I host multiple websites on my servers, and all my websites have an IP Security feature, meaning my server needs to know the actual IP of the visitors and NOT the CloudFlare IP. (This is to prevent user sessions from getting taken over by other users/IPs.)
Currently our fix is to put the following line of text in our Apache Virtual Hosts Config file:
However, the folks at CloudFlare said we MAY need to do more, and directed me to this page:
Can anyone shed light on what I should be doing in addition (or in place of) our current fix? The instructions on this page are confusing.