How to use Route53 NS output to set NS for Cloudflare subdomain using terraform?

I have created a Zone In AWS Route53 as following

resource "aws_route53_zone" "my-app" {   name = "$  {var.zone_name}"  } data "aws_route53_zone" "selected" {   name = "appgggghello.com." }  output "ns" {   value = "$  {data.aws_route53_zone.selected.name_servers}" } 

it will show out put as below

ns = [     ns-754.awsdns-350.net,     ns-555.awsdns-0553.org,     ns-555.awsdns-25552.co.uk,     ns-45569.awsdns-55555.com ] 

Now i have question is how can i use this NS output as input in Cloudfalre like here

resource "cloudflare_record" "aws-ns-record" {   domain = "$  {var.domain}"   name   = "appgggghello.com"   value = ["$  {data.aws_route53_zone.selected.name_servers}"]   type     = "NS"   priority = 1 } 

Within Route53 i can set NS using

records = ["$  {data.aws_route53_zone.selected.name_servers}"] 

Please let me know how can i achieve this ?

CloudFlare удаляет заголовки?

Делаю аутентификацию на Nuxt.js.

JWT токен добавляеться в headers.

А они не доходят до сервера.

В чём проблема? Может быть CloudFlare удаляет заголовки?

Запрос делаю с http://localhost на API который работает через CloudFlare.

Using Cloudflare origin certificate in google app engine

A relevant question was posted in 2016 (https://stackoverflow.com/questions/37079547/cloudflare-origin-certificate-with-google-app-engine)

The cloudflare documentation is dated Apr 2019 (https://support.cloudflare.com/hc/en-us/articles/115000479507). It says

enter image description here

but it is difficult to assert if this particular section has been reviewed recently.

I am not sure if the situation has changed since.

I decided to give it a go. Here is the screen shot of the Google App Engine interface:

enter image description here

I downloaded the origin cert and the private key. I have uploaded the cert. And then convert the key by running

openssl rsa -in priv_key.pem -out priv_key.rsa.pem 

When I hit upload I got the following error:

The certificate data is invalid. Please ensure that the private key and public certificate match

I am pretty sure they are the matching since I have just downloaded them minutes ago.

My questions are:

1) Can GAE accept Cloudflare origin certificate?

2) Did I miss any step when I prepare the origin cert for GAE?

rDNS issue in Cloudflare and AWS ec2 instance

I have installed centos7, whm/cpanel and mailwizz on amazon ec2 instance, managing DNS through cloudflare.com. Everything is fine i have issue with rDNS even i have created PTR records in Route53 and WHM. WHM still shows following issue with PTR in Email Deliverability section.

The system sends “app.mydomain.com”’s outgoing email from the “1.2.3.4” IP address. The only PTR value for this IP address must be “app.mydomain.com”. This is the name that this server sends with SMTP’s “HELO” command to send “app.mydomain.com”’s outgoing email.

1 unexpected PTR value exists for this IP address:

ec2-1-2-3-4.eu-west-2.compute.amazonaws.com 

To fix this problem, replace all PTR records for “4.3.2.1.in-addr.arpa” with the following record at “pdns1.ultradns.net”, “x1.amazonaws.com”, “x2.amazonaws.com”, “x3.amazonaws.org”, and “x4.amazonaws.org”: Suggested “PTR” (PTR) Record PTR
Name: 4.3.2.1.in-addr.arpa.
Value: app.mydomain.com.

When i run this command nc -vv localhost 25
Result: localhost [127.0.0.1] 25 (smtp) open 220-app.mydomain.com ESMTP Exim 4.91 #1 Sat, 13 Apr 2019 15:48:17 +0000 220-We do not authorize the use of this system to transport unsolicited, 220 and/or bulk e-mail.
any solution?

nginx no longer able to proxy a website that’s behind Cloudflare DDOS protection

I have a server set up with nginx that’s intended to transparently reverse-proxy a specific website that is not owned by me. Recently that website started using Cloudflare DDOS protection and I’m no longer able to access it using nginx.

From what I can tell, what’s supposed to happen is that I’ll access a page and receive a 503 from Cloudflare with its “DDOS protection” page. That page will then redirect to another URL containing encoded data, my browser receives a 302 response, and that will redirect to the page I’m trying to access.

What’s apparently going wrong though when this is proxied through my nginx server is that after the 302 direction, the page I’m trying to access will produce another 503. It will then get into an endless cycle of redirection. Apparently something that Cloudflare is trying to set up is not working, causing my browser to never get past its protection.

I’m still new to nginx and so far I haven’t figured out how to fix this.

Here is the nginx server configuration with any identifying information redacted:

server {     listen XYZ;      location / {         proxy_set_header Referer "https://target.website";         proxy_pass https://target.website/;         proxy_redirect https://target.website https://$  host:$  server_port;         proxy_set_header Accept-Encoding "";         sub_filter_once off;         sub_filter 'https://$  proxy_host' 'https://$  host:$  server_port';     } } 

Is there something I can change so that it will pass Cloudflare’s check?