My domain has an application on heroku, which is pointed to from Cloudflare via CNAME.
The heroku log for a Cloudflare access to this app looks like this:
2018-08-22T23:15:22.877801+00:00 heroku[router]: at=info method=GET path="/mods/2807/details" host=cmx1mods.greenasjade.net request_id=fc4ccc01-782c-4683-9024-11633070d726 fwd="184.108.40.206,220.127.116.11" dyno=web.1 connect=24ms service=25ms status=200 bytes=5552 protocol=http
I can block these with the Cloudflare firewall, by blacklisting ‘18.104.22.168’ in this case.
However, I am getting these:
2018-08-22T23:24:03.161580+00:00 heroku[router]: at=info method=GET path="/sessions/new" host=cmx1mods.greenasjade.net request_id=235bcf43-aa43-4a04-91c0-d066a61e05cf fwd="22.214.171.124" dyno=web.1 connect=0ms service=11ms status=200 bytes=6264 protocol=http
It doesn’t seem to have come through Cloudflare, and blacklisting ‘126.96.36.199’ in Cloudflare doesn’t block it.
What is the deal with that - can I handle these somehow?