I am running a content management system for quite a few clients.
I have a set of static sites which are edited within my CMS, that are automatically published / deployed at specific domain names per site.
I am running all the devops for this in a containerised environment, where I am basically copying the ‘working directory’ over into a production container and the site is live.
Each of these sites includes contact forms and also plugins pulling data from some APIs (think TripAdvisor, or Yelp, etc.) which communicate back to the cms root server, secured by CSRF, a CSP and CORS.
I am contemplating moving part of my infrastructure to CloudFlare, because of the load on my infrastructure from spam-bots, automated form submissions etc. becoming a bit too much for me to handle within my setup.
What I’d like to be able to do is deploy static sites to specific domain names and have (captcha verified) form submissions sent back to my CMS, where I can then handle storing this and e-mailing it to customers.
My question for you is, whether it sounds feasible for me to have a fully automated workflow, where I can push sites live (seems like workers sites might allow for this?), which include forms, which are sent to a specific origin?
I know that I will have to drop the CSRF protection, as half the point of doing this would be to leverage CF’s network for performance reasons. But assuming I created a specific end-point within my CMS to receive form submissions, would I then be able to deploy sites to CloudFlare, which then acts as a CDN, with CF workers submitting forms back to my CMS? I saw a restriction on the number of CF workers (30), even on the unlimited plan. Is that restriction enforced on a per-domain basis, or could I have a CloudFlare worker which handles hundreds of sites all with their own forms?
I am currently with a different domain registrar. Would I have to move all my DNS handling to CloudFlare? Could I also connect new domains to CloudFlare and would there be any limits on the number of domains I can connect?
- Are CF workers limited to a per-domain setup? So, if I had hundreds of websites, would I be able to use one worker to handle form submissions from all of these websites?
- Can I define CORS headers, etc. to secure requests coming from this worker?
- Will I need to move all my DNS handling to CloudFlare?
- Can I use the CF API to connect websites launched via Workers Sites to their respective domains?
- If I couldn’t use workers for this scenario, would it still be possible to deploy sites to CF Workers Sites, but include my own JS to fetch a CSRF token from origin and have that JS send the request straight back to the CMS (and therefore not really using any advanced CF worker functionality, but still having the deploy and hosting and serving up of the site handled by CF?) I could foresee issues with CORS headers here…
Thank you for any assistance.