Cloudflare reporting the wrong origin IP for site visitors

Hello,

I have moved 2 sites from one server to another server. Cloudflare was configured for both sites before and after the move. For certain origin IP addresses (my home IP included) Cloudflare is reporting the origin IP as the old server IP and not the correct origin IP.

Example: Old Server IP 12.34.56.29 and home IP 34.56.12.34. When I connect to the the site on the new server, the new server receives the old server’s IP 12.34.56.29 instead of my home IP 34.56.12.34 as the visitor IP.

I have verified that this is a Cloudflare issue by designating the sites’ new IP address in the host file >>70.41.52.13 domain.com. When I connect to the site on the new server, it shows the correct IP for the visitor (my home IP). When I connect back through Cloudfare, it is showing the old server’s IP for my connection.

I was able to clear this up on one of the sites by deleting the domain from my Cloudflare control panel and then adding it back after an hour. I have done this with the second site, however Cloudflare is still passing the old server IP address to the new site instead of the correct one (my home IP address).

Yes, I have flushed ALL cache everywhere (server, website plugin, Cloudflare, multiple browsers) probably several hundred times now.

I am also noticing this occurring with some visitors (not all, it appears to be random) having their IP come up as the old server IP for these two sites.

I do not have this issue when connecting to sites with domains that are new and never existed previously on the old server, it is only the two sites that existed on the previous server.

As a note, I still have some sites on the old server that are being handled through the same Cloudflare account as the new server.

So,

  1. Is there a way to force a DNS flush for my domains on Cloudflare without deleting the account and waiting 7 to 10 days for Cloudflare to drop the account settings?

  2. Should I create one account per server instead of having the single account with domains connecting to two different servers?

Thanks in advance,

Bill… … .

Are we talking about unproxied records?

What’s the domain?

1 Like

Hi @sandro,

The proxied records are passing the wrong IP.

The site is: https://railroadpedia.com

I just checked and the problem is still occurring.

Bill… … .

That domain has proxied records. Based on what do you believe the proxies proxy to the wrong origin?

Also, which nameservers are listed in your Cloudflare account?

1 Like

@sandro

Nameservers are: alexis.ns.cloudflare.com roxy.ns.cloudflare.com

I have multiple indications, here is one from the site log showing that I made a comment. That is not my IP.

bill commented on post "1.2.3 Equipment Inspection" - comment status: pending approval

5 mins ago

Description
bill commented on post “1.2.3 Equipment Inspection” - comment status: pending approval

Context
post
Type
comment
Ip Address
199.58.xx.xx
User
Guest
Date / Time
December 30, 2020 9:58 pm

The nameservers are correct then.

Your IP? Not sure what you mean by that. Your server will save the client address, not the server address.

I presume the two origins end in .44 and .138, right? Which one is the new one?

Double check that you saved the correct IP address in Cloudflare, but once that is done the proxies should proxy to the new address within a couple of seconds.

1 Like

@sandro

All of the IPs are example IP addresses an not the actual IP addresses involved. I would not mind at all sharing actual IP addresses with you on a 1 on 1 private basis rather than putting the actual IP addresses out in public view.

When I say my IP, that is the IP for my internet connection at home.

When I connect to the new server from the house, the origin IP that is being passed to the new server by the Cloudflare Proxy is the IP address of the old server the site used to reside on and not my home IP address.

I do not use any IP addresses in the Cloudflare DNS setting other than in an spf record and that IP is the new server IP.

Bill… … .

One thing that is not entirely clear to me is what the issue actually is.

Are you saying Cloudflare proxies to the wrong address or that your server gets the wrong client address? In case of the latter, you might have some wrong server configuration and use a static value instead of what is provided by Cloudflare.

Have you configured your web server to restore the correct client IP address? Without installing and configuring something like mod_remoteip you will not see the correct end user addresses.

You don’t need to share it. I presume what I mentioned before will be the two addresses, so you’d just need to confirm which one is the new one.

Plus, explain the actual issue, because it would seem it is not about the resolved address but what ends up on your server and that would be a whole different issue.

1 Like

@sandro @michael

Server is configured properly. It receives the client origin IP that Cloudflare is sending.

Cloudflare is sending the correct origin IP to the server for some clients and not for others. That is the problem.

Cloudflare sends the new server the IP address of the old server as the client origin IP for my connection from home for railroadpedia.com only. It passes my correct client IP of my connection from home to the other four sites on the new server.

This is a WordPress multi-site installation with 3 domains (sites) never on the old server and 2 domains that were previously on the old server. I had the same issue on stbernadettekofc.org (site was on old server) until I deleted it from my Cloudflare control panel, waited an hour, and then added it back to Cloudflare. I am now receiving the correct client IP when I connect from home.

Bill… … .

Cloudflare is not sending an origin IP address. What it sends is the client address and that should never contain your server address.

Again, what is the issue? Are you saying Cloudflare proxies to the wrong server or are you saying you receive the wrong address?

Plus, for the third time :wink:, can you confirm the mentioned IP addresses?

1 Like

@sandro @michael

I deleted railroadpedia.com from my Cloudflare control panel, waited an hour, then added it back.

The issue did not correct itself with this site like it did with stbernadettekofc.org.

Bill… … .

What I said above.

1 Like

@sandro

When I say origin IP, I mean client origin IP, ie. my internet IPV4 IP address of the internet broadband router at my house.

The IPV4 IP address of the internet broadband router at my house (client origin IP) is not the client origin IP address Cloudflare is providing to the server that railroadpedia.com is on when I access railroadpedia.com. It is providing a client origin IP that is the IP address of the old server the railroadpedia.com site was on.

When I access any of the other 4 sites on that server, Cloudfare provides the correct client origin IP which is the IPV4 IP address of the internet broadband router at my house.

If you want actual IP addresses I will send them to you privately.

IP#1 = Home IP
IP#2 = Old Server IP

When I access railroadpedia.com:
Me at home accessing internet from IP#1 ==> Cloudflare ==> (Cloudflare passes IP#2 as client origin IP) ==> railroadpedia.com (on new server)

When I access any of the other 4 sites on the same server:
Me at home accessing internet from IP#1 ==> Cloudflare ==> (Cloudflare passes IP#1 as client origin IP) ==> any of the 4 other sittes (on new server)

Bill… … .

That is not the origin IP address and that was relatively misleading.

I did not say that, please re-read what I wrote.

Cloudflare only passes the actual client address, nothing else. Either your server configuration is broken or you have some sort of proxy on your old server and you connect via that.

1 Like

@sandro

Server configuration is not broken, it shows the correct IP when the correct IP is provided to it from Cloudflare as seen when accessing the 4 other sites currently on the server.

I am not connecting through any proxy on the old server. Below is the trace route report from my home to Cloudflare and none of these IP addresses are my old server’s IP address.

In this case Cloudflare is passing the wrong client address to railroadpedia.com for some clients and not others.

C:\Windows\system32>tracert railroadpedia.com

Tracing route to railroadpedia.com [104.27.130.95]
over a maximum of 30 hops:

1 <1 ms <1 ms <1 ms 10.40.0.1 Gateway IP Address at Home
2 12 ms 11 ms 9 ms 96.120.104.29 Comcast Cable
3 18 ms 9 ms 9 ms 69.139.214.49 Comcast Cable
4 14 ms 16 ms 9 ms 96.110.92.201 Comcast Cable
5 34 ms 24 ms 15 ms 96.110.92.185 Comcast Cable
6 15 ms 18 ms 14 ms 68.85.133.137 Comcast Cable
7 17 ms 18 ms 20 ms be-31441-cs04.ashburn.va.ibone.comcast.net [96.110.40.29]
8 21 ms 17 ms 18 ms be-2404-pe04.ashburn.va.ibone.comcast.net [96.110.37.142]
9 17 ms 21 ms 17 ms as2906-c-3.sanjose.ibone.comcast.net [173.167.57.102]
10 21 ms 15 ms 20 ms 104.27.130.95 CLOUDFLARE

Trace complete.

Bill… … .

Again, Cloudflare does not pass random addresses but only the client address. I am afraid I can’t say more than what I already said and it will be either your server configuration or your browser configuration.

You can certainly also open a support ticket but I somewhat doubt support will be able to help either, but you can certainly try.

1 Like

@sandro

Remember, there is a first time for everything. I understand exactly what Cloudflare is supposed to do and most times it does it well. This is far from my first rodeo and I know how everyone points the finger at someone else and never themselves.

As with you, my early assumption was that there never, ever, would be any type of technical glitch at Cloudflare. That would just never happen, it just has to be something wrong somewhere else.

I have eliminated all the possibilities I could think of as to a cause outside of Cloudflare. And after using 4 different cell phones, 2 different laptops, and a desktop computer and many hours of testing I am confident in this case, Cloudflare is passing the wrong IP anytime I use a device connecting through my IP address at the house as well as several other IP addresses out there.

Bill… … .

Why would I point the finger at myself?

Cloudflare’s approach here is relatively straightforward and if they had an issue there’d be most likely more postings than just yours. So it is highly unlikely that the issue is on Cloudflare’s side.

I have asked several times for information but you chose not to provide it, which is certainly your right but that also makes it impossible to debug anything. So your only option will be to contact support if you can’t fix it yourself.

Once more, in my opinion there is either an issue with your server configuration or with your browser configuration, that will be the most likely explanation.

1 Like