Cloudflare IP in Apache logs but not in Cloudflare IP list

bluespire · July 17, 2022, 5:05am

We have Apache setup to restore the real IPs using the article here:

https://support.cloudflare.com/hc/en-us/articles/200170786-Restoring-original-visitor-IPs

This has been working fine, and we rely on the list of Cloudflare IPs here:

We’re seeing a few Cloudflare IPs show up in our Apache logs because they are not in the Cloudflare IP list, so the module does not read from “CF-Connecting-IP”

Here’s one of the IPs in question:

104.28.217.42

The Cloudflare IP ranges are:

104.16.0.0/13
104.24.0.0/14

And the IP above does not fall into the above subnets.

Interestingly, the IP does fall under 104.16.0.0/12 which Cloudflare removed from its list on Apr 8 2021.

Anyone have any idea what this might mean? Is this IP still a Cloudflare IP?

user15513 · July 17, 2022, 6:56am

This could be an IP used for Cloudflare Warp.
Those are managed by Cloudflare, but not in the list because traffic is user-controlled and can’t be trusted like traffic from the CDN.

Edit: My current Warp-IP is 104.28.217.174. So your’s is definitely from the Warp address pool.

KianNH · July 17, 2022, 12:42pm

Like mentioned above - the public IPs list on IP Ranges is exclusively IPs that will be used for fetching your origin.

Anything else can be a number of other products, including WARP, which do not need to be allowed to talk to your origin directly.

system · August 1, 2022, 12:43pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Cloudflare ip ranges list up to date? DNS & Network	7	5320	October 29, 2022
How to view real visitors ip? DNS & Network	5	5541	March 3, 2021
Cloudflare IP Addresses DNS & Network	6	4961	April 30, 2020
Bots with Cloudflare IP addresses Security ExpertReply	8	4490	March 28, 2021
List of Cloudflare IPs is not up to date DNS & Network	4	2391	November 17, 2019

Cloudflare IP in Apache logs but not in Cloudflare IP list

Related topics