We have an internal webserver which we are using Cloudflare Access to protect. Cloudflare suggests to limit connections accepted by our webserver to Cloudflare IP’s only, and they have provided the IP list here: IP Ranges
However when i run a packet trace on the webserver to monitor my connection through Cloudflare access I am picking up IP addresses not included in the list.
I was wondering if there is a more up to date list of Cloudflare IP addresses?
That is all of the IP addresses Cloudflare uses for its network. The other requests not from CF IPs may not be protected by CF access if they’re able to bypass Cloudflare and connect to your origin directly.
You can also run a whois on the other IP addresses. Cloudflare’s ASN is 13335, other ASNs are likely rogue bots/attackers hitting your origin by connecting to the origin’s IP address instead of domain name.