I am configuring a docker setup where it does
nginx with mod security and ssl > proxy pass > nginx with http only and content
It takes over 20s to load and I’m not sure why.
For some reason ipv4 doesnt properly seem to be working but ipv6 does.
This only happens on this domain so my guess is a misconfiguration of docker.
Anyhow, the requests arrive timely if sent from LAN or direct IP so it must be an issue with cloudflare and timeouts somehow?
Anything that could help where to start debugging would help.
Update:
I tried messing around with nginx for naught.
I then paused cloudflare temporarily and other than HSTS being broken (normal) it instantly arrived at the server (I got a 400 due to client certificates being on).
As such I’m somehow sure that it’s some issue between cloudflare and my origin somehow
May I ask if Cloudflare IPs are allowed and no firewall blocking or restrictions?
Just in case, make sure to return the real visitor IP in the log files so modsecurity wouldn’t think it’s an attack comming from the same Cloudflare IPs:
Thank you for the reply.
I’m using docker and ufw (with the ufe-docker rules) but everything seems properly open. The weird thing is they do connect, it just takes a long time.
For now I’ve turned on cache for everything and that mitigates it.
On the second point,you’re right, I’ll indeed implement this to avoid accidentally making a DoS.
I will possibly be migrating the hosting to elsewhere and hopefully that will fix it somehow.
