Firewall IP issue?

Hi,

As it looks, the firewall filters all IP numbers, and only a Cloudflare IPv6 IP number is communicates to the web site.
It becomes a problem because the local SPAM-filter (on the web site) cannot see the correct IP address.
If 10 different spammers connect, they all have the same Cloudflare IPv6 IP address in the log.
This means that the local SPAM-filter can’t monitor and act correctly.

Is there any setting to change this, without shutting down the Cloadflare Firewall?

This is not a firewall “issue”, it’s about how Cloudflare works. You need to restore your visitor addresses:

Since Cloudflare acts as a reverse proxy, when it’s configured as expected, all connections to your origin webserver come from Cloudflare’s IP addresses, and that may or may not be a problem for you:

  • If your web application is using the originating IP of the visitor as part of its logic, it will now use a Cloudflare IP address
  • If you use the content of your access logs, they now contain a Cloudflare IP address as the $remote_addr

Depending on your setup, you can restore the visitor IPs in a number of ways. You can find a complete list here, or below are a few of the most popular:

2 Likes

Thanks for a good answer.
I probably expressed myself a little wrong, it’s a issue for the local SPAM-filter, not a issue with the Cloudflare Firewall.

Is it possible to see a complete visitor log in the Cloudflare Firewall?
I only see a log of “doubtful” visitors, where action has been taken.
The problem is that Cloudflare Firewall lets some spammers and hackers through, which is noted in the local log, but now only with a Cloudflare IP address.

I will read the information you linked to regarding the restoration of IP addresses.

Thanks