Cant Unpause Cloudflare

i put this code below

Deny access to all IP addresses

Order Deny,Allow
Deny from all

Allow access only to specific IP ranges

Allow from 173.245.48.0/20
Allow from 103.21.244.0/22
Allow from 103.22.200.0/22
Allow from 103.31.4.0/22
Allow from 141.101.64.0/18
Allow from 108.162.192.0/18
Allow from 190.93.240.0/20
Allow from 188.114.96.0/20
Allow from 197.234.240.0/22
Allow from 198.41.128.0/17
Allow from 162.158.0.0/15
Allow from 104.16.0.0/13
Allow from 104.24.0.0/14
Allow from 172.64.0.0/13
Allow from 131.0.72.0/22
Allow from 2400:cb00::/32
Allow from 2606:4700::/32
Allow from 2803:f800::/32
Allow from 2405:b500::/32
Allow from 2405:8100::/32
Allow from 2a06:98c0::/29
Allow from 2c0f:f248::/32

into my .htaccess file so that even if my origin server ip gets leaked i will only allow request from cloudflare so to try this i paused cloudflare on my site and got a 403 which is good i want it to only be able to accept cloudflare requests but now i have unpaused cloudflare and i am still getting a 403 which is bad because the origin server should accept clouldflare request from their ip ranges listed above so help me what can i do, and yes i have purged the cache on browser and cloudflare multiple times

I think you should be using Order Allow, Deny otherwise Deny rules are used first, and you are Denying all.

Also, if you are restoring visitors IPs then Apache will be using the client IP addresses, not the Cloudflare proxy ones…

The best way to achieve this is to allow only port 443 (and port 80 if needed) traffic through your firewall from the Cloudflare IPs. If you can’t do this as you can only do things in your Apache configuration, use Authenticated Origin Pull instead…

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.