When will known issues with Sucuri be addressed?

When will Cloudflare update to address these known issues with Sucuri? Support for CloudFlare | Sucuri Docs

Cloudflare really isn’t a CDN, so I don’t know why Sucuri classifies Cloudflare like that when Cloudflare also offers WAF and DDoS protection. Which makes me wonder why you need double WAF and double DDoS protection.

But to answer your question:

  1. IP address. This will never happen. If requests are going to come through Cloudflare, then there’s no way around the fact that Sucuri will only see connections from Cloudflare IP addresses.
  2. Let’s Encrypt SSL. Sucuri will let you upload your own cert, which you can get from Cloudflare:

https://developers.cloudflare.com/ssl/origin-configuration/origin-ca

Or…ask Sucuri when they’ll address their known issues with Cloudflare.

  1. They can pull IP addresses from the cf-connecting-ip header
  2. They can use Let’s Encrypt’s DNS-01 with an API call to Cloudflare
2 Likes

Not sure on Cloudflare’s management direction. But as an end user, my advice is just fully switch from Sucuri to Cloudflare for all CDN/Firewall/WAF/Security protection and optimisations. In the long run you’re better off.

I used Sucuri for 7+ yrs and Incapsula Business plans for 7+ yrs as CDN/Firewall/WAF and at same time had some sites on Cloudflare (using CF for 10+ yrs) and eventually came to realise Sucuri and Incapsula were more limited especially at CDN cache control level when compared to Cloudflare. So ended up moving all sites to Cloudflare free, pro, business and enterprise plans now (biz/ent part of being CF MVP).

If you’re just unfamiliar with Cloudflare. Try moving a separate test domain over to Cloudflare and learn the ropes before moving your main Sucuri protected sites over.

4 Likes

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.