We have recently enabled cloudflare proxy for one of our websites using a single web server. Unfortunately we are running into a security issue on the application we are using. This seems to be due to the IP changing during the users session. for example the error triggers when it detects the users IP changing from the IP used on the initial log on page.
The setup we have is quite simple. Single IIS web server with a public IP NAT’d from our perimeter firewalls with a policy only allowing inbound traffic on 443 from Cloudflares IP Ranges: IP Ranges | Cloudflare UK. Which is what I can see changing in the logs.
I’m just wondering is this normal behaviour from cloudflare to change the inbound IP a user would be proxying from, and is there a way around this to enable longer sessions on the same IP?
I have attempted to use the session affinity on the load balancer option but unfortunately no joy here.
Any help is greatly appreciated!