# Cloudflare Setup

If you use Cloudflare in front of smoxy, there are two things you need to configure to avoid conflicts: image caching and cache invalidation.

***

### Image Optimization

When smoxy converts images to WebP or AVIF, it changes the `Content-Type` header but keeps the original file extension. Cloudflare caches based on file extension, not Content-Type — so an AVIF image may be cached under a `.jpg` extension, causing browsers to receive the wrong format.

**Fix:** Create a Cloudflare Cache Rule that bypasses cache for image files.

**Cache Rule expression:**

```
(ends_with(http.request.uri.path, ".png")) or
(ends_with(http.request.uri.path, ".jpeg")) or
(ends_with(http.request.uri.path, ".jpg")) or
(ends_with(http.request.uri.path, ".gif")) or
(ends_with(http.request.uri.path, ".webp")) or
(ends_with(http.request.uri.path, ".avif"))
```

Set the action to **Bypass Cache** for matching requests.

Additionally, if you have a Cloudflare Pro or Business plan, disable **Cloudflare Polish** (image optimization) to avoid double optimization.

***

### Cache Invalidation

smoxy uses `BAN` and `PURGE` HTTP methods to invalidate cached content. Cloudflare can interfere with these requests in two ways:

* **BAN requests** — Cloudflare's DDoS protection may block them if many are sent in a short time
* **PURGE requests** — Cloudflare blocks these entirely, and no WAF rule can override this

**Fix:** Create a subdomain with Cloudflare's proxy disabled (DNS-only mode) and send your invalidation requests through it.

#### Setup

1. In Cloudflare DNS, add a new record for a subdomain (e.g. `smoxy.example.com`)
2. Set the proxy toggle to **DNS only** (grey cloud icon) — this means Cloudflare does not proxy requests to this subdomain
3. Point the record to smoxy

#### Does the subdomain need to be configured in smoxy?

No. If your main domain (e.g. `example.com`) is already set up in smoxy and assigned to a site, all subdomains are automatically routed through the same site. The invalidation subdomain will use your existing site configuration.

#### Usage

Send your invalidation requests to the subdomain instead of the main domain:

```bash
curl -X BAN -H "secret: <token>" -H "tags: products" https://smoxy.example.com/
```

This bypasses Cloudflare entirely, so BAN and PURGE requests reach smoxy without being blocked.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.smoxy.eu/en/developer-guide/cloudflare-setup.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.