I have a Ruby on Rails app and am trying to implement Rack Attack to be able to block abusive scrapers.
To be able to do this I need the origin client’s IP address and I believe the right way to get this is using the CF_CONNECTING_IP header.
However when trying to just simply log the header to check that it exists in my production app it’s constantly not returning anything.
I am on the free version of Cloudflare and as I mentioned above this is a Ruby on Rails app as an API.
The code I currently have to try and log the header is as follows:
class Rack::Attack Rack::Attack.cache.store = ActiveSupport::Cache::MemoryStore.new class Request < ::Rack::Request def remote_ip @remote_ip ||= (env['HTTP_CF_CONNECTING_IP'] || env['action_dispatch.remote_ip'] || ip).to_s end end track('Log all requests') do |req| puts req.ip # returns an ip address puts req.env['action_dispatch.remote_ip'] # returns the same ip as req.ip puts req.env['HTTP_CF_CONNECTING_IP'] # returns nothing :( req.remote_ip end end
Any help people can provide would be much appreciated as I’m totally stumped!