Combine ip address on web access log

Greetings,

Thank you for asking.

Are you using Apache web server?

It might depend on the web server configuration as far as you can combine the output to the log files as you want :thinking:

For example, you could have your web server configured to log the client IP and some other headers like X-Forwarded-For, which would result seeing a “combined IP” separated by the comma , string or some other kind of type.

Are these maybe the crawlers or bots? Did you analyze your web traffic?
Are the naked domain and www DNS records proxied? (:orange: cloud)
Bypassing, does this mean like comming directly to your server IP address?

How about starting with the below:

Useful Tutorials for Firewall here:

Nevertheless, depending on the attack type and using Cloudflare security options like Firewall Rules, etc., consider blocking some of the known “bad user-agents”, “crawlers” or “bad ASNs” using below posts:

Make sure to protect your admin / login page, if you have one. We can use Cloudflare Access / Zero Trust (Teams):

Last but not the least, kindly see more by reading Cloudflare articles which contain a lot of helpful information for better understanding and usage as well in terms of Security and Protection:

1 Like