|
#11
|
||||
|
||||
This is what you do m8
create a subdomain and use it for your announce URL and have you site url on CloudFlare... Problem solved :)
__________________
Please Support Majority Report You can contact me on Skype live:phesadent.elect but please let me know first. If you are ever need me desperately then please email me at dan.oak44@gmail.com and I will contact u within a week. Due to free time I'm able to help interested member's with their tracker. Please Note! Depending on your requests I will charge you for my assistance for Tracker installs and mods. All my mods are custom and prices will very depending on the request. I'm able to install any tracker and mods including themes. Please PM me |
#12
|
||||
|
||||
you think it will solve the solution you think ddosers are n00bs
|
#13
|
|||
|
|||
Quote:
http://website.com/announce.php I don't know what is thi port ? and i can't find its port forward option in CF |
#14
|
|||
|
|||
if you use PHP announce what do you think the port is?
__________________
Need HELP!? I can install:
|
#15
|
|||
|
|||
XBT tracker on cloudflare using Nginx to help
I actually have my tracker behind Cloudflare because it helps with routing traffic for users with IPv6. If I wanted to I could add the DDOS protection as well but I use Page rules to bypass caching and a lot of other options.
Your page rules should look like this: Code:
http://tracker.example.com:8080/* Cache Level: Bypass Code:
http://tracker.example.com:2052/* Cache Level: Bypass First you have to look up Cloudflares supported ports, use one that works for you. There's a list here: By default, Cloudflare proxies traffic destined for the HTTP/HTTPS ports listed below. HTTP ports supported by Cloudflare: Code:
80 8080 8880 2052 2082 2086 2095 Code:
443 2053 2083 2087 2096 8443 Code:
server { listen 8080; server_name localhost; location / { rewrite ^(.*)$ $1?ip=$remote_addr break; proxy_pass http://127.0.0.1:2052/; proxy_redirect off; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $remote_addr; access_log off; log_not_found off; } } I think that's about it, you can look up how to add more options to Nginx like the amount of workers and keep alive time. If you don't put Nginx in front of your tracker then the tracker will get all Cloudflare ip addresses and won't be able to communicate and track properly. Also make another file in the Nginx conf.d folder called cloudflare.conf and put the following inside, this will allow you to get the real ips: Code:
set_real_ip_from 103.21.244.0/22; set_real_ip_from 103.22.200.0/22; set_real_ip_from 103.31.4.0/22; set_real_ip_from 104.16.0.0/12; set_real_ip_from 108.162.192.0/18; set_real_ip_from 131.0.72.0/22; set_real_ip_from 141.101.64.0/18; set_real_ip_from 162.158.0.0/15; set_real_ip_from 172.64.0.0/13; set_real_ip_from 173.245.48.0/20; set_real_ip_from 188.114.96.0/20; set_real_ip_from 190.93.240.0/20; set_real_ip_from 197.234.240.0/22; set_real_ip_from 198.41.128.0/17; set_real_ip_from 2400:cb00::/32; set_real_ip_from 2405:8100::/32; set_real_ip_from 2405:b500::/32; set_real_ip_from 2606:4700::/32; set_real_ip_from 2803:f800::/32; set_real_ip_from 2c0f:f248::/32; set_real_ip_from 2a06:98c0::/29; real_ip_header CF-Connecting-IP; Enjoy. And monitor your database for the correct Ips to make sure it's working well. Last edited by fullcrumcake; 23rd March 2020 at 20:57. |
#16
|
|||
|
|||
SSL
Code:
#Tracker server { listen 2083 ssl; ssl_certificate /etc/letsencrypt/live/mysite.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/mysite.com/privkey.pem; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS; server_name localhost; location / { rewrite ^(.*)$ $1?ip=$remote_addr break; proxy_pass http://127.0.0.1:8080/; proxy_redirect off; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $remote_addr; access_log off; log_not_found off; } } Code:
<VirtualHost *:444> <Location /> ProxyPreserveHost On ProxyPass http://mysite.xyz:2710/ retry=0 ProxyPassReverse http://mysite.xyz:2710/ </Location> SSLEngine On SSLCertificateFile /etc/letsencrypt/live/mysite.xyz/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/mysite.xyz/privkey.pem Include /etc/letsencrypt/options-ssl-apache.conf </VirtualHost> Has anyone been able to do this? Last edited by Thor; 1st April 2020 at 14:16. Reason: Don’t unnecessarily quote posts directly above your own |
#17
|
|||
|
|||
YMMV
Try this, it works with proxying xbt, but not tested with cloudflare: Code:
location ~ ^/(.*?)/announce$ { proxy_pass http://127.0.0.1:2710/$1/announce$is_args$args&ip=$remote_addr; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Host $remote_addr; proxy_pass_header Content-Type; proxy_pass_header Content-Disposition; proxy_pass_header Content-Length; proxy_buffering off; proxy_buffer_size 128k; proxy_busy_buffers_size 256k; proxy_buffers 4 256k; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $http_connection; real_ip_recursive on; } Last edited by darkalchemy; 1st April 2020 at 16:39. Reason: this is for xbt |
#18
|
|||
|
|||
Quote:
I know this looks simple but that's all that's needed, trust me I've looked at what it does in the Xbt Tracker Access logs: Code:
server { listen 8080; server_name localhost; location / { rewrite ^(.*)$ $1?ip=$remote_addr break; proxy_pass http://127.0.0.1:2052/; proxy_redirect off; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $remote_addr; access_log off; log_not_found off; } } Code:
servertime (actual ip that's shown) = 127.0.0.1 (otherinfohere) GET /users-passkey/announce?ip=users-ip-address-here&info_hash=users-hash-info&peer_id=-UT2210-&port=users-port-95865786767695&uploaded=0&downloaded=0&left=0&corrupt=0&key=59845y9ty8945y88&event=started&numwant=200&compact=1&no_peer_id=1&ipv6=users-ip-address-here HTTP/1.1 |
#19
|
|||
|
|||
Why wouldn't I use the code I posted? I'm using it and it works as expected. My code proxies external https to internal http, so all external traffic is secure. Yours is http to http and it does not do the same thing.
Also, as posted by the author of xbt_tracker not all torrent clients include the ip address in the query string, my code adds it to the proxied url just in case it isn't already there. And, I have logged the announce also, it looks like this Code:
1589673357 127.0.0.1 37032 GET /blahblahblah/announce?info_hash=blahblahblah&peer_id=-qB4030-xRH7k*70(3me&port=8999&uploaded=0&downloaded=0&left=0&corrupt=0&key=6E012D46&event=stopped&numwant=0&compact=1&no_peer_id=1&supportcrypto=1&redundant=0&ip=ipaddress HTTP/1.0 I have no issue with saying your code works, but I do have an issue with you saying mine does not. In my searches, neither method (proxy_pass, rewrite) is recommended over the other, so it comes down to what you prefer. I could not find any evidence that one is faster than the other. |
#20
|
||||
|
||||
Trouble getting the real IP to XBT once proxied with NGINX
Quote:
I've been successfully using XBT on my HTTPS Apache powered site for about a year now but only running HTTP on the tracker. Decided to finally attempt securing my tracker and do have client connections working but no matter which NGINX config I try XBT still keeps getting 127.0.0.1 on all client IPs seen from my XBT debug page. Any ideas on what I'm doing wrong? My NGINX config is below. Thanks Code:
# START REV-PROXY CONF server { listen 8443 ssl http2; server_name tracker.example.com; ssl_certificate /etc/letsencrypt/live/tracker.example.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/tracker.example.com/privkey.pem; ssl_trusted_certificate /etc/letsencrypt/live/tracker.example.com/chain.pem; include snippets/ssl.conf; location / { rewrite ^(.*)$ $1?ip=$remote_addr break; proxy_pass http://127.0.0.1:4000/; proxy_redirect off; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $remote_addr; access_log off; log_not_found off; } } # END REV-PROXY CONF IPv4 IPv6 Port UID Seeder Modified Peer ID 127.0.0.1:: 51159 398 0 12.1 minutes 127.0.0.1:: 20035 28 1 28.0 seconds Any and all help anyone can provide is greatly appreciated. Thanks again. |
Tags |
cloudflare , tracker , xbt |
Thread Tools | |
|
|