Contrib.social

Improve error logging and implement a whitelist/blacklist

Open on Drupal.org β†’
Created on 5 May 2023, almost 2 years ago

Problem/Motivation

I have several dozen hostnames that can be used across all my environments. My live site alone has at least half-a-dozen, from three different base domains. Some of these are proxied and some aren't. My log is littered with unnecessary "Request came through without being routed through CloudFlare" warnings, and if any of those warnings are actually legit, I can't tell, because the error message doesn't give me enough information about what triggered it.

Proposed resolution

  1. At a minimum, error messages should include the URL being accessed and the clients IP address, like you'd get with a 403 or 404 error.
  2. Allow users to specify the specific hostname(s) they want tracked. Perhaps a textarea that can be used either as a whitelist or a blacklist, which I've seen implemented in other contexts throughout Drupal's UI.
  3. Provide an option to suppress warnings for all authenticated users, so we don't have to rely on editors using an alternate hostname.

User interface changes

The attached image shows a possible UI.

✨ Feature request
Status

Active

Version

1.0

Component

User interface

Created by

πŸ‡ΊπŸ‡ΈUnited States jstoller

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Merge Requests

Comments & Activities

  • Issue created by @jstoller
  • First commit to issue fork.
  • Comment over 1 year ago β†’
    πŸ‡¬πŸ‡§United Kingdom scott_euser

    Updating title, actually going through the code there is nothing else to suppress other than bypass error logging. Will similarly make the field names and labels reflect that.

    Similarly I do not think its a huge ask for a site builder to specify the domains to restrict suppressing the error message for. Leaving blank for all means a config override can be added like the below to settings.local.php for local development for example.

    $config['cloudflare.settings']['suppress_bypass_errors'] = TRUE;

    Similarly could be wrapped in a more dynamic statement to have it bypassed on non-live hosts that automatically spin up environments like using PANTHEON_ENVIRONMENT for instance.

  • Merge request !15Add option to suppress bypass error logging β†’ (Open) created by scott_euser
  • Open in Jenkins β†’ Open on Drupal.org β†’
    Core: 10.1.4 + Environment: PHP 8.1 & MySQL 5.7
    last update over 1 year ago
    Composer require failure
  • Status changed to Needs review over 1 year ago
  • Comment over 1 year ago β†’
    πŸ‡¬πŸ‡§United Kingdom scott_euser
  • Comment over 1 year ago β†’
    πŸ‡¬πŸ‡§United Kingdom scott_euser

    Here are the form inputs shown in the attached MR. The hostnames is conditional (form #states) on the suppress checkbox being checked.

  • First commit to issue fork.
  • Pipeline finished with Failed
    11 months ago
    Total: 154s
    #171778
  • Pipeline finished with Failed
    11 months ago
    Total: 154s
    #171782
  • Pipeline finished with Failed
    11 months ago
    Total: 153s
    #171785
  • Pipeline finished with Failed
    11 months ago
    Total: 154s
    #171796
  • Comment 11 months ago β†’
    πŸ‡¬πŸ‡§United Kingdom andreastkdf

    The last commit is a re-roll for 2.0.x - merged 2.0.x and fixed conflicts. Pls ignore the other previous ones showing here, they are wrong, I've done a force reset, so the MR on git is ok and only showing my merge/fix conflicts commit.

  • Comment 16 days ago β†’
    πŸ‡¬πŸ‡§United Kingdom pasive

    As a side note to avoid other warnings the use of this MR requires a Database update and correct export of cloudflare config.
    Pay a special attention to behaviour when use config split module.

  • Pipeline finished with Failed
    15 days ago
    #453728
  • Comment 15 days ago β†’
    πŸ‡¬πŸ‡§United Kingdom scott_euser

    Thanks for your comment

    The pipeline issues are part of the main branch and unrelated to this: https://git.drupalcode.org/project/cloudflare/-/pipelines - this does not introduce new issues, so that should be resolved elsewhere.

    The fact that update hooks update config is expected, you can read more on that here: https://www.drupal.org/node/2535454 β†’

    If the issue itself is resolved for you (ie, no more flooded logs) after using the merge request, perhaps you could mark it as 'Reviewed & tested by the community' to help progress the issue.

    Thanks!

  • Comment 12 days ago β†’
    πŸ‡¬πŸ‡§United Kingdom pasive

    Done - reviewed!

    Thanks for advice.

contrib.social Blog FAQ Discussions
Production build 0.71.5 2024