Cloudflare changes users IP-Address therefore allow/deny ip address not working in NGINX

Website, Application, Performance Security
1

This is my configuration, for my staging environment, I always get access denied because Cloudflare changes the user ip addresses , How can limit access to staging environment while using Cloudflare free edition?

    listen        80;
    server_name   staging.example.com *.staging.example.com;
    location / {
        proxy_pass         http://localhost:5001/;
        proxy_http_version 1.1;
        proxy_set_header   Upgrade $http_upgrade;
        proxy_set_header   Connection keep-alive;
        proxy_set_header   Host $host;
        proxy_cache_bypass $http_upgrade;
        proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header   X-Forwarded-Proto $scheme;
        allow 185.108.83.160; #Allow a single remote host
        deny all; #Deny everyone else
    }
}
2

As https://community.cloudflare.com/t/please-read-me-first-what-to-include-in-your-post/103270 points out you should actually use the search.

If you had done so, you’d have noticed that you are supposed to rewrite the IP addresses

https://support.cloudflare.com/hc/en-us/articles/200170786-Restoring-original-visitor-IPs-Logging-visitor-IP-addresses-with-mod-cloudflare-#12345681

1 Like
3

Thank you for your kind answer,
But I don’t want to just log the user ip address like the link you attached suggested, I am having a problem that I cannot user allow/deny because CloudFlare changes the ip addresses.

4

It is the same thing. You need to rewrite the IP addresses.

1 Like
5

This topic was automatically closed after 30 days. New replies are no longer allowed.