Hi community, I truly hope all here are well and staying safe. I’m new to the community as well as Cloudflare. I would like to know if I should be allowing Cloudflare to login (access) to my website? The reason I ask is I am using a security app that is blocking and locking out the Cloudflare IP’s. Question should the Cloudflare IP’s be whitelisted to my Wordpress admin and website to work properly? Any help from the community will be greatly appreciated!
Thanks
Tony
It sounds like your server isn’t restoring Visitor IP addresses. That makes it difficult to effectively block by IP address.
Hi sdayman, thank you for your response to my query, it’s the Wordpress security plugin I’m using that seems to be blocking Cloudflare IP’s. Are you saying that the IP’s being blocked are originally a different IP? If that’s the case should I find a way to install mod_cludflare for my WordPress site? Any advice?
Without something like mod_cloudflare, your plugin won’t see the user’s actual IP address in order to block it, so it blocks Cloudflare instead.
I use Wordfence, and it can parse out the user’s IP address from the Cloudflare headers for blocking.
Some hosts already have something like mod_cloudflare installed, but it sounds like your host doesn’t. You’d have to ask them if they have a way to restore IP addresses from proxy headers.
So if I just go on and install mod_cloudflare do you think that update would break anything? I’m using the WP Cerber Security 8.5.9.
Do you know of any WP plugins that will apply mod_cloudflare? If I use a plugin will I have to remove other security plugins and cache plugins?
No, restoring IP addresses has to be done at the server level. More complex plugins can look at HTTP headers as part of their functionality.
One more question for today Where can I find out how to do the mod_cloudflare install on my cPanel? Thanks again for your help!
mod_cloudflare is an Apache module that has to be installed by the web host. cPanel doesn’t have that type of access.
Okay sdayman Thanks for everything I’ll contact my WHP and put in a request.
For a Wordpress plugin use this Cloudflare – WordPress plugin | WordPress.org But beware I think the developer is awol and it has some problems that isn’t fixed from what I’m reading you should read up on it.
I use Mod_Cloudflare on my Hosting Server.
Mitch
Thank you very much Mitch, I put in the request to have Mod_Cloudfare installed by my web host provider. Question if it is installed will I still need the Cloudflare plugin?
No once Mod_cloudflare is install you should not need it
Mitch
The Cloudflare plugin is completely different from mod_cloudflare. mod_cloudflare is for restoring visitor IP address from the header. The plugin interfaces with your Cloudflare Dashboard to control some settings, and a couple of WordPress-specific features as well.
Thank you guys for all your help. It’s cleared up a few things regarding Mod_Cloudflare for me. Good looking out!
This topic was automatically closed after 14 days. New replies are no longer allowed.