For starters, dbFront works very well when running behind Cloudflare. The dbFront demo site (https://demo.dbFront.com) is protected by Cloudflare and it doubles as our final test server so we regularly validate that things are working as they should.
There are two known issues when running behind Cloudflare:
- SSL/TLS Encryption mode at Cloudflare is set to "Flexible"
- Speed / Optimization / Auto Minify is enabled for CSS files
1. SSL/TLS Encryption mode at Cloudflare is set to "Flexible"
With the encryption mode set to "Flexible", the client uses HTTPS but the webserver sees HTTP.
Specifically, the "Flexible" encryption mode becomes a problem when setting up Single-Sign-on on Azure. Azure requires an HTTPS return Url but dbFront will specify HTTP because its connection is not encrypted. Azure will reject the return Url and block the authentication attempt. The solution is to install an SSL certificate and switch the encryption mode to "Full".
2. Speed / Optimization / Auto Minify is enabled for CSS files
dbFront uses custom comments in the CSS files that are processed at the client side to enable dynamic CSS processing. One area where this is noticeable is with the Sidebar Help that appears at the right-hand side if requested.
If Auto Minify is enabled for CSS, then Cloudflare will strip the comments from the CSS files and break the Sidebar Help. Other areas of dbFront can be affected as well.
