URL Forwarding to Facebook Page with Cloudfare DdOS Protections+

Hi folks, I need to resetup an URL forwarding of a domain of my own registered on NIC.AR and delegated here to my Facebook page using (again) the benefits of the DdOS Cloudflare protection.
I did it once, but I broke / deleted it in some way and now I settled up a simple URL forwarding HTTP 301 Permanent thru Page rules, but its no covered from DdOS protection.
Could someone of you please help me to revert the situation?
Thanks in advance for your really appreciate help.
Truly yours.

John

So basically what you want to do is, you want to redirect a URL of your domain to your Facebook page, and you want to protect your Facebook page from DDoS attacks. Is my understanding correct?

Hi, yes, is absolutely correct. I did it once, dont remember how, then I manipulated something and it didn´t works anymore.
So now I got a simple URL forwarding but I´d like to set back the previous one. without finding the way.
Im on a free plan.
Regards.

You can forward your domain URL to your Facebook page, but I think Facebook is the one responsible for DDoS protection and as a normal user, we don’t have to bother about it.

Because when Facebook got hit by a large DDoS attack, the whole Facebook system will down, not only your Facebook page. Facebook must already have its own DDoS protection in place.

I used it during a whole year with no problems at all, so FB its not the real problem.
Its me that I made some mistakes and when I tired to add more security layers I broke something.
What?
Dont know.
The fact is Im unable to revert the settings to the previous state.
If I could have access to a FTP panel maybe I could solve the situation, but on a free plane it seems to me that FTP panel control isn´t available so I should find another way.to revert back the settings.
Could you please help me?
Thanks in advance.
Regards,

Error 525

Ray ID: 5f9479045ec2613d • 2020-11-28 13:35:32 UTC

SSL handshake failed

Im having DDoS protection but some SSL settings fails

DDoS Error (SSL Handshake) Screenshot

  • iezzinformatica.com.ar is returning a high percentage of HTTP 5xx server errors Review 5xx Server Error before filing a Cloudflare Support ticket.

  • The origin web server for iezzinformatica.com.ar is responding slowly to initial requests for uncached HTML content. To remove this performance bottleneck, look at your server’s ability to return HTML faster and/or implement HTML caching in Cloudflare. You may benefit from caching static HTML and anonymous page views.

Sorry to say, but for me it seems the whole setup just makes no sense!
You use the Domain iezzinformatica.com.ar to forward to https://www.facebook.com/Informatica.IEZZI now the original site is anyway served by Facebook and NOT by CloudFlare so any DDoS attacker could just attack https://www.facebook.com/Informatica.IEZZI straight away.

Putting iezzinformatica.com.ar infornt of it, is not making it better in any way.
What would make sense?

It makes sense, to protect a site with CloudFlare that is being served from a Domain that is getting routed through CloudFlare.
But apparently facebook is not getting routed through CloudFlare and even if, you could not change it, make it better with your setup.

So for DDoS protection your setup does not make any sense. For forwarding you anyway can use Cloudflare as you do have 3 free Page-Rules, but please turn off “Under Attack” Mode as it just relly does not make any sense. Sorry to say so.

Sites hosted on FaceBook can not be “secured” by CloudFlare unless they get served by a Domain that is getting routed through Cloudflare.

Hope I could clear this out. Sorry for telling you that your setup does not make sense. But its the truth

If I missunderstood anything just explain what exacly you want.

Now you are mixing things up. Do you want to protect against DDoS or do you want to improve pageload/TTFB/performance?

Anayway, improving performance with CloudFlare also just works if you route your page through CloudFlare and not just use it as a forwarder/redirecter.

Best regards

Little tip:

Do not use a FaceBook page as a “Homepage” because I think that is what you try to do.

Normaly Facebook let you add/map your own domain to it and server your Facebook-Page through it. But again, then you dont need any DDoS-Protection from CloudFlare.

But again: I still do not really get what you want to do with Cloudflare here, as you (for now) just forward your domain to your FaceBook Page

Let me explain:
https://www.facebook.com/Informatica.IEZZI is not a page, I messed it up, its the page admin.
The page-related domain is https://www.iezzimatica.com.ar
Then, Id truly be happy to use developer tools in Facebook or websites programming but Im just an IT helpdesk guy specialized in reparing pcs/tablets/mobiles, installing and customizing Windows 10 from scratch, removing modern apps, etc.
I dont understand nothing about this whole thing, just basic notions (A, CAA, CNAME, MX, etc.); 9 months ago I settled up my iezzinformatica.com.ar domain to redirect do https://www.facebook.com/Informatica.IEZZI without using the Page rule, turning on “Under Attack” Mode, using DDoS protection but today I tried something more, enabling the options listed as follow (then disabled)::

SSL/TLS Recommender Beta
Always Use HTTPS
HTTP Strict Transport Security (HSTS)
Minimum TLS Version
Opportunistic Encryption
TLS 1.3
Automatic HTTPS Rewrites
Certificate Transparency Monitoring Beta

Once I discovered that there were some errors I disabled them all but the settings didnt reverted.ç
So I added a page rule with a permanent URL forwarding; results: the SSL handshake error.
So I runned up a CF diagnostic and the response as been ¨ The origin web server for iezzinformatica.com.ar is responding slowly to initial requests for uncached HTML content. To remove this performance bottleneck, look at your server’s ability to return HTML faster and/or implement HTML caching in Cloudflare. You may benefit from caching static HTML and anonymous page views
But these solutions dont apply to me because I cant manage the cookies or the cache in case of forwarding.
I wonder: if ¨Im under attack¨ mode worked for a 9 months period whats wrong now?
What should I do to revert the settings to the ones of 9 months ago when everything was working fine?
Thats the question.
If there´s a private messaging system I can give to someone of you my login details in order to revert the setting to the ones of 9 months ago, thats all I ask.
Im not judging if have sense or not, Im trying to give both my user and my page a more professional look from outside.
Regards.

Ok so all you want is really just a URL forwarder from:

www.iezzimatica.com.ar => www.facebook.com/Informatica.IEZZI

Congratulations. That is what is already happening. So actually you do not need to change anything!
But the CloudFlare DDoS protection is not needed here, so you can turn it off.

For me its working if I call www.iezzimatica.com.ar I get redirected to the FaceBook page.
All the other settings normally do not effect the forwarding rule, as long as you have set any IP to the domain you want to forward.

Please just try again to call www.iezzimatica.com.ar and tell me what happens for you

Or are you talking about the site (homepage) www.iezzimatica.ar (and not www.iezzimatica.com.ar)? Because you always mentioned www.iezzimatica.com.ar (with .com.ar)

If so: yes the homepage is currently not getting displayed right, becasue all the other ressources (.css & .js files) are not getting shown, because of the DDoS protection.

#EDIT: now its working again

iezzimatica.com.ar is working but is hosted in www.hostinger.com.ar,
then there is iezzinformatica.com.ar hosted directly over here which points to https://www.facebook.com/Informatica.IEZZI and thats out of service.
Both have been under DDoS protection by CloudFare since 9 months ago.
But for some reasons for the first one theres no more DDoS protection, and the second one woks no more.

Forget about www.iezzimatica.ar, Im talking about the .com.ar domains

Ok, got this.
Lets make this very short:

If you forward an URL/Domain it anyway does NOT benefit from DDoS protection. You always have to protect the source, which in this case is hosted on FaceBook, so you do not need any DDoS protection from CloudFlare. This just delays the Pageload and let your customers wait, without any benefit.

Just use your URL Forwarder and thats all Cloudflare anyway is in this case able to provide to you because you leave CloudFlare with that forward.

Strange. For me it works.

When I call:

www.iezzinformatica.com.ar I get redirected to https://www.facebook.com/Informatica.IEZZI

But the redirect it getting done for me on “HTTP” which could trigger an error for you as you have had HSTS activated and this (internally) redirects you to the HTTPS version.

Just try it on a device which you have not called the page yet, like you mobile phone.
Try to call the page (www.iezzinformatica.com.ar) with your mobilephone and see if it behaves as it should. If yes, then this most probably is becasue you turned on HTTPS and HSTS and your browser caches this internally

Yup. that seems to be the problem. Could you show (screenshot) your forwarding rule? Seems like it just forwarding the HTTP traffic, but not the HTTPS traffic

Yep, I used another browser and it worked, but:
I chosen CloudFlare not to have an URL forwarding if to have the benefits of the DDoS and Captcha protections as of many websites do.
If I used it during 9 months why cant I still use it?
If I cant I will have to move my domains to Hostinger.com.ar coz there´s no sense stand on Cloudflare without having the benefits of these protections (Clouflare is not just another Hoster).
The problem is that Hostinger offer Cloudflare but not for free and sincerely I dont wanna spend a fortune for having for X € what I may have for free (Im not dumb at all).
So, I return to the main question:
how can I setup DDoS and Captcha protections for my domains under HTTPS with or without URL forwarding thru the Page rules?
Im sure there´s a way, but Im Windows geek not a Hosting one so I need a little bit of help.
If customers have to pass for a security check thats not my concerns, me too I´ve to pass for daily captchas and security checks or DDoS protections (whatsoever do you wanna call ´em) and I should stick with ´em.
Sorry, even if I use Facebook I´d like to add these protections, coz Im the one who manage both the Facebook user and the page and FB is just an host more, yep a social media, ok, but managed by me, they only put the platform, and its not as good as it should be, IMHO (they´re focused on UX not on real functionality and they´re not open mind on what IT world offers today to the customers, making a war to the cloud services, the real IT future).
So, let´s go straight to the point: I´d like to set the above settings (domains pointing to my FB user and page, DDoS and Captcha protections by Cloudflare,).
Doamins are iezzinformatica.com.ar and iezzimatica.com.ar
In the meanwhile I´ll study or read and try to understand the Facebook domain option for developers (even if Im not).
Regards.

I’m struggling to understand why you want to apply Cloudflare protections to Facebook?
Forwarding to Facebook via your domain, sure I get it.
But why do you want to put Facbeook behind Cloudflare at all? It simply doesn’t need it.