“What’s the confusion here? This looks like a repeat of the last thread. You keep saying it’s not sending the cf-connecting-ip header, yet it’s the last line in the example you posted.”
It’s showing a Cloudflare IP address in the CF-CONNECTING-IP header. Not the connecting IP address.
I’m sorry I probably should clarify: When I say not sending the CF-CONNECTING-IP, it’s not sending the real users IP Address.
Basically $_SERVER[‘HTTP_CF_CONNECTING_IP’]; is giving me the same results as $_SERVER[‘REMOTE_ADDR’]
It’s like there are bots using Cloudflare Workers to request my website over and over.
Please help - here are examples of the difference between the requests
Here is a “bad request”
Host: www.infinitesweeps.com
X-Real-IP: 162.158.140.233
X-Forwarded-For: 104.28.92.177,104.28.92.177, 162.158.140.233
cf-ray: 8e02e4f0ea8b2588-PHX
priority: u=0, i
CF-IPCountry: US
accept-encoding: gzip, br
cdn-loop: cloudflare; loops=1
X-Forwarded-Proto: https
accept-language: en-US,en;q=0.9
CF-Visitor: {"scheme":"https"}
accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko)
CF-Connecting-IP: 104.28.92.177
Here is a good request:
Host: www.infinitesweeps.com
X-Real-IP: 162.158.140.191
X-Forwarded-For: 87.120.116.68,87.120.116.68, 162.158.140.191
cf-ray: 8e02e518ea1a0bad-PHX
CF-Connecting-IP: 87.120.116.68
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
accept-encoding: gzip, br
X-Forwarded-Proto: https
cdn-loop: cloudflare; loops=1
CF-Visitor: {"scheme":"https"}
CF-IPCountry: BG
Accept-Language: en-US,en;q=0.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
The bad headers have the wrong order for ‘accept:’ ‘user-agent’ and ‘CF-Connecting-IP’ headers and they always point back to Cloudflare IP address, not the real users IP address.
Who is the real CF-Connecting-IP ? Cloudflare can’t request pages its self?
Look at the headers… that’s everything my host receives for these requests.
Please write me a simple code on how to get the users IP address from the ‘bad request’ . The only IPS are Cloudflare.
CF-Connecting-IP: 104.28.92.177
CIDR: 104.16.0.0/12
NetName: CLOUDFLARENET
X-Forwarded-For: 104.28.92.177,104.28.92.177, 162.158.140.233
CIDR: 162.158.0.0/15
NetName: CLOUDFLARENET
The “good” requests have the users real IP address, the bad requests show Cloudflare as the users IP address.
Every 10 seconds I am getting a “bad request” to my homepage that has a CF-Connecting-IP of Cloudflare.
I don’t understand how I’m explaining this wrong.
Note to self: I put in a temporary rule to make Cloudflare a “hosting provider”.
Bump!