Cloudflare CDN-Loop: on Origin

My mod_security is showing this happening a lot. Is there any way that I can stop this? Do I need to worry?

[13/Jan/2022:13:13:33 --0600] YeB52hXx4rkSnn6gWr1-aQAAARY 135.148.x.x 49950 [my ip] 443
–5421xxxxx-B–
GET /.env HTTP/1.1
host: mysite.com
connection: Keep-Alive
accept-encoding: gzip
cf-ipcountry: US
x-forwarded-for: 135.148.x.x
cf-ray: 6cd0f136xxxxxxxxxxx
x-forwarded-proto: https
cf-visitor: {“scheme”:“https”}
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
accept: /
cdn-loop: cloudflare

When I do a search for “cloudflare” in the mod_security log:

/usr/local/apache/logs/modsec_audit.log

CDN-Loop: cloudflare; subreqs=1
CDN-Loop: cloudflare; subreqs=1
CDN-Loop: cloudflare; subreqs=1
CDN-Loop: cloudflare; subreqs=1
CDN-Loop: cloudflare; subreqs=1
CDN-Loop: cloudflare; subreqs=1
CDN-Loop: cloudflare; subreqs=1
CDN-Loop: cloudflare; subreqs=1
CDN-Loop: cloudflare; subreqs=1
CDN-Loop: cloudflare; subreqs=1
CDN-Loop: cloudflare; subreqs=1
CDN-Loop: cloudflare; subreqs=1
CDN-Loop: cloudflare; subreqs=1

CDN-Loop is a typical Cloudflare header, nothing to worry about.

https://developers.cloudflare.com/fundamentals/get-started/http-request-headers

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.