, etc. Please correct me if I’m wrong.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.