Force all API traffic through Cloudflare with Heroku and Java Spring


I am trying to force all calls to my API to go through Cloudflare. I have created an origin certificate and installed it on my Heroku app, and I have changed my SSL\TLS mode to Full (strict). Now I want to force all traffic through Cloudflare, instead of using the domain, but I am unsure how to do that with Java/Spring.


This article:, is what I followed. It has an example of how to force traffic through Cloudflare using Ruby/Rails, but I don’t know how that translates to Java/Spring.

Looking at the example code they provided. All they are doing it checking if the hostname of the request contains Heroku and if they IP they are connecting from is from Cloudflare. I don’t know java/spring, but all you need to do is filter the incoming requests on that criteria.

Should I block by using the server name? Could I block by IP, does the Cloudflare IP change?

You can block on IP, as requests from Cloudflare come from Cloudflare’s IP Ranges.

Ok, I have noticed that the IP addresses on requests from my and are different. They are both 172.70.XXX.YY and 172.70.XXX.ZZZ. Neither IP address seems to be part of the IP ranges you provided (close to What exactly is going on here? I am making these requests through Postman, and then logging the values of the remote host and remote address, which is giving me those IP values.

This is within goes from to

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.