Tag: cloudflare – ServerOK

Apache Show Real IP Address when using CloudFlare

Posted on March 27, 2020 (March 27, 2020) by ServerOk

When using Apache web server behind cloudflare, apache logs show cloudflare IP address instead of real visitor IP address. To show actual visitor IP address, you need to install mod_cloudflare apache module. Before you can install the module, you need to install following requirments. On Debian/Ubuntu server,

apt-get install apache2-dev libtool git

1	apt-get install apache2-dev libtool git

Now install mod_cloudflare with

cd /usr/local/src
git clone https://github.com/cloudflare/mod_cloudflare.git; cd mod_cloudflare
apxs -a -i -c mod_cloudflare.c

cd /usr/local/src

git clone https://github.com/cloudflare/mod_cloudflare.git; cd mod_cloudflare

apxs -a -i -c mod_cloudflare.c

Restart apache […]

Nginx CloudFlare restore real ip

Posted on July 25, 2018 (July 25, 2018) by ServerOk

When using Nginx Behind Cloudflare, logs and web applications show cloudflare sever IP instead of visitor IP. To fix this, edit

vi /etc/nginx/nginx.conf

1	vi /etc/nginx/nginx.conf

Inside “http” section, add

set_real_ip_from 103.21.244.0/22;
set_real_ip_from 103.22.200.0/22;
set_real_ip_from 103.31.4.0/22;
set_real_ip_from 104.16.0.0/12;
set_real_ip_from 108.162.192.0/18;
set_real_ip_from 131.0.72.0/22;
set_real_ip_from 141.101.64.0/18;
set_real_ip_from 162.158.0.0/15;
set_real_ip_from 172.64.0.0/13;
set_real_ip_from 173.245.48.0/20;
set_real_ip_from 188.114.96.0/20;
set_real_ip_from 190.93.240.0/20;
set_real_ip_from 197.234.240.0/22;
set_real_ip_from 198.41.128.0/17;
set_real_ip_from 2400:cb00::/32;
set_real_ip_from 2606:4700::/32;
set_real_ip_from 2803:f800::/32;
set_real_ip_from 2405:b500::/32;
set_real_ip_from 2405:8100::/32;
set_real_ip_from 2c0f:f248::/32;
set_real_ip_from 2a06:98c0::/29;

real_ip_header CF-Connecting-IP;

set_real_ip_from 103.21.244.0/22;

set_real_ip_from 103.22.200.0/22;

set_real_ip_from 103.31.4.0/22;

set_real_ip_from 104.16.0.0/12;

set_real_ip_from 108.162.192.0/18;

set_real_ip_from 131.0.72.0/22;

set_real_ip_from 141.101.64.0/18;

set_real_ip_from 162.158.0.0/15;

set_real_ip_from 172.64.0.0/13;

set_real_ip_from 173.245.48.0/20;

set_real_ip_from 188.114.96.0/20;

set_real_ip_from 190.93.240.0/20;

set_real_ip_from 197.234.240.0/22;

set_real_ip_from 198.41.128.0/17;

set_real_ip_from 2400:cb00::/32;

set_real_ip_from 2606:4700::/32;

set_real_ip_from 2803:f800::/32;

set_real_ip_from 2405:b500::/32;

set_real_ip_from 2405:8100::/32;

set_real_ip_from 2c0f:f248::/32;

set_real_ip_from 2a06:98c0::/29;

real_ip_header CF-Connecting-IP;

You can get updated list of CloudFlare IPs from https://www.cloudflare.com/ips/ Restart Nginx with

service nginx restart

1	service nginx restart

Example Nginx Config https://gist.github.com/serverok/fef5c76bf96f8e016bf64095da4a64dc […]

CloudFlare

Posted on June 6, 2018 (March 27, 2020) by ServerOk

Cloudflare Page Rules for WordPress Apache Show Real IP Address when using CloudFlare Configure Nginx Reverse Proxy behind Cloudflare Nginx CloudFlare restore real ip […]

CloudFlare Page Rules for WordPress

Posted on June 6, 2018 (June 6, 2018) by ServerOk

Here are CloudFlare page rules for WordPress web site. yourdomain/xmlrpc.php*

Security Level = High

1	Security Level = High

yourdomain/wp-login.php*

Security Level = High
Browser Integrity Check = On

1 2	Security Level = High Browser Integrity Check = On

yourdomain/wp-admin/*

Security Level = High
Cache Level = Bypass
Disable Apps
Disable Performance

Security Level = High

Cache Level = Bypass

Disable Apps

Disable Performance

yourdomain/wp-content/uploads/*

Browser Cache TTL =  a day
Cache Level = Cache Everything
Edge Cache TTL = a month

Browser Cache TTL = a day

Cache Level = Cache Everything

Edge Cache TTL = a month

[…]