[fullcrumcake]

I actually have my tracker behind Cloudflare because it helps with routing traffic for users with IPv6. If I wanted to I could add the DDOS protection as well but I use Page rules to bypass caching and a lot of other options.

Your page rules should look like this:

Code:

http://tracker.example.com:8080/*
    Cache Level: Bypass

and

Code:

http://tracker.example.com:2052/*
    Cache Level: Bypass

First you have to look up Cloudflares supported ports, use one that works for you. There's a list here:

By default, Cloudflare proxies traffic destined for the HTTP/HTTPS ports listed below.

HTTP ports supported by Cloudflare:

Code:

 80
    8080
    8880
    2052
    2082
    2086
    2095

HTTPS ports supported by Cloudflare:

Code:

443
    2053
    2083
    2087
    2096
    8443

Then you need to put Nginx in front of your torrent tracker. For example if you use Xbt Tracker you need to use Nginx rewrite like this, in "default.conf" or whatever you'd like to name it .conf in the conf.d folder:

Code:

server {

    listen       8080;

    server_name  localhost;
      location / {
      rewrite ^(.*)$ $1?ip=$remote_addr break; 
        proxy_pass http://127.0.0.1:2052/;
        proxy_redirect     off;
        proxy_set_header   Host                  $http_host;
    proxy_set_header   X-Real-IP        $remote_addr;
    proxy_set_header   X-Forwarded-For  $remote_addr;
    access_log off;
    log_not_found off;
      }
    }

Basically you would be running your tracker from port 2052 for example and then run Nginx proxied from port 8080. And then you would insert port 8080 in your torrents.

I think that's about it, you can look up how to add more options to Nginx like the amount of workers and keep alive time.

If you don't put Nginx in front of your tracker then the tracker will get all Cloudflare ip addresses and won't be able to communicate and track properly.

Also make another file in the Nginx conf.d folder called cloudflare.conf and put the following inside, this will allow you to get the real ips:

Code:

  set_real_ip_from 103.21.244.0/22;
    set_real_ip_from 103.22.200.0/22;
    set_real_ip_from 103.31.4.0/22;
    set_real_ip_from 104.16.0.0/12;
    set_real_ip_from 108.162.192.0/18;
    set_real_ip_from 131.0.72.0/22;
    set_real_ip_from 141.101.64.0/18;
    set_real_ip_from 162.158.0.0/15;
    set_real_ip_from 172.64.0.0/13;
    set_real_ip_from 173.245.48.0/20;
    set_real_ip_from 188.114.96.0/20;
    set_real_ip_from 190.93.240.0/20;
    set_real_ip_from 197.234.240.0/22;
    set_real_ip_from 198.41.128.0/17;

    set_real_ip_from 2400:cb00::/32;
    set_real_ip_from 2405:8100::/32;
    set_real_ip_from 2405:b500::/32;
    set_real_ip_from 2606:4700::/32;
    set_real_ip_from 2803:f800::/32;
    set_real_ip_from 2c0f:f248::/32;
    set_real_ip_from 2a06:98c0::/29;

    real_ip_header CF-Connecting-IP;

Enjoy. And monitor your database for the correct Ips to make sure it's working well.