Cloudflare IP changing during active session

Hey There

We have recently enabled cloudflare proxy for one of our websites using a single web server. Unfortunately we are running into a security issue on the application we are using. This seems to be due to the IP changing during the users session. for example the error triggers when it detects the users IP changing from the IP used on the initial log on page.

The setup we have is quite simple. Single IIS web server with a public IP NAT’d from our perimeter firewalls with a policy only allowing inbound traffic on 443 from Cloudflares IP Ranges: IP Ranges | Cloudflare UK. Which is what I can see changing in the logs.

I’m just wondering is this normal behaviour from cloudflare to change the inbound IP a user would be proxying from, and is there a way around this to enable longer sessions on the same IP?

I have attempted to use the session affinity on the load balancer option but unfortunately no joy here.

Any help is greatly appreciated!

Thank you

It would seem you are not rewriting IP addresses and only handle the Cloudflare proxy addresses. In that case you’ll need to check out Restoring original visitor IPs – Cloudflare Help Center and rewrite the addresses on your server level.

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.