Also looks like you’re using WHM with nginx reverse proxy to Apache setup. So you may need to do an additional Nginx level configuration to pass on the real IP from the nginx reverse proxy to Apache for
real_ip_recursive on; see Module ngx_http_realip_module
as you have visitor > CF > nginx reverse proxy > apache setup
This directive appeared in versions 1.3.0 and 1.2.1.
If recursive search is disabled, the original client address that matches one of the trusted addresses is replaced by the last address sent in the request header field defined by the real_ip_header directive. If recursive search is enabled, the original client address that matches one of the trusted addresses is replaced by the last non-trusted address sent in the request header field.
though from NGINX with Reverse Proxy | cPanel & WHM Documentation it suggest Cpanel nginx reverse proxy takes care of Cloudflare config but whether it’s fully correct I don’t know
The NGINX installation will detect if a domain uses CloudFlare and configure the system to work properly.
The system saves the CloudFlare configuration to the following location:
If your secure connections don’t appear in the SSL log, you can change the SSL settings in CloudFlare.