High traffic from proxy - How to block the real IP?

I have this problem:

  • I use GTranslate.io to automatically translate my website
  • GTranslate occasionally scan my website to catch new content
  • GTranslate acts as a reverse proxy, so all the requests to my translated pages are forwarded to my original website.
  • Some malicious users they use their servers to send thousands of requests per minute.
  • These requests all come from the IPs of Gtranslate but the http.x_forwarded_for is not visible in the log so I cannot create a specific firewall rule

So the question is:
is it possible tho show in log the IP included in http.x_forwarded_for ?

If GTranslate is hiding user IP addresses, Cloudflare can’t restore them.

Gtranslate include in their request X-Real-IP, X-GT-ClientIP, HTTP-X-Forwarded-For in headers but Cloudflare does not show in log so I cannot intercept the malicious user. That’s the problem!

You can certainly try Logflare for detailed logs. But I’m not sure how you’d apply that to a Firewall Rule if all requests come through the IPs of GTranslate. I do see an “X-Forwarded-For” option and that might work.

LogFlare is not a free solution :frowning: I look for a quick an free solution…

How is it not free?

This topic was automatically closed after 30 days. New replies are no longer allowed.