Hello,
I’m hosting ERPNext on a DigitalOcean droplet and using Cloudflare for DNS and security. When I enable Cloudflare’s proxy, Socket.IO stops working, but switching to “DNS only” resolves the issue, which disables Cloudflare’s firewall and security features.
Is there a way to keep Cloudflare’s proxy enabled while ensuring Socket.IO works without compromising security? Any help would be greatly appreciated!
Thank you!
I have the same issue. I also noticed that sites hosted on Frappe Cloud don’t have it.
If you ever found a solution, please post it here.
In my environment things work best when I provide the upstream proxy server’s IP address in Frappe’s Nginx config. This becomes impractical when using Cloudflare (disrupting source IPs is part of Cloudflare’s security model).
I’m not sure if this is related, just throwing out there.
Issue Resolution:
The issue was caused by an IP restriction that blocked certain countries. To fix this, we should exclude the server’s IP address from the block rule in the firewall. This will allow the server to bypass the restriction and resolve the issue.
(http.host eq "erp.example.app" and ip.src.country ne "US" and ip.src ne 000.00.00.000)