Mod_cloudflare and whitelisting CF IPs

Greetings Cloudflare Community,

I am trying to use htaccess to block all traffic except that routed through Cloudflare. I found instructions showing …
order deny,allow
deny from all
allow from
(and so on - allow from all CF IPs)
However, my server is configured to see the visitor’s IP, not the CF IP, so that my visitor analytics make sense. But, as a side effect, all visitors are blocked by my changes to htaccess.
Is there a way to both track visits by visitor IP and also allow only access to Cloudflare-routed traffic? I’ve googled my fingers blue and cannot find a solution. Thanks in advance for your knowledgeable and kind advice.

I used this in .htaccess:

RewriteEngine On 
RewriteCond %{HTTP:CF-IPCountry} ^$
RewriteRule ^ - [F,L]

Just make sure you have IP Geolocation enabled. This rule looks for the Cloudflare Country header. If it’s not there, then block the request. People bypassing Cloudflare won’t have this header.

1 Like

Thank you sdayman! I will give it a try.

1 Like

It works! You’re brilliant.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.