Mod_cloudflare + CloudflareRemoteIPTrustedProxy +TOR


#1

Hi!
I have mod_cloudflare installed on my server. I have locked direct connections to my real ip in such way:

CloudFlareRemoteIPHeader X-Forwarded-For
CloudFlareRemoteIPTrustedProxy 127.0.0.1
DenyAllButCloudFlare

So my real ip is not available. And cloudflare’s domain - working.

Now I installed TOR for this website. Open TOR for 127.0.0.1, but it’s locked because of DenyAllButCloudFlare.

How to allow access for TOR to my website? Can you advice, please?


#2

First of all, at this point I’d recommend to rather use mod_remoteip. mod_cloudflare is not supported anymore the mod_remoteip is a standard package at this point.

What exactly did you mean by “installed Tor”? Your site should be still reachable via Tor as the Tor exit node should still resolve your Cloudflare IP address and subsequently connect via Cloudflare, just like any other regular client.

If, however, you mean something of the sort of onion routing I am afraid I wouldnt be familiar enough with it in detail, however I’d assume you’d need to remove that DenyAllButCloudflare directive as requests would probably arrive from other source addresses as well at this point, possibly even just from 127.0.0.1.


#3

wow! I didn’t know this. How do I restore original visitor IP now without mod_cloudflare? What is the best uptodate way?


#4

It is not like it does not work, that plugin simply is not supported anymore and I am not sure whether there will be any updates, and - as already mentioned - there is an official way now to achieve that with Apache.

Still does not solve your Tor issue though :slight_smile:. I’d generally not rely on a plugin to shut non-Cloudflare connections but would rather do it on a network level (e.g. iptables).


closed #5

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.