I set up a wordpress blog, because cloudflare is slow in mainland China, so I bought a US CN2 vps as a blog proxy (using nginx, put it in front of cloudflare), and use dns smart analysis to resolve the traffic from mainland China to CN2 vps, which will be excluded The access from outside mainland China resolves to cloudflare. The problem we are encountering now is: China mainland visits blogs (CN2 vps), and cloudflare traffic statistics show that it is US IP access (the address is CN2 vps IP). I am worried about network attacks. I have searched many places on the Internet and tried many methods to pass the IP of users visiting from Mainland China to cloudflare.
Network link diagram:
If I want to use cloudflare as a firewall to prevent my blog from being attacked by the Internet, I need to pass the guest IP to cloudflare.
In Mainland China: ①Visitors (IP: 112.37.X.X)–>②CN2 VPS (IP: 104.224.X.X)–>③Cloudflare (getting the IP of ②, not the ip of ①)–>④Wordpress
Cloudflare is required to obtain the IP of ①.
In non-Mainland China: ⑪Visit -->⑫cloudflare–>⑬wordpress, you can get the visitor IP normally.
②Nginx configuration code:
return 301 https://$host$request_uri;