Cloudflare's IP address missing at my server's end


#1

Hi all,

I have Cloudflare setup as a proxy for my site. On my site I put the following php code:

echo _SERVER['HTTP_CLIENT_IP']; echo _SERVER[‘HTTP_X_FORWARDED_FOR’];

For the first echo I get empty string (which is very strange)!!!
For the second I get my original client’s address (it’s ok, having in minde the proxy is on).

The question: Why I don’t see the Cloudflare’s address in the first echo?

Big picture is that I want to filter the trafic and allow only the trafic comming from the Cloudflare (maybe even in htaccess), but I can’t distinguish which one is direct, and which one i Cloudflare based on the my experiment.

Any clue?

Thanks in advance.


#2

Any ideas? What should I test and try?


#3

I can’t explain your PHP problem but will say the best way to only allow traffic from Cloudflare would probably be to simply block all access to your site except from the documented Cloudflare IPs:

I do it with a firewall but I don’t see why you couldn’t do it within an .htaccess file using Order deny, allow; allow from a.b.c.d/e.


#4

Hi Saul,

Thanks for the replay. This is exactly what I was doing:

Firstly, I created .htaccess with allows, denys as it should be with Cloudflare’s IP range. This was working fine for me for a couple of months. However, my site suddanly started showing “Forbidden” to all (several weeks ago). I just removed the htaccess (previously working) and the site started working again. Then, I tried to troubleshot the problem, and I wrote above php. From it I learned that Cloudflare is not sending its IP to me anymore! My apache log doesn’t show cloudflare’s IPs any more, too. DNS is, however, set with cloudflare as a proxy as it was before. Take a look, ping www.kozmetickisalonnis.co.rs. You’ll see Cloudflare’s address. But, when you access my site, in my apache log I will see your true IP address, not Cloudfleres.

Take a look at the php I wrote: http://www.kozmetickisalonnis.co.rs/ip.php
This just proves that I am saying…

I am so confused about this…


#5

No one?
Is this the right category for this question?


#6

The IPs should still appear in your logs, Cloudflare is still the one accessing it, you might need to check the actual connection’s remote IP and not the headers.

I don’t know PHP and I’m not fluent in .htaccess enough for the other problem, but try dumping all request info and headers and then check where the actual IP of Cloudflare is…


#7

Thank for the replay.
I wrote a php that shows all parameters that I can get from the connection. Hoever, I was not able to find Cloudflare’s IP in the list. I see client’s real IP and a lot of other stuff, but no Cloudflare’s IP.

Now I’m thinking that mod_remoteip (which is on) somehow mess the things up. Unfortunately, I don’t have access to htttp.conf, only .htaccess. Ghhh… :face_with_raised_eyebrow:


#8

This topic was automatically closed after 14 days. New replies are no longer allowed.