I have a website which requires user logins.
The logins are authenticated using APIs which I have created on a different domain.
Now, in the settings.json file for the website, only IP addresses for my webserver are allowed.
This was working totally fine, until I hosted my website DNS on Cloudflare.
However, this again works fine when , I turn off the proxy status for the domain where the API is hosted.
Looks like this is happening because of only certain IP addresses allowed from my website and not the Cloudflare. Is there any easy way of doing this rather than going and allowlisting all the Cloudflare IP addresses on my website and allow them ?
Are you restoring visitor IP?
If not, here's how to
Since Cloudflare acts as a reverse proxy, when it’s configured as expected, all connections to your origin webserver come from Cloudflare’s IP addresses, and that may or may not be a problem for you:
- If your web application is using the originating IP of the visitor as part of its logic, it will now use a Cloudflare IP address
- If you use the content of your access logs, they now contain a Cloudflare IP address as the $remote_addr
Depending on your setup, you can restore the visitor IPs in a number of ways. You can find a complete list here, or below are a few of the most popular:
Thanks for Replying,
I am not restoring Visitors IP. Actually The API is on domain 1 on same webserver and the website is on domain 2 on the same webserver. But because I have now place Cloudflare, my website is getting the request from Cloudflare IP address and thus rejecting it
If you restore the original visitor ip, that may address the issue.
Thanks. I found this LINK
(https://developers.cloudflare.com/support/troubleshooting/restoring-visitor-ips/restoring-original-visitor-ips/#JUxJSMn3Ht5c5yq) but looks bit complicated
Can this be done on cloudflare, rather than changin things on my IIS webserver
It cannot. You need to configure that your web server. It’s really easy on Apache. It doesn’t look to be any more complicated on current versions of IIS.
I configured the ISS but still not restoring the original visitor IP address, Do I need to do something else as well ? in my website ?
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.